Non-invasive contextual and rule driven injection proxy

US 9,548,985 B2
Filed: 09/09/2008
Issued: 01/17/2017
Est. Priority Date: 09/20/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing, by one or more computer systems hosting a reverse proxy, in a database, an injection rule for a web application, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;

receiving, at the one or more computer systems hosting a reverse proxy, a request for the web application identified by a uniform resource locator;

in response to receiving the request for the web application, querying, by the one or more computer systems hosting the reverse proxy, the database to obtain the injection rule;

receiving, by the one or more computer systems hosting the reverse proxy, the web application code from an application server in communication with the reverse proxy using the uniform resource locator;

receiving, at the one or more computer systems hosting the reverse proxy, the injection code; and

generating, with one or more processors associated with the one or more computer systems hosting the reverse proxy, a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User requests for a web application can be received at a reverse proxy. Web application code for a first application can be obtained. Data can be checked at the reverse proxy to determine whether to insert an element into the first application. If there is a match, a combined web application can be produced, including the first web application and the element.

16 Citations

20 Claims

1. A method comprising:
- storing, by one or more computer systems hosting a reverse proxy, in a database, an injection rule for a web application, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;
  
  receiving, at the one or more computer systems hosting a reverse proxy, a request for the web application identified by a uniform resource locator;
  
  in response to receiving the request for the web application, querying, by the one or more computer systems hosting the reverse proxy, the database to obtain the injection rule;
  
  receiving, by the one or more computer systems hosting the reverse proxy, the web application code from an application server in communication with the reverse proxy using the uniform resource locator;
  
  receiving, at the one or more computer systems hosting the reverse proxy, the injection code; and
  
  generating, with one or more processors associated with the one or more computer systems hosting the reverse proxy, a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the injection code comprises a pagelet application.
  - 3. The method of claim 1, wherein the injection code comprises static HTML.
  - 4. The method of claim 1, wherein the infection code comprises a second web application.
  - 5. The method of claim 1, wherein the location in the web application code in which to insert the application injection code comprises a DOM-TREE reference.
  - 6. The method of claim 1, wherein generating the response to the request further includes applying one or more user preferences to determine whether to insert the injection code into the web application code.
  - 7. The method of claim 1, further comprising searching for the location in the web application code using a pattern matching indication or a document object model indication.

8. A reverse proxy system comprising:
- a processor; and
  
  a memory in communication with the processor, the memory storing a set of instructions, which when executed by the processor cause the processor to;
  
  store an injection rule for a web application in a database, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;
  
  receive a request for the web application identified by a uniform resource locator;
  
  in response to receiving the request for the web application, querying the database to obtain the injection rule;
  
  receive the web application code from an application server in communication with the reverse proxy system using the uniform resource locator;
  
  receive the injection code; and
  
  generate a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule.
- View Dependent Claims (9, 10, 11)
- - 9. The reverse proxy system of claim 8, wherein the injection code comprises a pagelet application.
  - 10. The reverse proxy system of claim 8, wherein the infection code comprises static HTML.
  - 11. The reverse proxy system of claim 8, wherein the injection code comprises a second web application.

12. A system comprising:
- a processor; and
  
  a memory in communication with the processor, the memory a set of instructions, which when executed by the processor cause the processor to;
  
  store an injection rule for a web application in a database, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;
  
  receive a request for the web application identified by a uniform resource locator;
  
  in response to receiving the request for the web application, querying the database to obtain the injection rule;
  
  receive the web application code from an application server in communication with a reverse proxy using the uniform resource locator;
  
  receive the injection rule code; and
  
  generate a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule;
  
  wherein a DOM-TREE is used to determine where to insert the infection code.
- View Dependent Claims (13, 14, 15)
- - 13. The system of claim 12, wherein the injection code comprises a pagelet application.
  - 14. The system of claim 12, wherein the infection code comprises static HTML.
  - 15. The system of claim 12, wherein the infection code comprises a second web application.

16. A non-transitory machine-readable medium for a reverse proxy computer system, the non-transitory machine-readable medium having stored thereon a series of instructions executable by a processor, the series of instructions comprising:
- instructions that cause the processor to store an injection rule for a web application in a database, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;
  
  instructions that cause the processor to receive a request for the web application identified by a uniform resource locator;
  
  instructions that cause the processor to, in response to receiving the request for the web application, query the database to obtain the injection rule;
  
  instructions that cause the processor to receive the web application code from an application server in communication with the reverse proxy computer system using the uniform resource locator;
  
  instructions that cause the processor to receive the injection code; and
  
  instructions that cause the processor to generate a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule;
  
  wherein a DOM-TREE is used to determine where to insert the injection code.
- View Dependent Claims (17, 18, 19)
- - 17. The non-transitory machine-readable medium of claim 16, wherein the injection code comprises a pagelet application.
  - 18. The non-transitory machine-readable medium of claim 16, wherein the injection code comprises static HTML.
  - 19. The non-transitory machine-readable medium of claim 16, wherein the infection code comprises a second web application.

20. A non-transitory machine-readable medium for a reverse proxy computer system, the non-transitory machine-readable medium having stored thereon a series of instructions executable by a processor, the series of instructions comprising:
- instructions that cause the processor to store an injection rule for a web application in a database, wherein the injection rule identifies injection code and an injection location to insert the injection code in web application code of the web application, wherein the injection rule and the injection code are not generated by processing the web application code;
  
  instructions that cause the processor to receive a request for the web application identified by a uniform resource locator;
  
  instructions that cause the processor to, in response to receiving the request for the web application, query the database to obtain the injection rule;
  
  instructions that cause the processor to receive the web application code from an application server in communication with the reverse proxy computer system using the uniform resource locator;
  
  instructions that cause the processor to receive the injection code; and
  
  instructions that cause the processor to generate a response to the request for the web application by creating response web application code by combining the web application code with the injection code injected into the web application code at the location specified by the injection rule.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Amend, Michael Ryan, Meyer, David P., Stanko, Joseph A., Pandrangi, Phani, McDermott, Adrian Peter, Hayler, Don L., Quigley, Thomas Doyle, Lin, Stanley Hsinheng
Primary Examiner(s)
Zhen, Wei
Assistant Examiner(s)
HUDA, MOHAMMED NURUL

Application Number

US12/207,341
Publication Number

US 20090083726A1
Time in Patent Office

3,052 Days
Field of Search

717/168, 717/171
US Class Current

1/1
CPC Class Codes

H04L 63/105   Multiple levels of security

H04L 67/02   based on web technology, e....

H04L 67/567   Integrating service provisi...

Non-invasive contextual and rule driven injection proxy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Non-invasive contextual and rule driven injection proxy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links