JP2010102625A - Method and device for rewriting uniform resource locator - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To avoid restrictions by the same-origin policy of a Web browser without a user being aware of a relay server in application server cooperation. <P>SOLUTION: A Proxy Server 102 records, when receiving a request from a client terminal 101 to an application server 111, domain information in a URL of application server 111 predetermined by the request and transmits the request to the application server 111. When receiving a response from the application server 111, the Proxy Server 102 changes the domain information in the URL of the application server 112 included in the response into the recorded domain information to rewrite the URL of the application server 112 into a dummy URL, and transmits the response including the dummy URL to the client terminal unit 101. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a method and apparatus for rewriting uniform resource locator (URL) information included in information acquired from an application server apparatus (application server).

  A response screen of a Web application server device (Web application server) in response to a request from a client terminal may include a cooperation script that requires a service request to another Web application server. For example, in a store search service, a Web browser receives a search result screen from a first application server, a linkage script included in the screen is executed, and a service request is issued to a second application server that provides a map information service. This is the case.

  Further, as shown in FIG. 17, in the form input process of the application server 21 in the client terminal 11, it may be desired to use the data of the application server 22. In this case, the cooperation script 23 included in the form input screen is executed, and the data of the application server 22 is automatically input to the form.

  In such a case, if the URL domains of the two application servers are different, a service request to another application server is limited by the same-origin policy of the Web browser. The same-origin policy is an idea that information transmitted from the same site as the Web site that the user intends to browse can be trusted. By restricting access based on this concept, it is possible to control that the script of the site B is executed in principle if the site A is viewed.

  In the example of FIG. 17, the URLs of the pages of the application servers 21 and 22 are “http://app1.com/app1.html” and “http://app2.com/app2.html”, respectively. In this case, since the domain of the application server is different, a request cannot be issued from the Web browser to the application server 22. In this way, the same-origin policy gives more restrictions than necessary to the cooperation processing between application servers, so there are cases where it is desired to avoid these restrictions.

  In order to solve this problem, as shown in FIG. 18, a relay server device (relay server) 31 is provided between the client terminal 11 and the application servers 21 and 22, and requests via the relay server 31 are sent to the client terminal 11. The method of letting you specify can be considered.

  In this method, when a user accesses the application server 21, for example, a URL “http://company.com?path=app1.com/app1.html” is input to the address bar instead of the original URL. . When accessing the application server 22, instead of the original URL, for example, the URL “http://company.com?path=app2.com/app2.html” is input to the address bar.

When this method is used, it appears as if only the relay server 31 is accessed from the Web browser, and the same-origin policy can be satisfied.
A method is also known in which a relay server rewrites a URL contained in a HyperText Markup Language (HTML) file received from an application server with the URL of the relay server (see, for example, Patent Document 1).
JP-A-2006-018795

However, the above-described conventional application server cooperation processing has the following problems.
In the method illustrated in FIG. 18, the user of the client terminal 11 needs to specify a URL for accessing the application servers 21 and 22 via the relay server 31 instead of the original application servers 21 and 22. Therefore, it is necessary for the user to specify the URL while paying attention to the relay server for each request, which is not practical.

  An object of the present invention is to realize an application server cooperation process that avoids the restriction by the same-origin policy of the Web browser without making the user aware of the relay server.

  The uniform resource locator rewriting method by the server apparatus includes a request receiving step, a recording step, a request transmitting step, a response receiving step, a rewriting step, and a response transmitting step.

  The request receiving step receives a request for the first application server device from the client terminal. The recording step records the first domain information in the uniform resource locator information of the first application server device specified by the request. The request transmission step transmits a request to the first application server device.

  The response receiving step receives a response to the request from the first application server device. In the rewriting step, the second domain information in the uniform resource locator information of the second application server device included in the response is changed to the first domain information, thereby the uniform resource locator of the second application server device. Rewrite the information to dummy uniform resource locator information. The response transmission step transmits a response including dummy uniform resource locator information to the client terminal.

  According to such a uniform resource locator rewriting method, the domain information of the second application server device included in the response from the first application server device is changed to the domain information of the first application server device. Therefore, the client terminal that has received the response can issue a request to the second application server device while satisfying the same-origin policy of the Web browser based on the rewritten uniform resource locator information.

The uniform resource locator rewriting method may further include the following request reception step, restoration step, and post-restoration request transmission step.
The request receiving step receives a request for specifying dummy uniform resource locator information from the client terminal. The restoring step restores the uniform resource locator information of the second application server device from the dummy uniform resource locator information. The post-restoration request transmission step transmits a request designating the restored uniform resource locator information to the second application server device.

  The user does not need to specify a special URL that is conscious of the relay server, and only a dummy URL can be seen from the client terminal. Therefore, it is possible to avoid the restriction due to the same-origin policy of the Web browser.

Hereinafter, the best embodiment will be described in detail with reference to the drawings.
FIG. 1 shows an example of inter-application server cooperation processing of the embodiment. In this example, URL rewriting is performed using an existing proxy server device (proxy server) 102 provided between the client terminal 101 and the application servers 111 and 112. Practicality is improved by using an existing proxy server.

  When a request for the application server 111 is transmitted from the Web browser on the client terminal 101, the proxy server 102 transfers the request to the application server 111. Then, a response to the request is transmitted from the application server 111 to the proxy server 102. The proxy server 102 rewrites the HTML file included in the response and the URL in the linkage script 113 and transfers the URL to the client terminal 101.

The linkage script 113 describes, for example, the following processing for acquiring a page of the application server 112.

var req = new XMLHttpRequest ();
req.open ("GET", "http://app2.com/app2.html", false);
req.send (null);

In this case, the proxy server 102 changes req.open ("GET", "http://app2.com/app2.html", false); of the cooperation script 113 to req.open ("GET", "http: / Rewrite to /app1.com?path=app2.com/app2.html ", false); and transfer to the client terminal 101.

  Thereafter, a request “GET http://app1.com?path=app2.com/app2.html” described in the linkage script 113 is transmitted from the Web browser. At this time, the proxy server 102 restores http://app2.com/app2.html from GET http://app1.com?path=app2.com/app2.html, and specifies the restored URL. Transfer http://app2.com/app2.html to the application server 112.

  According to such a URL rewriting method, the request from the proxy server 102 is transmitted to the cooperation destination application server 112, but the request is transmitted from the Web browser to the cooperation request source application server 111. Looks like you are doing. As a result, the Web browser can use the data of the cooperation destination application server 112 from the cooperation script 113 by avoiding restrictions by the same-origin policy as necessary.

  FIG. 2 shows a configuration example of the proxy server 102 of FIG. The proxy server 102 includes a request reception unit 221, a URL restoration unit 222, a safe site determination unit 223, a safe URL database (DB) 224, a safe URL registration unit 225, a Web client unit 226, a URL history DB 227, a response return unit 228, A URL recording unit 229 and a URL rewriting unit 230 are provided.

FIG. 3 shows an example of cooperation processing by the proxy server 102 at the first access. The procedure for the first access is as follows.
(1) The user of the client terminal 101 sets the use of the proxy server 102 in the Web browser 211 as shown in FIG. 4, and transmits a request for the Web page 231 of the application server 111 as shown in FIG. To do. As a result, the Web browser 211 transmits GET http://app1.com/a.html to the proxy server 102. The request reception unit 221 of the proxy server 102 receives the request and transfers it to the URL restoration unit 222.

  In addition, the request reception unit 221 records the received request in a storage unit such as a memory. Instead of recording the request, the URL of the application server 111 specified by the request may be recorded, or the domain information in the URL may be recorded. The recorded information is referred to by the URL rewriting unit 230 in the subsequent processing.

(2) The URL restoration unit 222 checks the URL specified by the request, and transfers the request to the Web client unit 226.

(3) The Web client unit 226 transmits a request to the application server 111, receives a response including the resource, and transfers the response to the URL rewriting unit 230. In this example, the HTML file of the web page 231 and the linkage script 113 are included in the response as resources.

(4) The URL rewriting unit 230 extracts the URL included in the response, changes the domain information to the domain information of the application server 111 to which the resource belongs, and rewrites the extracted URL into a dummy URL.
At this time, the URL in the source code describing the request transmission processing to a server other than the cooperation request source application server 111 and the URLs of other domains described in the src attribute of the iframe in the HTML file are extracted as rewrite targets. Is done. Then, the domain information of the URL is changed to the domain information of the application server 111 recorded in the above (1), and the address after the original domain information is added as a query following the changed domain information.
In the above example, http://app2.com/app2.html is extracted as the URL of the Web page 232 of the application server 112 described in the cooperation script 113, and http://app1.com?path=app2. Rewritten to com / app2.html. “? Path = app2.com / app2.html” corresponds to the query.
The URL rewriting unit 230 transfers the URL extracted from the response and the response including the dummy URL to the URL recording unit 229.

(5) The URL recording unit 229 records in the URL history DB 227 a set of app1.com that is the domain information of the application server 111 and the domain information of the URL extracted from the response. Then, the response including the dummy URL is transferred to the response return unit 228. In the example described above, a set of app1.com and app2.com is recorded in the URL history DB 227.
(6) The response return unit 228 transmits a response to the web browser 211.
(7) The web browser 211 executes the rewritten cooperation script included in the response.

FIG. 6 shows an example of cooperation processing by the proxy server 102 when executing the cooperation script. The procedure for executing the linkage script is as follows.
(1) The Web browser 211 performs a request transmission process for the Web page 232 of the application server 112 described in the rewritten cooperation script.

(2) The Web browser 211 transmits GET http://app1.com?path=app2.com/app2.html to the proxy server 102 as a request for the Web page 232. The request reception unit 221 of the proxy server 102 receives the request and transfers it to the URL restoration unit 222.

(3) The URL restoration unit 222 checks the URL specified by the request, and restores the URL of the Web page 232 from the dummy URL. Then, the request and the restored URL are transferred to the safe site determination unit 223.

(4) The safe site determination unit 223 determines whether a request may be transmitted for the restored URL. First, it is checked whether or not a combination of the domain information of the URL specified by the request and the domain information of the restored URL is recorded in the URL history DB 227.
If such a set of domain information is recorded, it is further determined by referring to the safe URL DB 224 whether or not the restored URL is safe. The operator 201 of the proxy server 102 registers the URLs of one or more sites determined to be reliable by the application creator of the Web page 231 in the safe URL DB 224 via the safe URL registration unit 225 in advance. If the restored URL matches any URL registered in the safe URL DB 224, the safe site determination unit 223 determines that the URL is safe, and sends a request for designating the restored URL to the Web client unit 226. Forward.

(5) The Web client unit 226 transmits a request to the application server 112, receives a response, and transfers the response to the URL rewriting unit 230. In this example, the HTML file of the Web page 232 is included in the response.
(6) The URL rewriting unit 230 extracts the URL included in the response, and rewrites the extracted URL into a dummy URL as in the first access. Then, the URL extracted from the response and the response including the dummy URL are transferred to the URL recording unit 229.

(7) The URL recording unit 229 records in the URL history DB 227 the correspondence relationship between app1.com, which is the domain information of the application server 111, and the domain information of the URL extracted from the response. Then, the response including the dummy URL is transferred to the response return unit 228.
(8) The response return unit 228 transmits a response to the web browser 211.
(9) The Web browser 211 performs data processing described in the cooperation script 113 using the data of the HTML file included in the response.

  FIG. 7 is a flowchart of cooperation processing by the proxy server 102 of FIG. First, the request reception unit 221 receives a request and records information on the request (step 701). Next, the URL restoration unit 222 extracts the URL from the request (step 702), and checks whether or not a predetermined character string is included in the URL (step 703). In the example described above, “? Path =” included in http://app1.com?path=app2.com/app2.html corresponds to a predetermined character string.

  If the URL does not contain a predetermined character string, the URL restoring unit 222 transfers the request to the Web client unit 226. Then, the Web client unit 226 transmits a request to the application server 111 (Step 709) and receives a response (Step 710).

  Next, the URL rewriting unit 230 extracts the URL from the response (step 711), and rewrites the dummy URL using the information recorded in step 701 (step 712). The URL recording unit 229 records in the URL history DB 227 a set of domain information of the application server 111 and domain information of the URL extracted from the response. Then, the response return unit 228 transmits the response to the web browser 211.

If a predetermined character string is included in the URL in step 703, the URL restoring unit 222
Determines that the URL is a dummy URL. Then, the URL of the Web page 232 is restored from the dummy URL, and the request and the restored URL are transferred to the safe site determination unit 223 (step 704).

  Next, the safe site determination unit 223 refers to the URL history DB 227 (step 705) and checks whether or not a set of the domain information of the URL specified by the request and the domain information of the restored URL is registered. (Step 706).

  If such a set of domain information is registered, next, the secure URL DB 224 is referred to (step 707), and it is determined whether or not the restored URL is safe (step 708). If the restored URL is safe, a request designating the restored URL is transferred to the Web client unit 226. Thereafter, the processing after step 709 is performed.

  If the set of domain information is not registered in step 706, or if the URL restored in step 708 is not safe, the safe site determination unit 223 ends the process as it is. Therefore, a request specifying the restored URL is not transmitted.

  According to such cooperation processing, since the request is not transmitted unless the restored URL remains in the URL history, unauthorized access due to a forgery request is prevented. In addition, since the restriction by the same-origin policy is avoided only for a specific URL that is determined to be reliable by the application creator or the like, access to an untrusted site is prevented.

  Note that a list of URLs created by the same application creator may be registered in the safe URL DB 224 instead of the URL of a reliable site. In this case, if the restored URL and the URL of the Web page 231 are recorded in the same list, the safe site determination unit 223 determines that the restored URL is safe.

  In the configuration of FIG. 2, the original domain information is included in the dummy URL after rewriting, but it is also possible to rewrite it to a URL that does not include the original domain information. FIG. 8 shows a configuration example of such a proxy server 102. This proxy server 102 has a configuration in which a URL conversion DB 801 is added to the configuration of FIG. As shown in FIG. 9, a set of an identifier (ID), domain information before rewriting, and domain information after rewriting is registered in the URL conversion DB 801.

The cooperation processing by the proxy server 102 in FIG. 8 is basically the same as that in FIG. However, the URL rewriting process and the URL restoring process are changed as follows.
FIG. 10 is a flowchart of URL rewriting processing by the proxy server 102 of FIG. When receiving the response from the Web client unit 226 (Step 1001), the URL rewriting unit 230 extracts the URL from the response (Step 1002). At this time, for example, the URL in the source code describing the request transmission processing to the server and the URL described in the src attribute of the iframe in the HTML file are extracted.

  Next, it is checked whether or not the domain information of the extracted URL matches the recorded domain information of the cooperation request source application server 111 (step 1003). If the domain information matches, a response is sent. Transfer to the URL recording unit 229.

  On the other hand, if the two pieces of domain information do not match, a unique ID is issued (step 1004), and the extracted URL is rewritten to a dummy URL (step 1005). In this case, the domain information of the extracted URL is changed to the domain information of the application server 111, and a query is added following the changed URL. For example, _id_ is set as the key of this query, and the issued ID is set as the value of the key.

  In the example described above, the extracted URL http://app2.com/app2.html is rewritten to http://app1.com/app2.html?_id_=id0001. “? _Id_ = id0001” corresponds to the query, and “id0001” corresponds to the issued ID.

  Next, the URL rewriting unit 230 registers the domain information before and after rewriting in the URL conversion DB 801 in association with the issued ID (step 1006), and extracts the extracted URL and the response including the dummy URL. Is transferred to the URL recording unit 229.

  FIG. 11 is a flowchart of URL restoration processing by the proxy server 102 of FIG. When receiving the request from the request receiving unit 221 (step 1101), the URL restoring unit 222 checks whether or not _id_ is included in the query of the URL specified by the request (step 1102). If _id_ is not included, the request is transferred to the safe site determination unit 223.

  On the other hand, if _id_ is included in the URL query, the URL restoration unit 222 determines that the URL is a dummy URL. Then, referring to the URL conversion DB 801, domain information before and after rewriting corresponding to the value of _id_ is acquired (step 1103).

  Next, the domain information after rewriting in the dummy URL is changed to the domain information before rewriting, the query is deleted, and the URL before rewriting is restored (step 1104). In the above example, http://app2.com/app2.html is restored from the dummy URL http://app1.com/app2.html?_id_=id0001. Then, the request and the restored URL are transferred to the safe site determination unit 223.

  By the way, after the cooperation process of the application server 111 and the application server 112 is performed, the case where the cooperation process of the application server 112 and another application server is further performed is also considered. FIG. 12 shows a configuration example of the proxy server 102 in such a case. The proxy server 102 has a configuration in which an ID management DB 1201 is added to the configuration of FIG.

  The response from the application server 112 includes the cooperation script 1213 together with the HTML file of the Web page 232, and the cooperation script 1213 includes the URL of the Web page 1212 of the application server 1211. Therefore, when the proxy server 102 rewrites the cooperation script 1213 and transmits it to the Web browser 211, and the Web browser 211 executes the rewritten cooperation script, a request for the Web page 1212 is transmitted to the proxy server 102.

  As shown in FIG. 13, a set of ID, base domain information, Internet protocol (IP) address, and issue date / time is registered in the ID management DB 1201. The base domain information represents domain information of the cooperation request source application server, the IP address represents the IP address of the request source client terminal, and the issue date / time represents the issue date / time of the ID.

The cooperation processing by the proxy server 102 in FIG. 12 is basically the same as that in FIG. However, the URL rewriting process and the URL restoring process are changed as follows.
FIG. 14 is a flowchart of URL rewriting processing by the proxy server 102 of FIG. When receiving the response from the Web client unit 226 (step 1401), the URL rewriting unit 230 extracts the URL from the response (step 1402).

  Next, it is checked whether or not the domain information of the extracted URL matches the recorded domain information of the cooperation request source application server 111 (step 1403). If the domain information matches, a response is sent. Transfer to the URL recording unit 229.

  On the other hand, if the two pieces of domain information do not match, it is checked whether or not a unique ID corresponding to the response has been issued by referring to the ID management DB 1201 (step 1404). If the ID has already been issued, the extracted URL is rewritten with a dummy URL including the existing ID (step 1407).

  In this case, the domain information of the extracted URL is changed to base domain information corresponding to the existing ID, and two queries are added following the changed domain information. An address after the original domain information is set for the first query, and an existing ID is set for the second query.

  For example, if req.open ("GET", "http://app3.com/app3.html", false); is described in the linkage script 1213, the URL is http://app3.com/app3. html is extracted. If ID = id0001 has been issued, the extracted URL is rewritten to http://app1.com?path=app3.com/app3.html&_id_=id0001.

  Next, the URL rewriting unit 230 registers the domain information before and after rewriting in the URL conversion DB 801 in association with the existing ID (step 1408). Although the entry corresponding to id0001 is already stored in the URL conversion DB of FIG. 9, a new entry (ID, before rewriting, after rewriting) = (id0001, app3.com, app1.com) is added. . Then, the URL rewriting unit 230 transfers the extracted URL and the response including the dummy URL to the URL recording unit 229.

  If an ID has not been issued in step 1404, a unique ID is issued (step 1405). The issued ID, the domain information of the cooperation request source application server 111, the IP address of the request source client terminal 101, and the current date and time are registered in the ID management DB 1201 (step 1406).

  Next, the extracted URL is rewritten to a dummy URL including the issued ID (step 1407). In this case, the domain information of the extracted URL is changed to the domain information of the cooperation request source application server, and two queries are added following the changed domain information. An address after the original domain information is set in the first query, and the issued ID is set in the second query.

  Then, the domain information before and after rewriting is registered in the URL conversion DB 801 in association with the issued ID (step 1408), and the extracted URL and the response including the dummy URL are transferred to the URL recording unit 229. To do.

  FIG. 15 is a flowchart of the ID determination process in step 1404. The URL rewriting unit 230 first checks whether or not the IP address of the requesting client terminal corresponding to the response is registered in the ID management DB 1201 (step 1501).

  If the IP address is registered, it is next checked whether or not the issue date and time of the entry of the IP address is within a certain range from the current date and time (step 1502). As this fixed range, for example, a range from the current date to 5 minutes before is used.

  If the issue date / time is within a certain range, it is next checked whether or not the base domain information of the entry matches the recorded domain information of the cooperation request source application server (step 1503).

  If the base domain information matches the domain information of the cooperation request source application server, it is determined that the ID corresponding to the response has been issued, and the ID of the entry is used as the issued ID (step 1504).

  If the IP address is not registered in step 1501, the issue date / time is not within a certain range in step 1502, or if the two pieces of domain information do not match in step 1503, it is determined that the ID has not been issued (step 1505).

  The URL restoration process by the proxy server 102 in FIG. 12 is basically the same as that in FIG. However, in step 1103 in FIG. 11, there may be cases where a plurality of IDs identical to the IDs included in the dummy URL exist in the URL conversion DB 801. Therefore, the URL restoration unit 222 acquires all the sets of domain information before and after rewriting corresponding to the ID in the dummy URL, and collates with the domain information before rewriting described in the query in the dummy URL. .

  If there is a set that matches the domain information before rewriting described in the query, the domain information after rewriting in the dummy URL is changed to the matching domain information before rewriting. Then, the query is deleted, and the URL before rewriting is restored. In the example described above, http://app3.com/app3.html is restored from the dummy URL http://app1.com?path=app3.com/app3.html&_id_=id0001.

  2, 8, and 12, it is determined whether or not the URL restored by referring to the safe URL DB 224 is safe, but the safe site determination process is omitted depending on the system design. It doesn't matter.

  In addition, the URL rewriting method is not limited to the above-described example, and any other method may be used as long as the domain information of the cooperation request source application server can be specified and the original URL can be restored. .

  The client terminal 101, the relay server 102, and the application servers 111, 112, and 1211 in FIGS. 2, 8, and 12 are configured using an information processing apparatus (computer) as shown in FIG. 16, for example. The information processing apparatus in FIG. 16 includes a CPU 1601, a memory 1602, an input device 1603, an output device 1604, an external storage device 1605, a medium driving device 1606, and a network connection device 1607, which are connected to each other via a bus 1608.

  The memory 1602 includes, for example, a read only memory (ROM), a random access memory (RAM), and the like, and stores programs and data used for processing. The CPU 1601 performs processing of the client terminal 101, the relay server 102, or the application servers 111, 112, and 1211 by executing a program using the memory 1602.

  The input device 1603 is, for example, a keyboard, a pointing device, or the like, and is used for inputting an instruction or information from an operator or a user. The output device 1604 is, for example, a display, a printer, a speaker, or the like, and is used to output an inquiry to the operator or the user or a processing result.

  The external storage device 1605 is, for example, a magnetic disk device, an optical disk device, a magneto-optical disk device, a tape device, or the like. The information processing apparatus stores programs and data in the external storage device 1605, and loads them into the memory 1602 and uses them as necessary. The external storage device 1605 is also used as a safety URL DB 224, a URL history DB 227, a URL conversion DB 801, and an ID management DB 1201.

  The medium driving device 1606 drives the portable recording medium 1609 and accesses the recorded contents. The portable recording medium 1609 is an arbitrary computer-readable recording medium such as a memory card, a flexible disk, an optical disk, and a magneto-optical disk. The operator or user stores programs and data in the portable recording medium 1609, and loads them into the memory 1602 for use as necessary.

  A network connection device 1607 is connected to a communication network such as the Internet, and performs data conversion accompanying communication. Also, the information processing apparatus receives programs and data from an external apparatus via the network connection apparatus 1607 as necessary, and loads them into the memory 1602 for use.

As described above, the following supplementary notes are further disclosed with respect to the embodiment described with reference to FIGS.
(Appendix 1)
A uniform resource locator rewriting method by a server device,
A request receiving step of receiving a request from the client terminal to the first application server device;
Recording step of recording first domain information in uniform resource locator information of the first application server device specified by the request;
A request transmission step of transmitting the request to the first application server device;
A response reception step of receiving a response to the request from the first application server device;
By changing the second domain information in the uniform resource locator information of the second application server device included in the response to the first domain information, the uniform resource locator information of the second application server device is changed. A rewriting step to rewrite the dummy uniform resource locator information;
A uniform resource locator rewriting method comprising: a response transmission step of transmitting a response including the dummy uniform resource locator information to the client terminal.
(Appendix 2)
A request receiving step of receiving a request designating the dummy uniform resource locator information from the client terminal; a restoring step of restoring the uniform resource locator information of the second application server device from the dummy uniform resource locator information; The uniform resource locator rewriting method according to appendix 1, further comprising a post-restoration request transmission step of transmitting a request designating the restored uniform resource locator information to the second application server device.
(Appendix 3)
The rewriting step adds the address information after the second domain information in the uniform resource locator information of the second application server device as a query following the first domain information, so that the dummy uniform Resource locator information is generated, and the restoration step checks whether or not a predetermined character string indicating the query is included in the uniform resource locator information specified by the request received from the client terminal, The uniform resource locator rewriting method according to appendix 2, wherein the dummy uniform resource locator information is identified.
(Appendix 4)
The rewriting step adds the identifier of the second domain information subsequent to the uniform resource locator information after the second domain information is changed to the first domain information, so that the dummy uniform resource Locator information is generated, the identifier is associated with the second domain information, and the identifier is included in the uniform resource locator information specified by the request received from the client terminal. By checking whether or not the dummy uniform resource locator information is identified, and using the second domain information recorded in association with the identifier, the uniform resource locator information of the second application server device The uniform according to appendix 2, characterized in that Source locator rewriting method.
(Appendix 5)
In the rewriting step, following the first domain information, a query is made for address information after the second domain information in the uniform resource locator information of the second application server device and an identifier of the second domain information. To generate the dummy uniform resource locator information, record the identifier and the second domain information in association with each other, and the restoration step includes a uniform specified by the request received from the client terminal. By checking whether the identifier is included in the resource locator information, the dummy uniform resource locator information is identified, and the second domain information recorded in association with the identifier is used to identify the dummy uniform resource locator information. Uniform resource location of the second application server device Uniform Resource Locator rewriting method according to Supplementary Note 2, wherein the restoring the information.
(Appendix 6)
And determining the site indicated by the restored uniform resource locator information as a safe site if the restored uniform resource locator information matches the previously registered uniform resource locator information. Any one of appendices 2 to 5, wherein the transmission step transmits a request for designating the restored uniform resource locator information to the second application server device when it is determined that the site is safe. Uniform resource locator rewriting method as described in.
(Appendix 7)
Request receiving means for receiving a request for the first application server device from the client terminal;
Storage means for storing first domain information in uniform resource locator information of the first application server device specified by the request;
Request transmitting means for transmitting the request to the first application server device;
Response receiving means for receiving a response to the request from the first application server device;
By changing the second domain information in the uniform resource locator information of the second application server device included in the response to the first domain information, the uniform resource locator information of the second application server device is changed. Rewriting means for rewriting dummy dummy resource locator information;
A uniform resource locator rewriting device, comprising: response transmission means for transmitting a response including the dummy uniform resource locator information to the client terminal.

It is a figure which shows the cooperation process between application servers of embodiment. It is a block diagram of a 1st proxy server. It is a figure which shows the cooperation process at the time of the first access. It is a figure which shows a proxy setting screen. It is a figure which shows a request transmission screen. It is a figure which shows the cooperation process at the time of cooperation script execution. It is a flowchart of a cooperation process. It is a block diagram of a 2nd proxy server. It is a figure which shows URL conversion DB. It is a flowchart of a 1st URL rewriting process. It is a flowchart of URL restoration processing. It is a block diagram of a 3rd proxy server. It is a figure which shows ID management DB. It is a flowchart of a 2nd URL rewriting process. It is a flowchart of ID determination processing. It is a block diagram of information processing apparatus. It is a figure which shows the conventional cooperation process between application servers. It is a figure which shows the cooperation process between application servers via a relay server.

Explanation of symbols

11, 101 Client terminal 21, 22, 111, 112, 1211 Application server 23, 113, 1213 Cooperation script 31 Relay server 102 Proxy server 201 Operator 211 Web browser 221 Request reception unit 222 URL restoration unit 223 Safe site determination unit 224 Safety URL DB
225 Safety URL registration unit 226 Web client unit 227 URL history DB
228 Response return unit 229 URL recording unit 230 URL rewriting unit 231, 232, 1212 Web page 801 URL conversion DB
1201 ID management DB
1601 CPU
1602 Memory 1603 Input device 1604 Output device 1605 External storage device 1606 Medium drive device 1607 Network connection device 1608 Bus 1609 Portable recording medium

Claims (4)

A uniform resource locator rewriting method by a server device,
A request receiving step of receiving a request from the client terminal to the first application server device;
Recording step of recording first domain information in uniform resource locator information of the first application server device specified by the request;
A request transmission step of transmitting the request to the first application server device;
A response reception step of receiving a response to the request from the first application server device;
By changing the second domain information in the uniform resource locator information of the second application server device included in the response to the first domain information, the uniform resource locator information of the second application server device is changed. A rewriting step to rewrite the dummy uniform resource locator information;
A uniform resource locator rewriting method comprising: a response transmission step of transmitting a response including the dummy uniform resource locator information to the client terminal.   A request receiving step of receiving a request designating the dummy uniform resource locator information from the client terminal; a restoring step of restoring the uniform resource locator information of the second application server device from the dummy uniform resource locator information; The uniform resource locator rewriting method according to claim 1, further comprising a post-restoration request transmission step of transmitting a request designating the restored uniform resource locator information to the second application server device.   And determining the site indicated by the restored uniform resource locator information as a safe site if the restored uniform resource locator information matches the previously registered uniform resource locator information. 3. The uniform resource according to claim 2, wherein the transmission step transmits a request designating the restored uniform resource locator information to the second application server device when it is determined that the site is safe. Locator rewrite method. Request receiving means for receiving a request for the first application server device from the client terminal;
Storage means for storing first domain information in uniform resource locator information of the first application server device specified by the request;
Request transmitting means for transmitting the request to the first application server device;
Response receiving means for receiving a response to the request from the first application server device;
By changing the second domain information in the uniform resource locator information of the second application server device included in the response to the first domain information, the uniform resource locator information of the second application server device is changed. Rewriting means for rewriting dummy dummy resource locator information,
A uniform resource locator rewriting device, comprising: response transmission means for transmitting a response including the dummy uniform resource locator information to the client terminal.