WO2002039288A1 - Dispositif et procede d'instruction de reglage de cookie - Google Patents
Dispositif et procede d'instruction de reglage de cookie Download PDFInfo
- Publication number
- WO2002039288A1 WO2002039288A1 PCT/JP2001/009655 JP0109655W WO0239288A1 WO 2002039288 A1 WO2002039288 A1 WO 2002039288A1 JP 0109655 W JP0109655 W JP 0109655W WO 0239288 A1 WO0239288 A1 WO 0239288A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- url
- cookie
- client device
- client
- response message
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/954—Navigation, e.g. using categorised browsing
Definitions
- the present invention relates to a technique for transparently enabling a cookie even in a web browser where a cookie cannot be used.
- the present invention relates to a technique for managing the state of a web browser that cannot use cookies. Even in a Web browser environment where cookie keys cannot be used, by using such technology, server applications that assume the use of cookie keys can be used as they are. Background art
- the server returns a response message to the client's request message, and includes a cookie setting instruction in the header or document of the response message (reference numerals 1001, 10 in FIG. 10). 0 2). If it is included in the document, it is described using a media tag.
- the cookie setting command is used to determine the cookie value, the path where the cookie value is returned, This includes the expiration date.
- the client web browser
- the client holding the cookie sends a request message to the server, it compares the path of the request destination with the path of the cookie information and finds a match, as shown in Fig. 11.
- the value 1003 of the cookie is included in the request message and sent to the server.
- the server receives the cookie value, performs processing according to that value, and returns a response message to the client.
- the URL is a description format for specifying the address of the server and the information stored in the server, and includes a protocol for accessing the server and an address on the network (server name and port). Number, path) and one character string of query (method arguments such as GET, etc., when the information is a program) are described. Disclosure of the invention
- the present invention has been made in view of the above circumstances, and provides a technology that can process cookies in a mode in which cookies are used even for web browsers that cannot use cookies. The purpose is to do so.
- the method for processing a cookie setting command extracting cookie information from a click setting command of a response message; Converting the URL into a new URL associated with the extracted cookie information; sending the transfer target document including the new URL to the client device; including the request from the client device. Extracting a value of the cookie based on the URL to be processed; performing information processing based on the value of the cookie; and a document generated as a result of the information processing. Is transferred to the client device.
- the same processing as in the case of using cookies can be performed by sending a cookie setting command to a client device that cannot use cookies.
- the application server or the like can send a response message including a cookie setting command regardless of whether or not the client device is compatible with the cookie key.
- the cookie setting command has various modes.
- INDUSTRIAL APPLICABILITY The present invention can be applied to various types of quay key setting commands. For example, it may be included in the header of the response message, or may be described by a message in the response message document.
- the present invention can be realized not only as a device or a system, but also as a method. Also, it goes without saying that a part of such an invention can be configured as software. Also, it goes without saying that software products (recording media) used for causing a computer to execute such software are also included in the technical scope of the present invention.
- FIG. 1 is a system diagram showing an embodiment of the present invention as a whole.
- FIG. 2 is a block diagram illustrating a configuration example of a cookie processing unit according to the embodiment.
- FIG. 3 is a diagram illustrating a management number table based on management information data.
- FIG. 4 is a view for explaining a session number table based on management information.
- FIG. 5 is a diagram illustrating a cookie dinner.
- FIG. 6 is a flowchart illustrating the processing of a request message.
- FIG. 7 is a flowchart illustrating processing of a response message.
- FIG. 8 is a diagram for explaining the flow of the overnight process in the process of setting the click.
- FIG. 9 is a diagram for explaining the flow of the process in the process of linking.
- FIG. 10 is a diagram for explaining a click setting command of a response message.
- FIG. 11 is a diagram for explaining a request message message. BEST MODE FOR CARRYING OUT THE INVENTION
- embodiments of the present invention will be described.
- FIG. 1 shows an embodiment of the present invention as a whole.
- a web site 1 is provided with a web server 10 and an application server 11.
- Computer resources such as the web server 10 and the application server 11 are interconnected by, for example, a local area network (LAN) 12.
- the application server 11 is a normal application, receives various requests from the web server 10 via an interface connection such as CGI (Common Gate Interface), and executes various processing. I do. Further, the application server 11 manages the state information of the client device 2 using the cookies 14 as usual.
- the web server 10 receives and processes a request message from the client device 2 according to the HTTP protocol. However, the web server 10 has a cookies processing unit 15.
- the cookie processing unit 15 extracts cookie information from the cookie setting command of the response message from the application server 11, generates a new URL associated with the cookie information, and generates It is for rewriting. Information that associates the rewritten URL with the cookie information is managed in the management information database 13.
- the client device 2 is, for example, a mobile phone having a web browsing function, for example, an i-mode mobile phone of NTT DoCoMo, Inc. Of course, another information terminal with a web browsing function can be used.
- the client device 2 and the web site 1 are connected to each other by an internet connection network, a local communication network, and other various communication networks 3 as far as applicable.
- FIG. 2 schematically shows the cookie processing unit 15.
- the cookie processing unit 15 includes a header cookie information extracting unit 151, a header information updating unit 152, and a response.
- the management information database 13 includes a management number table 131, a session number table 132, and the like.
- the management number table 13 1 is as shown in Fig. 3. Information.
- the session number table 132 contains information as shown in FIG.
- the cookies 14 in FIG. 1 contain information as shown in FIG.
- the attributes associated with woodpecker information depend on how the woodpecker information is used. For example, when used as a session ID, it is a user name or the like.
- the response message can include cookie information in the header or document as shown in FIG.
- the response message is divided into a header part and a document part.
- a part of the header is sent to the header-cookie-information extracting unit 151 and the header-information updating unit 152.
- the head darkness information extracting unit 151 extracts a cookie setting instruction (1001 in FIG. 10) included in the head.
- the header-one information update unit 152 reflects, for example, link rewriting of a document described later in the header-one information. For example, change the content length of the header.
- the updated header is sent to the response message synthesizing unit 153.
- the response message synthesizing unit 153 assembles a modified document and an updated header one as described later to assemble and convert a response message, and sends it to the client device 2 (FIG. 1).
- the document part of the response message is sent to the message extracting unit 154, the link scanning unit 155, and the link replacing unit 159.
- the media tag cookie information extraction unit 154 extracts a cookie key setting command (1002 in FIG. 10) included in the document.
- the link scanning unit 155 detects a link (URL specified by the anchor tag) in the document. The detection result is sent to the management number generation unit 156 and the URL ⁇ management number connection unit 157.
- the management number generator 156 generates a new unique management number every time a link is detected.
- the management numbers may be continuous, for example.
- the control number is sent to the URL / control number link 157.
- the URL * control number linking unit 157 links the URL of the link and the control number and supplies the link to the encryption unit 158.
- the encryption unit 158 sends the connection result to the link replacement unit 159.
- the link replacement unit 159 replaces the URL of the link in the document with the ciphertext of the concatenation result.
- a predetermined mark for example, “/ @ — @ /” is added to the beginning of the ciphertext in order to clearly indicate that the ciphertext is a ciphertext or a converted UHL.
- the document replacing the URL output from the link replacing unit 159 is sent to the response message synthesizing unit 153, and as described above, the converted response message is synthesized here.
- the processing is switched.
- the session number storage unit 162 receives and stores the session number output from the session number generation unit 161 and the session number determined as described later by the converted URL.
- the session number stored in the session number storage unit 162 is stored in the management number template 131 together with the management number output from the management number generation unit 156 and the URL output from the link scanning unit 155. Further, the session number stored in the session number storage section 16 2 is stored in the session number table 1 32 together with the header information information extraction section 151 and the output key information extraction section 154. Is held.
- the request message When the request message includes a ciphertext URL (converted URL), the request message is sent to decryption section 163.
- the decryption unit 163 removes the “/ @ — @ no” mark in the URL of the request message, decrypts the ciphertext, and reproduces the original URL and management number pair.
- the verification unit 164 looks up the management number table 131 using the URL and the management number, and acquires the corresponding session number.
- the session number is stored in the session number storage unit 162, and the cookie information is obtained by looking up the session number table 132 using the session number. If the path matches, the value of the click is included in the request message and returned to the application server 11 (Fig. 1). If there is no corresponding URL and control number pair, output empty and end the process.
- the application server 11 receives the value of the cookie, and refers to the cookie data 14 to perform processing according to the attribute of the cookie, for example, session management. Next, the operation of this embodiment will be described in detail.
- FIG. 6 mainly shows a processing flow of a request message in the cookie processing unit 15.
- the request message is processed as follows.
- Step S10 Receive the request message.
- Step S11 It is determined whether the URL in the request message is a normal URL or a converted URL. If it is a normal URL, the process proceeds to step S12. If the URL is converted, the process proceeds to step S14.
- Step S12 The session number generator 161 is activated to generate a new session number.
- Step S14 The converted URL is decrypted by the decryption unit 163.
- Step S15 The management number table 131 is listed using the management number obtained by decryption and the original URL. If there is a corresponding record, go to step S16. If not, stop processing as an inappropriate request message (eg, falsified).
- an inappropriate request message eg, falsified
- Step S16 The session number is extracted from the set of the management number, URL, and session number obtained by table lookup, and updated and written to the session number storage unit 162.
- Step S17 The evening pull (record) of the read management number is invalidated. As a result, it is possible to avoid impersonation using the used transformation URL.
- Step S18 The session number table 1332 is looked up with the URL and the session number, and the cookies matching the path are taken out.
- Step S19 A cookie is included in the request message and passed to the application server 11.
- FIG. 7 shows a flow of processing a response message queuing setting instruction, and the processing is as follows.
- Step S20 Cookie information is extracted from the cookie key setting command.
- the click setting command itself is discarded.
- Step S21 The session number and cookie information read from the session number storage section 162 are written in the session number table 132.
- Step S23 A management number is generated for each URL.
- the management number is, for example, a serial number No.
- Step S24 The session number, URL, and management number read from the session number storage unit 162 are written in the management number table 131.
- Step S28 It is determined whether all URLs have been processed. If there are remaining URLs, the process returns to step S22. If not, the process proceeds to step S29.
- Step S29 Update the header based on the document in which the URL has been replaced.
- Step S30 The document in which the URL has been replaced and the updated header are connected to synthesize a response message.
- the combined response message is sent to the client device 2.
- Fig. 8 mainly describes the flow of the process of setting cookies in a concrete example.
- the URL of the request message is "ho geho ge. C gi".
- the URLs themselves are normal, that is, untranslated. In this case, a new session number is assigned.
- the UR of the request message may be the converted UR L. In that case, the corresponding session number is used.
- request message is sent with the name of the user of the client device 2 as an argument, for example.
- “sid” means “session ID” used by the application supervisor 11 for the purpose of the application, which is used in the above-mentioned cookies processing unit 15. Different from “session number”.
- the cookie processing unit 15 of the web server 10 sends a response message (header and document) to the client device 2 after linking a management number (also referred to as “c 1 ient lDj”) to the URL of the anchor. Is concatenated, the URL and the management number are encrypted, and are further sent to the client device 2 by being marked with a predetermined symbol, for example, “/ @ — @ / j.”
- the management number and the session number are stored in the management number table 131 and the session number. It is managed by the number table 132.
- FIG. 9 illustrates, using a specific example, a flow of a process when a user who receives a response message including a converted URL reads a link using the converted URL.
- the cookie processing unit 15 of the web server 10 decrypts the ciphertext of the URL, reproduces the original URL and the management number, and performs verification by referring to the management information database 13. If the verification is successful, the session number is extracted from the management number table 131, and a desired cookie is extracted from the session number table 132 based on the session number and the URL.
- This cookie is added to the request message and supplied to the application server 11.
- the cookie processing unit 15 of the web server 10 concatenates the management number with the URL of the anchor (in this example, “next next. Cgi”), encrypts it, attaches a mark, and supplies it to the client device 2 as a response message. I do.
- the present invention is not limited to the above-described embodiment, and various changes can be made without departing from the gist of the present invention.
- the encryption number and the decryption unit are used to encrypt and decrypt the management number and the URL. You may.
- the management number may be a continuous number or a random number. Symbols other than numbers may be used.
- click setting information Since the click setting information is not used by the client device 2, it may not be sent to the client device 2 or may be sent as it is.
- the part for processing cookies is provided in the web server 10, but may be provided in the application server 11. It may be provided between the application servers 11 or may be provided on the front end of the web server 10. Further, the proxy server may be provided in a proxy server to which the client device 2 is connected.
- the management number is linked to the URL of the link, and this management number is associated with the session number (client state management identifier) by the management number table 131, and further, the session number and the cookie information ( Cookies, paths, expiration dates, etc.) are related by the session number table 132. Then, the management number is reproduced from the URL included in the request message, and finally the desired cookie information is obtained.
- the session number may be used. That is, session management or the like may be performed using the session number.
- the management number and the cookie information may be directly related. In other words, the management number table 13 1 may hold a set of management number and cookie information. If multiple pieces of cookie information share the same path, multiple pieces of cookie information are associated with a management number of 1.
- the management number may be directly or indirectly associated with the cookie information, and instead of extracting the cookie information from the management number, one or more cookie information itself may be directly included in the URL and processed. . In this case, encryption is preferable.
- the converted URL may be included in an electronic mail or the like and sent to the user. In this way, the cookies are immediately available.
- an application that uses cookies can be used as it is even for a client device that cannot use cookies.
- the state of the client device can be managed without using cookies or dynamic web documents.
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2002211001A AU2002211001A1 (en) | 2000-11-10 | 2001-11-05 | Cookie setting instruction method and device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000-344218 | 2000-11-10 | ||
JP2000344218A JP4121242B2 (ja) | 2000-11-10 | 2000-11-10 | クッキー設定命令処理方法および装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2002039288A1 true WO2002039288A1 (fr) | 2002-05-16 |
Family
ID=18818450
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2001/009655 WO2002039288A1 (fr) | 2000-11-10 | 2001-11-05 | Dispositif et procede d'instruction de reglage de cookie |
Country Status (3)
Country | Link |
---|---|
JP (1) | JP4121242B2 (ja) |
AU (1) | AU2002211001A1 (ja) |
WO (1) | WO2002039288A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11677846B1 (en) * | 2018-07-31 | 2023-06-13 | Snap Inc. | Privacy-preserving first-party tracking |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4783920B2 (ja) * | 2005-05-31 | 2011-09-28 | アド・コープ関西株式会社 | 認証システム及び認証方法 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000099477A (ja) * | 1998-09-21 | 2000-04-07 | Fuji Xerox Co Ltd | オブジェクトのアクセス管理方法 |
JP2000222353A (ja) * | 1999-02-03 | 2000-08-11 | Toshiba Corp | セッション管理装置、その方法およびセッション管理プログラムを記録したコンピュータ読み取り可能な記録媒体 |
-
2000
- 2000-11-10 JP JP2000344218A patent/JP4121242B2/ja not_active Expired - Lifetime
-
2001
- 2001-11-05 AU AU2002211001A patent/AU2002211001A1/en not_active Abandoned
- 2001-11-05 WO PCT/JP2001/009655 patent/WO2002039288A1/ja active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000099477A (ja) * | 1998-09-21 | 2000-04-07 | Fuji Xerox Co Ltd | オブジェクトのアクセス管理方法 |
JP2000222353A (ja) * | 1999-02-03 | 2000-08-11 | Toshiba Corp | セッション管理装置、その方法およびセッション管理プログラムを記録したコンピュータ読み取り可能な記録媒体 |
Non-Patent Citations (2)
Title |
---|
TORU MORIYAMA ET AL.: "Dai IIbu, intranet Q & A; intranet no kouchiku ni tachi-fusagaru kabe wo koeru", NIKKEI OPEN SYSTEMS, no. 53, 15 August 1997 (1997-08-15), pages 182 - 193, XP002908226 * |
YASUHIRO KAWAI: "I-mode de kabu no baibai made wo kanou ni; session hoji to fuka bunsan wo kufuu", NIKKEI INTERNET TECHNOLOGY, no. 38, 22 August 2000 (2000-08-22), pages 22, XP002908225 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11677846B1 (en) * | 2018-07-31 | 2023-06-13 | Snap Inc. | Privacy-preserving first-party tracking |
Also Published As
Publication number | Publication date |
---|---|
AU2002211001A1 (en) | 2002-05-21 |
JP2005122222A (ja) | 2005-05-12 |
JP4121242B2 (ja) | 2008-07-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4025268B2 (ja) | クライアント/サーバシステム、クライアントモジュール及び暗号化通信プログラム | |
US7308477B1 (en) | Unified messaging system configured for transport of encrypted messages | |
US6996817B2 (en) | Method and system for upgrading and rolling back versions | |
US7584500B2 (en) | Pre-fetching secure content using proxy architecture | |
JP4596554B2 (ja) | 暗号化されたhttpsネットワーク・パケットを、セキュアなウェブ・サーバ外部での復号なしに特定のurl名および他のデータにマッピングするための、方法およびシステム(マッピングすること) | |
US20020077986A1 (en) | Controlling and managing digital assets | |
US20030177178A1 (en) | Method and system for effectively communicating file properties and directory structures in a distributed file system | |
WO2002084941A1 (en) | Secure messaging using self-decrypting documents | |
HU223910B1 (hu) | Eljárás információadat továbbítására küldőtől fogadóhoz átkódolón keresztül, eljárás információadat átkódolására, eljárás átkódolt információadat fogadására, küldő, fogadó és átkódoló | |
US20130291089A1 (en) | Data communication method and device and data interaction system based on browser | |
US20030081788A1 (en) | Secure printing to a web-based imaging print service | |
Itani et al. | J2ME application-layer end-to-end security for m-commerce | |
CN101176101A (zh) | Web服务中的保密数据通信 | |
JP2007142504A (ja) | 情報処理システム | |
JP4637612B2 (ja) | 識別情報生成管理装置およびシステムならびにプログラム | |
JP5084222B2 (ja) | セキュリティプロトコル制御装置及びセキュリティプロトコル制御方法 | |
JP3661776B2 (ja) | クライアントのプロファイル情報をサーバに提供する方法とシステム | |
JP2004234538A (ja) | 暗号化データ共有システム | |
KR100423191B1 (ko) | 보안 프로토콜을 이용하여 전송될 벌크 데이터의 대칭 암호화 효율을 향상시키기 위한 방법, 시스템 및 기록 매체 | |
WO2002039288A1 (fr) | Dispositif et procede d'instruction de reglage de cookie | |
JP4728634B2 (ja) | クライアントアクセス管理方法および装置 | |
KR100987768B1 (ko) | 대용량 쿠키 처리 방법 및 장치 | |
WO2008068976A1 (ja) | ネットワークシステム、サーバ、クライアント及びネットワークシステムにおける通信方法 | |
KR101000788B1 (ko) | 웹기반 소프트웨어 처리 시스템 및 그의 데이터 보안방법 | |
JP2000029829A (ja) | 分散ネットワークコンピューティングシステム、情報交換装置、及び情報交換方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |