Mitigation of data leakage in HTTP headers
US10356050B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 20, 2016 |
| Grant date | Jul 16, 2019 |
| Priority date | — |
| Expiry date | Sep 29, 2037 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0414
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A web application on a client computer system submits a web request to a destination Web server via a network application programming interface. A web request scrubber is installed on the client computer system between the network application programming interface and a network interface of the client computer system. The web request scrubber intercepts the web request and determines if an HTTP referer field is present. Based at least in part on the intended destination of the web request, the web request scrubber identifies and applies an applicable scrubbing policy to the information in the HTTP referer field. The web request scrubber removes or modifies some or all of the information in the HTTP referer field in accordance with the applicable scrubbing policy, and forwards the modified web request to the destination Web server via the network interface of the client computer system.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.