| System, method and program product for determining if a user has received a redirected web page -> Monitor Keywords |
|
|
 
System, method and program product for determining if a user has received a redirected web pageSystem, method and program product for determining if a user has received a redirected web page description/claimsThe Patent Description & Claims data below is from USPTO Patent Application 20090006424, System, method and program product for determining if a user has received a redirected web page. Brief Patent Description - Full Patent Description - Patent Application Claims
CROSS-REFERENCE TO RELATED APPLICATION
This application is a continuation of patent application Ser. No. 11/122,663, filed May 5, 2005, entitled System, Method and Program Product for Determining if a User has Received A Redirected Web Page, the entirety of which is incorporated herein by reference. STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENTn/a FIELD OF THE INVENTIONThe present invention relates generally to a method, system and computer program product for determining whether a web browser user has received a redirected web page, and more specifically, to a method, system and computer program product for determining redirection of a Uniform Resource Locator (“URL”) sent by a web browser to an application. BACKGROUND OF THE INVENTIONThe World Wide Web (“WWW”) is well known today. Users of client computers with web browsers request web pages by specifying a URL, either by typing the URL into an address field or selecting a link for a URL. Typically, the user requests the web page using HTTP. Web pages are often a user interface to an application hosted by a server and contain information, such as product information, related to the application. Such web pages often include links to access other web pages or invoke services of the application. Other web pages are merely informational, and do not provide an operational interface to any application. In response to a user request for a web page (where the user request specifies a URL), the user's web browser obtains from a domain name server (“DNS”) an IP address of a server and application on the server represented by the URL. Then the web browser forwards the client request for the web page to the (IP address of the) server/application. In response, the requested application on the server returns the requested web page, and a return code of “2xx” indicating that the requested web page was successfully located and returned. Occasionally, the server or application addressed by the user-specified URL redirects the user request to another server and/or application which returns a “redirected” web page (not the one represented by the user-specified URL). For example, a user may request a web page for a presumed URL based on a generic product name, and a proxy server listed in a domain name server as responsible for that URL will redirect that request to another server and application which provides information or services relating to the generic product. As another example, a vulnerability scanning tool can simulate requests made by a person outside of a firewall or an enterprise being tested to determine if the person can access sensitive web pages from an application within the firewall or enterprise being tested. If so, this represents a security “hole.” If not, the server and application addressed by the tool will redirect the request to a default URL which returns a “Sorry, Page Not Found” web page and a return code other than “2xx” to indicate that the returned page was not the one requested. As another example, if a hyperlink requested by a user is not functioning, the server executing the connection may redirect the user to a web page indicating a request was not successful. As another example, a load balancer or network dispatcher which receives a user request for a URL that does not exist or is not accessible may redirect the user request to a default “page not found” web page. When a server returns a web page other than the one requested by the user, i.e. other than the one represented by the user-specified URL, the server typically provides with the web page a return code other then a “2xx.” An RFC2068 industry standard defines five classifications for HTTP return codes: A “1xx” return code means that the server to which the request was sent is processing the request. A “2xx” return code means that the request was successfully received, understood and accepted. A “3xx” return code means that the request was redirected, and a user must take further action to complete the request such as to wait or to select another link on a redirection web page. A “4xx” return code means a client error such as bad syntax, and cannot be fulfilled. A “5xx” return code means a server error such that the server failed to fulfill an apparently valid request. However, the application which returns the redirected web page may be programmed to return a different return code for a variety of reasons. For example, the application which returns the redirected web page with the misleading return code may want to abstract or conceal the fact that the user request was redirected or may have a valid security reason for concealing the redirection. In many cases, the redirected web page does not indicate anywhere else in the web page that the web page is redirected. In other cases, the application which returns the redirected web page may be programmed to return a web page such as illustrated in FIG. 1 which does not include the proper “404” return code, but clearly states in text that the requested web page was not found. Even though this web page indicates in text that the web page was not found, if the requester is a program tool looking for a return code, then the program tool will not recognize this web page as redirected. There are various situations where the user needs to know that the web page which was returned was not the one requested. In some of these cases the “user” is a person, and in other cases the “user” is a program executing on the user's workstation. For example, consider when the foregoing vulnerability scanning tool simulates requests made by a person, and the application addressed by the tool recognizes the tool as not authorized to access the web page. In such a case, instead of returning the sensitive web page, the addressed application redirects the request to a default application which returns a “Sorry, Page Not Found” web page. If the default application does not return the industry standard “404” code (representing “page not found”), the vulnerability scanning tool may interpret the redirected web page as the one requested by the tool, and conclude that the sensitive web page was returned and a “hole” exists in the security system. FIG. 2 illustrates another type of known redirected web page. The user-requested application has redirected the user request to a known “time-out” application (because the user's connection to the user-requested application has timed-out). The time-out application returns a redirected web page requesting the user to logon again, instead of the web page to interface to the requested application. Even though this is a redirected web page, the “time-out” application included a “252” (non-redirected) status return code in the URL field: http://129.33.31.252/cgi-bin/ctguests.idc. Consequently, if the “user” is the foregoing vulnerability scanning tool, the tool may interpret this web page as the one originally requested by the tool, calculate that the web page was returned after the expiration of the time-out period, and conclude that a “hole” exists in the security system. Therefore, a need exists to enable a web browser or associated program to better detect when a user request for a web page has been redirected. SUMMARY OF THE INVENTIONThe present advantageously provides a system, method and computer program product for determining for determining redirection of a Uniform Resource Locator (“URL”) sent by a web browser to an application. Generally, a web page received from an application is deemed a redirected web page if the content of the original web page matches the content of a second web page returned in response to sending the application an altered URL. In accordance with one aspect of the present invention, a method is provided for determining redirection of a URL sent by a web browser to an application. A first URL is sent to the application, and in response, a first web page is received from the application. A second URL is created by appending one or more characters to the first URL. The second URL is unrecognizable by the application. A request for the second URL is sent to the application, and in response, a second web page is received. The content of the second web page is compared to the content of the first web page. If the content of the second web page matches the content of the first web page, a record is made indicating that the first web page is a redirected web page. In accordance with another aspect of the present invention, a system for determining redirection of a URL includes an application, a web browser, and a processor. The web browser is communicatively coupled to the application and the processor. The web browser operates to send a first URL to the application, and in response, receive a first web page from the application. The web browser further operates to send a request to the application for a second URL, the second URL being unrecognizable by the application, and in response, receive a second web page. The processor operates to create the second URL by appending one or more characters to the first URL. The processor further operates to compare content of the second web page to content of the first web page, and if the content of the second web page matches the content of the first web page, make a record indicating that the first web page is a redirected web page. In accordance with yet another aspect of the present invention, a computer program product for determining redirection of a Uniform Resource Locator (“URL”) sent by a web browser to an application includes program instructions stored on a computer readable medium. The first program instructions send a first URL to the application, and in response, receive a first web page from the application. The second program instructions create a second URL by appending one or more characters to the first URL. The second URL is unrecognizable by the application. Third program instructions send a request to the application for the second URL, and in response, receive a second web page. Fourth program instructions compare the content of the second web page to the content of the first web page. If the content of the second web page matches the content of the first web page, fifth program instructions make a record indicating that the first web page is a redirected web page. Continue reading about System, method and program product for determining if a user has received a redirected web page... Full patent description for System, method and program product for determining if a user has received a redirected web page Brief Patent Description - Full Patent Description - Patent Application Claims Click on the above for other options relating to this System, method and program product for determining if a user has received a redirected web page patent application. Patent Applications in related categories: 20090287712 - Configurable persistent storage on a computer system using a database - A method for persistent data storage on a computer system with a kernel by retrieving configuration information regarding a system operation request and then deciding based on the configuration information whether to execute it with special persistent storage or to not do so. The configuration information may be stored on ... 20090287715 - File sharing method and file sharing system for getting an accessible address through an address mapping server - A file sharing method includes: transferring content information related to a to-be-shared file to an address mapping server; and the address mapping server providing an accessible address mapped to the to-be-shared file according to the content information. One advantage of using the above file sharing method is that the user ... 20090287711 - Information search system and its method - An object is to efficiently retrieve data stored and managed in a plurality of devices in a distributed manner. A PC 10 issues a retrieval request with a designation of a profile name and a profile identifier to the profile retrieval unit 2. The profile retrieval unit 2 uses the ... 20090287714 - Method and apparatus for community-based comparison shopping based on social bookmarking - A method and apparatus for sharing product information amongst users of a computer network using productmarks. A productmark for a product is created by a user of the network and includes a product identifier, an annotation containing user comments, a username that identifies the creator of the productmark, and a ... 20090287716 - Network-based database communication system - The present invention is a communication system. Further, the present invention relates to a database communication system that allows for communication between disparate databases. ... 20090287710 - Portable storage media, host device and method of accessing the content of the portable storage media by the host device - The invention relates to a portable storage media (1) comprising resources and metadata wherein the portable storage media (1) further comprises a representation file representing the resources, the metadata and their interrelationships. The invention further relates to a Host device (2) that is designed to cooperate with at least one ... 20090287713 - Systems and methods for measuring online public relation and social media metrics using link scanning technology - A method for measuring Public Relations (PR) outputs and social media efforts on a webpage is described. The method can comprise generating a list of website addresses, deploying link scanning on the web page, the link scanning configured to include the list of website addresses, and reporting the results of ... ###  How KEYWORD MONITOR works... a FREE service from FreshPatents1. Sign up (takes 30 seconds). 2. Fill in the keywords to be monitored. 3. Each week you receive an email with patent applications related to your keywords. Start now! - Receive info on patent apps like System, method and program product for determining if a user has received a redirected web page or other areas of interest. ### Previous Patent Application: System and method for personalized health information delivery Next Patent Application: Extensible category and property grouping for object editing Industry Class: Data processing: database and file management or data structures ### FreshPatents.com Support Thank you for viewing the System, method and program product for determining if a user has received a redirected web page patent info. IP-related news and info Results in 0.22419 seconds Other interesting Feshpatents.com categories: Electronics: Semiconductor , Audio , Illumination , Connectors , Crypto , orig |
 * Protect your Inventions * US Patent Office filing 
PATENT INFO |
|
