Communication Device, Relay Device, Information Processing System, Communication System and Communication Method
US-2020106515-A1 · Apr 2, 2020 · US
Non-HTTP layer 7 protocol applications running in the browser
US11909808B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11909808-B2 |
| Application number | US-202217956695-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 29, 2022 |
| Priority date | Apr 15, 2021 |
| Publication date | Feb 20, 2024 |
| Grant date | Feb 20, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A server receives from a browser executing on a client device an HTTP request. The server transmits a response to the HTTP request to the browser. The response includes code that when executed by the browser, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network. The server receives, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service. The server proxies the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service. The server logs event data received from the non-HTTP layer 7 protocol client executing in the browser.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: receiving, at a server from a browser executing on a client device, an HTTP request; transmitting, to the browser executing on the client device, a response to the HTTP request, wherein the response includes code that when executed by the browser executing on the client device, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network; receiving, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service; proxying the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service; and logging event data received from the non-HTTP layer 7 protocol client executing in the browser. 2. The method of claim 1 , wherein the code is in a WebAssembly format. 3. The method of claim 1 , wherein the non-HTTP layer 7 protocol client is a Secure Shell Protocol (SSH) client, wherein the non-HTTP layer 7 protocol service is a SSH server, and wherein the SSH client executes in a tab of the browser. 4. The method of claim 1 , wherein the data related to the non-HTTP layer 7 protocol service is received over a WebSocket between the browser and the server. 5. The method of claim 1 , further comprising: determining, based on a set of one or more policies configured for a domain of the HTTP request, that the HTTP request is allowed to be processed, wherein the set of one or more policies are based on one or more of identity, device posture, location, and/or risk signals. 6. The method of claim 1 , further comprising: authenticating a user of the non-HTTP layer 7 protocol client with the non-HTTP layer 7 protocol service. 7. The method of claim 6 , wherein authenticating the user includes performing one of: presenting a login prompt, presenting a prompt for a public key, and automatically performing a certificate generation and authentication. 8. A non-transitory machine-readable storage medium that provides instructions that, if executed by a processor, will cause said processor to perform operations including: receiving, at a server from a browser executing on a client device, an HTTP request; transmitting, to the browser executing on the client device, a response to the HTTP request, wherein the response includes code that when executed by the browser executing on the client device, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network; receiving, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service; proxying the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service; and logging event data received from the non-HTTP layer 7 protocol client executing in the browser. 9. The non-transitory machine-readable storage medium of claim 8 , wherein the code is in a WebAssembly format. 10. The non-transitory machine-readable storage medium of claim 8 , wherein the non-HTTP layer 7 protocol client is a Secure Shell Protocol (SSH) client, wherein the non-HTTP layer 7 protocol service is a SSH server, and wherein the SSH client executes in a tab of the browser. 11. The non-transitory machine-readable storage medium of claim 8 , wherein the data related to the non-HTTP layer 7 protocol service is received over a WebSocket between the browser and the server. 12. The non-transitory machine-readable storage medium of claim 8 , wherein the operations further comprise: determining, based on a set of one or more policies configured for a domain of the HTTP request, that the HTTP request is allowed to be processed, wherein the set of one or more policies are based on one or more of identity, device posture, location, and/or risk signals. 13. The non-transitory machine-readable storage medium of claim 8 , wherein the operations further comprise: authenticating a user of the non-HTTP layer 7 protocol client with the non-HTTP layer 7 protocol service. 14. The non-transitory machine-readable storage medium of claim 13 , wherein authenticating the user includes performing one of: presenting a login prompt, presenting a prompt for a public key, and automatically performing a certificate generation and authentication. 15. A server, comprising: a processor; and a non-transitory machine-readable storage medium that provides instructions that, if executed by the processor, will cause the server to perform operations including: receiving, at the server from a browser executing on a client device, an HTTP request; transmitting, to the browser executing on the client device, a response to the HTTP request, wherein the response includes code that when executed by the browser executing on the client device, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network; receiving, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service; proxying the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service; and logging event data received from the non-HTTP layer 7 protocol client executing in the browser. 16. The server of claim 15 , wherein the code is in a WebAssembly format. 17. The server of claim 15 , wherein the non-HTTP layer 7 protocol client is a Secure Shell Protocol (SSH) client, wherein the non-HTTP layer 7 protocol service is a SSH server, and wherein the SSH client executes in a tab of the browser. 18. The server of claim 15 , wherein the data related to the non-HTTP layer 7 protocol service is received over a WebSocket between the browser and the server. 19. The server of claim 15 , wherein the operations further comprise: determining, based on a set of one or more policies configured for a domain of the HTTP request, that the HTTP request is allowed to be processed, wherein the set of one or more policies are based on one or more of identity, device posture, location, and/or risk signals. 20. The server of claim 15 , wherein the operations further comprise: authenticating a user of the non-HTTP layer 7 protocol client with the non-HTTP layer 7 protocol service. 21. The server of claim 20 , wherein authenticating the user includes performing one of: presenting a login prompt, presenting a prompt for a public key, and automatically performing a certificate generation and authentication.
Assignees
Inventors
Classifications
- H04L67/02Primary
based on web technology, e.g. hypertext transfer protocol [HTTP] · CPC title
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Entity profiles · CPC title
Discovery or management thereof, e.g. service location protocol [SLP] or web services · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11909808B2 cover?
- A server receives from a browser executing on a client device an HTTP request. The server transmits a response to the HTTP request to the browser. The response includes code that when executed by the browser, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network. The server receives, from the non-HTTP layer 7 protocol clien…
- Who is the assignee on this patent?
- Cloudflare Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/02. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 20 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).