1
PROVISION OF TRANSPARENT PROXY
SERVICES TO A USER OF A CLIENT
DEVICE
RELATED APPLICATION INFORMATION 5
This application claims the benefit of U.S. Provisional Application Ser. No. 60/136,734, filed May 28, 1999, which is incorporated herein by reference.
This application is a continuation-in-part of U.S. Appli- 10 cation Ser. No. 09/579,787, filed May 26, 2000, now U.S. Pat. No. 7,006,993, and entitled "Method And Apparatus For Surrogate Control Of Network-Based Electronic Transactions," which is incorporated herein by reference.
15
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to proxy services provided on a network. 20
2. Description of Related Art
The rapid growth and expansion of network and Internet technologies has facilitated electronic commerce transactions, particularly in the area of consumer retail goods. Taking advantage of the widespread availability of the 25 Internet, numerous retailers have gone online with retail shopping sites on the World Wide Web. These sites allow consumers to shop easily and conveniently from the comfort of their homes and offices. However, access to electronic shopping is limited to those possessing specific forms of 30 credit or cash that can be transferred electronically.
Numerous non-cash techniques are typically used for executing purchase transactions among purchasers and online merchants. Indeed, numerous types of credit cards and banking cards are in widespread use. For example, a 35 credit card can be used to effect online purchases, with the transaction being paid for by a credit card clearing house or bank and creating a credit obligation for the owner of the credit card. Another type of card which looks like a credit card but functions differently is the debit card. The debit card 40 is used much like a credit card in that it is tendered by the purchaser to an online merchant for payment. Payment is effected from a bank to the merchant and the funds are deducted directly from the card holder's bank account.
However, the problem with credit cards and debit cards is 45 that certain conditions have to be met for issuance, conditions that can include restrictions on age and financial criteria. As a result, many consumers do not meet the requirements for credit card or debit card issuance, thereby eliminating them from the ranks of online shoppers. Fur- 50 thermore, the negative security implications associated with exposing credit card or debit card account numbers over a public network like the Internet make many consumers uncomfortable. Thus, while many of these consumers have the technology and financial resources available, they are 55 put out of reach of online merchants because they do not have a particular form of financial resources.
As an alternative to cash and credit cards, stored value cards are now available. Stored value cards require the purchase of a card which looks much like a credit card, but 60 which has a limited amount of available value to be spent. The balance is contained in a magnetic strip or computer chip in the card. As the stored value card is used, the remaining balance on the card is depleted. However, like some debit cards, stored value cards do not enjoy the 65 functionality of credit cards in many business transactions, particularly electronic commerce purchases.
2
One possible solution to this problem for some, particularly minor children, is found in secondary credit cards. A credit card holder may obtain one or more secondary credit cards from the issuer, as for example for family members, that are linked to the main credit card. The secondary credit cards are functionally identical to the main credit card in all respects and, indeed, typically bear the same account number and differ from the primary card only in the name of the person who is authorized to use the secondary card. Any purchases made with the secondary credit cards are debited against the credit limit of the single account in which the primary and secondary cards are issued. Thus, the main or primary cardholder has no control over the spending power or abilities of the secondary credit cards linked to his card, beyond the fact that the total of all debts incurred by all cards on the account cannot exceed the credit limit of the main credit card.
These secondary credit cards, therefore, are problematic because the secondary cardholders can quickly accumulate a significant outstanding balance on the main credit card account, thus reducing the main cardholder's spending power. Most importantly, the main cardholder is not aware of the decrease in the available credit or spending limit as a result of expenditures by a secondary cardholder. Consequently, there is a need for a system or service that enables those without a credit card, for example teenage children, to shop and buy at online merchants without requiring a credit card.
Atypical proxy server operates as a non-transparent proxy where the browser knows it is using a proxy.
SUMMARY OF THE INVENTION
In some embodiments, a method of providing transparent proxy services to a user of a client device is provided. The client device has a browser for retrieving digital content from a data network. The client device, a proxy server and a remote server are connected to the data network. According to the method, the proxy server receives a first request from the browser for a first unit of diqital content, wherein there is a remote server hostname associated with the remote server and the first request includes the remote server hostname for referencinq the first unit of diqital content; the proxy server requests the first unit of diqital content from the remote server; the proxy server receives the first unit of diqital content from the remote server; the proxy server parses the first unit of diqital content for references to the remote server; the proxy server identifies a first reference within a software construct, wherein the software construct, when performed, would force a paqe reload by the browser; the proxy server inserts a first software function into the modified remote paqe for modifyinq references; the proxy server inserts a call to the first software function into the software construct, wherein the first reference is encapsulated in the function call; the proxy server modifies at least one reference to the remote server in the first unit of diqital content to form a modified first unit of diqital content by insertinq a surroqate server hostname into the at least one reference and removinq a remote server hostname from the at least one reference, wherein the surrogate server hostname is different from the remote server hostname; and the proxy server transmits the modified first unit of digital content to the browser.
According to other aspects of the invention, a proxy server provides transparent proxy services to a user of a client device and a computer program provides transparent proxy services to a user of a client device.
3
Still further objects and advantages attaching to the system and methods will be apparent to those skilled in the art from the following particular description.
DESCRIPTION OF THE DRAWINGS 5
Further objects of this invention, together with additional features contributing thereto and advantages accruing therefrom, will be apparent from the following description of an embodiment of the present invention which is shown in the 10 accompanying drawings with like reference numerals indicating corresponding parts throughout and which is to be read in conjunction with the following drawings, wherein:
FIG. 1 is a block diagram of a system for providing transparent proxy services to a user browsing a remote 15 server in accordance with the invention.
FIG. 2 is a flow chart of a method of providing transparent proxy services in accordance with the invention.
FIG. 3 is a flow chart of a method of modifying a web page in accordance with the invention. 20
DETAILED DESCRIPTION OF THE
INVENTION
25
Throughout this description, the embodiments and examples shown should be considered as exemplars, rather than limitations on the apparatus and methods of the present invention.
In accordance with the invention, proxy services are 3Q provided transparently to a user browsing a web site. The method and apparatus of the invention are useful in providing a user with a means for making on line purchases without a credit card account, debit account or other financial account recognized by the respective merchants. 35
One advantage of the invention is that special software is not required to be installed on either the client (user) or merchant end of a transaction. As such, spenders and funders are not required to install any software on their personal computers in addition to a typical browser. Also, the online 40 merchants are not required to install any special server software or modify their web pages in order to accommodate the surrogate transactions.
The System of the Invention 45
FIG. 1 is a block diagram of a system including a proxy server 110, client device 120, remote server 140. A data network 160 interconnects the other components 110, 120, 140. Different components of the proxy server 110 can be 50 located at different physical locations. The system may include more than one client device 120 and remote server 140.
The client device 120 comprise a computer configured to connect to the network 160 for accessing servers such as the 55 remote server 140. The client device 120 may be, for example, a PC running a Microsoft Windows operating system, an Internet appliance, network computer (NC), or an appropriately Internet-enabled device such as a portable digital assistant (PDA), mobile phone, refrigerator, etc. The 60 particular type of device of the client device 120 is not considered to be important. The client device 120 operates a browser program 123 for accessing and interacting with other systems. For a PC, this program is a web browser such as Microsoft Internet Explorer or Netscape Navigator, and 65 may generate a browser display 121 on the client device 120. The program used by the client device 120 for accessing and
4
interacting with other systems to obtain digital content from the other systems will be generally referred to herein as the "browser" 123.
The remote server 140 comprises a server or collection of servers which provide online functionality, such as an online retail shopping web site. An identifier is associated with the remote server 140 to allow the remote server 140 and digital content on the remote server 140 to be identified from the data network 160. For TCP/IP networks, the identifier may be a hostname, which is unique within the network. In some cases, the hostname is the same as the domain name.
The remote server 140 may be accessed and utilized, for example, by the browser 123. Units of digital content (e.g., web pages) served by the remote server 140 will be referred to herein as "remote pages." An identifier may be associated with each remote page to allow the remote pages to be identified from the data network 160. Other identifiers may be associated with other objects on the remote server, such as graphic files, to allow these other objects to be identified from the data network 160. When used, these identifiers may be considered "references" to the respective host (i.e., remote server), web page or other object.
For TCP/IP networks, an identifier or reference may be a uniform resource locator (URL), and in some circumstances a fully qualified URL. A "fully-qualified" URL includes a complete URL, and is in the form http://hostname/url or "//hostname/url". For a World Wide Web page, this means that the URL includes a hostname plus a path plus the name of the resource. For example, consider a web page named "item.html". Consider too a path for that web page named "shopping/product". Further consider that the host for the web page is www.uspto.net. Thus, the full-qualified link to this web page is
http://www.uspto.net/shoppinQ/product/item.html.
The data network 160 may include the Internet, local area networks, wide area networks, wired networks, and wireless networks. Separate networks may be provided for interconnecting the other components 110, 120, 140.
The proxy server 110 comprises a server or collection of servers which provide the functionality described herein, primarily through software. Like the remote server 140, the proxy server 110 may be accessed and utilized, for example, by the browser 121. An identifier is associated with the proxy server 110 to allow the proxy server 110 and digital content on the proxy server 110 to be identified from the data network 160. For TCP/IP networks, the identifier may be a hostname, which is unique within the network.
The proxy server 110 operates transparently between the client device 120 and the remote server 140. This means that the user of the client device 120 does not know that the proxy server 110 is intercepting the electronic traffic between the client device 120 and the remote server 140. The proxy server 110 communicates with the browser 123 and the remote server 140 in providing remote pages back to the browser 123. The proxy server 110 may cache the remote pages, wherein the browser 123 explicitly returns to the proxy server 110 which specifies the remote page or pages to hit. Caching may increase the speed of subsequent page hits.
As described further below, when a user wishes to access or utilize the remote server 140, the user is redirected to the proxy server 110, which proxies all the information from the remote server 140 in real time. The proxy server 110 may ensure that:
the current user is a valid user;
user interaction with the remote server 140 always returns control back to the proxy server 140;
HTTP cookies are processed and proxied; forms on the remote server 140 are automatically filled out; and
selected information such as credit card numbers are not available to the client device 120. 5
The Methods of the Invention
The methods of the invention may be practiced by a user shopping at the remote server 140. As described in our io co-pending application identified above, a user may register with a surrogate shopping service, and indicate that he wishes to begin shopping at the remote server 140 from a web site of the surrogate system. This may then cause the proxy server 110 to become involved. In such circum- 15 stances, it may be desirable to modify remote pages before they are provided to the browser 123. For example, to ensure that the proxy server 110 always has control, the proxy server 140 may modify remote pages so that if the user clicks on a hyperlink on the modified remote page, the 20 modified remote page causes the browser 123 to return to a server of the surrogate system, such as the proxy server 110.
Referring now to FIG. 2, there is shown a flow chart of a method of providing transparent proxy services in accordance with the invention. After the user has requested a 25 remote page from the proxy server 110 (step 205), the proxy server 110 may request the requested remote page from the remote server 140 (step 210). In response, the remote server 140 may transmit the remote page to the proxy server 110.
The remote server 140 may precede the remote page with 30 one or more headers. Headers are commonly used in HTTP. The headers may include references to the remote server 140 which should be modified (step 215). Certain kinds of headers may cause a new page to be loaded. Two such HTTP headers are "Location" and "Content-Location". If there is 35 a "Location" header, the proxy server 110 may modify the hostname in the Location header. If there is a "ContentLocation" header, the proxy server 110 may modify the hostname in the Content-Location header.
These modifications and others described below may be 40 made in a number of ways. These modifications generally take the form of inserting a surrogate server hostname into references to the remote server hostname, and/or replacing the remote server hostname with the surrogate server hostname. The surrogate server hostname may be the same as the 45 proxy server hostname, or it may be a hostname of another server of the surrogate system. The following discussion will include examples of how TCP/IP and HTTP references may be modified, along with actual examples of how the modifications would appear. In these examples, it is assumed that 50 the hostname of the proxy server 110 is "irs.com", the hostname of the remote server 140 is "uspto.net" and the reference to the remote server 140 is a fully qualified URL or hyperlink such as http://www.uspto.net/shopping/product/item.html. 55
In one manner of modification, the surrogate server hostname is appended to the hostname of the remote server 140. In the example, the modified reference is http://www.uspto.net.irs.com/shopping/product/item.html.
In another manner of modification, the surrogate server 60 hostname is inserted into reference to the remote page and the hostname of the remote server 140 is made part of the local path. Here, the reference is modified so that the surrogate server hostname is the only hostname in the reference. In the example, the modified reference is http:// 65 irs.com/www.uspto.net/dir/file.html. In this case, when the proxy server 110 receives a request with such as reference,
the surrogate server hostname can be stripped out, and the hostname of the remote server 140 can be drawn from the front of the path.
A third manner of modification is a variation of the second manner of modification, just described. In this modification, two or three additional changes are made. First, the hostname of the remote server 140 is made to read backwards. In the example, the modified reference is http://irs.com/ten.otrsu.www/shopping/prodct/item.html. Second, periods (".") are changed to slashes ("/") in the hostname of the remote server 140. In the example, the modified reference is http://irs.com/ten/otpsu/www/shoppinQ/product/item.html. A separator, such as a caret (""") may be inserted between the reversed hostname of the remote server 140 and the remainder of the path. In the example, the modified reference is http://irs.com/ten/ otpsu/7shopping/product/item.html. It is well know that a cookie may be passed within a header. For such "Set-cookie" headers, the proxy server 110 may modify the "domain" portion of the cookie if it exists. The third manner of modification, just described, provides an effective way to manage cookies that are passed between the browser 123 and the remote server 140. When cookies are passed from the remote server 140 to the browser 123, they contain an optional domain name and path specification. The browser 123 uses these values to determine whether or not to send the cookies back to the remote server 110 on subsequent requests. Since the remote server 110 is proxied by the (single) surrogate server hostname (e.g., proxy.rocketcash.com), the hostname information in the cookie cannot be used. However, since the hostname information for the remote server 140 is specified as the initial segments of the URL path, the browser 123 can emulate the hostname functionality by writing the hostname information into the path specifier for the cookie.
For example, if the domain specifier for a cookie is ".netzero.net", the equivalent path specifier would be the reversed version (again, replacing periods with slashes) which would be "/ten/orezten/". The domain specifier for the cookie can then be removed. Since the path specifier for the cookie now contains the original domain information, the original path information is prepended to the cookie value and terminated with a """ separator. For example, if the cookie value is "data" and the path is "/images", the new cookie value would be "/images'data".
Using this technique, the browser 123 sends cookies that are appropriate for the current remote domain, but this may include cookies that would otherwise not have been sent if the original path did not match the URL path. As cookies are sent from the browser 123 back to the remote server 140, the proxy server 110 removes the original path information from the cookie value and compares that path with the path of the current URL. If the path from the cookie matches the initial path of the current URL, the cookie is forwarded to the remote server 140, otherwise it is removed from the HTTP header.
After the headers have been modified (step 215), the proxy server 110 may parse the remote page for references (step 220). References in the remote page may then be modified in the manner described above to form a modified requested web page (step 225).
In the next step of the method, the proxy server 110 serves the modified remote page to the browser 123 (step 240). The user may then continue browsing as before (step 250).
If the user selects a modified link in the modified remote page (step 260), then the browser 123 requests the page identified by the modified link from the surrogate server
|
