公开(公告)号：US20160182517A1

公开(公告)日：2016-06-23

申请号：US14578223

申请日：2014-12-19

Applicant: CloudFlare, Inc.

Inventor： Nicholas Thomas Sullivan ,  Zi Lin ,  Rajeev Devendra Sharma

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  G06F17/30

CPC classification number: H04L63/0435 ,  G06F17/3089 ,  H04L9/0819 ,  H04L9/14 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/10 ,  H04L63/168 ,  H04L67/2842 ,  H04L2209/24

Abstract: A request for a web page is received and the requested web page is retrieved. The web page is modified to obfuscate a set of form attribute values into a corresponding set of obfuscated form attribute values. The modified web page is transmitted to the requesting device. The modified web page does not include the set of form attribute values in their original form. Form data for the set of obfuscated form attribute values is received from the requesting device. The set of obfuscated form attribute values is deobfuscated thereby revealing the original set of form attribute values. The form data for the set of original form attribute values is further processed.

Abstract translation: 接收到对网页的请求，并且检索所请求的网页。 修改网页以将一组表单属性值混淆到相应的一组混淆形式属性值中。 被修改的网页被发送到请求设备。 修改后的网页不包含其原始形式的表单属性值集合。 从请求设备接收到用于一组混淆形式属性值的表单数据。 混淆形式属性值的集合被反混淆，从而揭示原始的表单属性值集合。 进一步处理原始表单属性值集合的表单数据。

公开(公告)号：US10305871B2

公开(公告)日：2019-05-28

申请号：US14964491

申请日：2015-12-09

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Lee Hahn Holloway ,  Piotr Sikora ,  Ryan Lackey ,  John Graham-Cumming ,  Dane Orion Knecht ,  Patrick Donahue ,  Zi Lin

IPC: H04L29/06 ,  G06F21/33

Abstract: A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client.

公开(公告)号：US09843565B2

公开(公告)日：2017-12-12

申请号：US15219139

申请日：2016-07-25

Applicant: CloudFlare, Inc.

Inventor： Nicholas Thomas Sullivan ,  Zi Lin ,  Rajeev Devendra Sharma

IPC: H04L29/06 ,  G06F17/30 ,  H04L9/08 ,  H04L9/14 ,  H04L29/08

CPC classification number: H04L63/0435 ,  G06F17/3089 ,  H04L9/0819 ,  H04L9/14 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/10 ,  H04L63/168 ,  H04L67/2842 ,  H04L2209/24

Abstract: A request for a web page is received and the requested web page is retrieved. The web page is modified to obfuscate a set of form attribute values into a corresponding set of obfuscated form attribute values. The modified web page is transmitted to the requesting device. The modified web page does not include the set of form attribute values in their original form. Form data for the set of obfuscated form attribute values is received from the requesting device. The set of obfuscated form attribute values is deobfuscated thereby revealing the original set of form attribute values. The form data for the set of original form attribute values is further processed.

公开(公告)号：US20160337324A1

公开(公告)日：2016-11-17

申请号：US15219139

申请日：2016-07-25

Applicant: CloudFlare, Inc.

Inventor： Nicholas Thomas Sullivan ,  Zi Lin ,  Rajeev Devendra Sharma

IPC: H04L29/06 ,  H04L29/08 ,  G06F17/30

CPC classification number: H04L63/0435 ,  G06F17/3089 ,  H04L9/0819 ,  H04L9/14 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/10 ,  H04L63/168 ,  H04L67/2842 ,  H04L2209/24

Abstract: A request for a web page is received and the requested web page is retrieved. The web page is modified to obfuscate a set of form attribute values into a corresponding set of obfuscated form attribute values. The modified web page is transmitted to the requesting device. The modified web page does not include the set of form attribute values in their original form. Form data for the set of obfuscated form attribute values is received from the requesting device. The set of obfuscated form attribute values is deobfuscated thereby revealing the original set of form attribute values. The form data for the set of original form attribute values is further processed.

公开(公告)号：US10904227B2

公开(公告)日：2021-01-26

申请号：US15839494

申请日：2017-12-12

Applicant: Cloudflare, Inc.

Inventor： Nicholas Thomas Sullivan ,  Zi Lin ,  Rajeev Devendra Sharma

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/08 ,  H04L9/14 ,  G06F16/958

Abstract: A request for a web page is received and the requested web page is retrieved. The web page is modified to obfuscate a set of form attribute values into a corresponding set of obfuscated form attribute values. The modified web page is transmitted to the requesting device. The modified web page does not include the set of form attribute values in their original form. Form data for the set of obfuscated form attribute values is received from the requesting device. The set of obfuscated form attribute values is deobfuscated thereby revealing the original set of form attribute values. The form data for the set of original form attribute values is further processed.

公开(公告)号：US20170171247A1

公开(公告)日：2017-06-15

申请号：US14967156

申请日：2015-12-11

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Rajeev Devendra Sharma ,  Ryan Lackey ,  Zi Lin

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L63/20 ,  H04L61/1511 ,  H04L63/0281 ,  H04L63/166 ,  H04L67/02

Abstract: A method and apparatus for enabling an HSTS policy for a subdomain of a domain is described. A request for content at a subdomain of a domain is received at a proxy server from a client device over a secure transport. The proxy server determines whether the subdomain is associated with a rule indicating that Hypertext Transport Protocol Strict Transport Security (HSTS) is to be enabled for the subdomain of the domain. Responsive to determining that the subdomain is associated with the rule, the proxy server transmits, to the client device, a first response that includes an HSTS header and which instructs the client device to communicate only over the secure transport for requests for content at the subdomain, wherein the first response includes the HSTS header regardless of whether HSTS has been enabled for the subdomain at an origin server.

公开(公告)号：US20170171172A1

公开(公告)日：2017-06-15

申请号：US14964491

申请日：2015-12-09

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Lee Hahn Holloway ,  Piotr Sikora ,  Ryan Lackey ,  John Graham-Cumming ,  Dane Orion Knecht ,  Patrick Donahue ,  Zi Lin

IPC: H04L29/06 ,  G06F21/33

CPC classification number: H04L63/061 ,  G06F21/33 ,  H04L63/205

Abstract: A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client.

公开(公告)号：US10893031B2

公开(公告)日：2021-01-12

申请号：US16422947

申请日：2019-05-24

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Lee Hahn Holloway ,  Piotr Sikora ,  Ryan Lackey ,  John Graham-Cumming ,  Dane Orion Knecht ,  Patrick Donahue ,  Zi Lin

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/33

Abstract: A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client.

公开(公告)号：US20190281032A1

公开(公告)日：2019-09-12

申请号：US16422947

申请日：2019-05-24

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Lee Hahn Holloway ,  Piotr Sikora ,  Ryan Lackey ,  John Graham-Cumming ,  Dane Orion Knecht ,  Patrick Donahue ,  Zi Lin

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/33

Abstract: A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client.

公开(公告)号：US10178128B2

公开(公告)日：2019-01-08

申请号：US14967156

申请日：2015-12-11

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Thomas Sullivan ,  Rajeev Devendra Sharma ,  Ryan Lackey ,  Zi Lin

IPC: G06F17/00 ,  H04L29/06 ,  H04L29/08 ,  H04L29/12

Abstract: A method and apparatus for enabling an HSTS policy for a subdomain of a domain is described. A request for content at a subdomain of a domain is received at a proxy server from a client device over a secure transport. The proxy server determines whether the subdomain is associated with a rule indicating that Hypertext Transport Protocol Strict Transport Security (HSTS) is to be enabled for the subdomain of the domain. Responsive to determining that the subdomain is associated with the rule, the proxy server transmits, to the client device, a first response that includes an HSTS header and which instructs the client device to communicate only over the secure transport for requests for content at the subdomain, wherein the first response includes the HSTS header regardless of whether HSTS has been enabled for the subdomain at an origin server.