This disclosure relates generally to information transfer and, more particularly, to a system and method for transferring information between a HyperText Transfer Protocol (HTTP) client and an HTTP server.
A prior art system and method for transferring information between a server and a client is described in U.S. Pat. No. 5,774,670 issued Jun. 30, 1998 to Montulli. In this prior art system and method, an HTTP client requests a file from an HTTP server. The HTTP client and HTTP server are both computers that use the HTTP to communicate with each other. After the HTTP server receives the request, it transmits the file, as well as a state object, to the HTTP client. The state object, also known as a “cookie”, typically includes a name attribute, an expiration attribute, a domain attribute, a path attribute, and an attribute requesting transmission using a secure channel.
The name attribute serves to identify a cookie and is a name for the cookie while the expiration attribute defines the valid lifetime of the cookie while the expiration attribute defines the valid lifetime of the corresponding cookie. The domain attribute defines a domain in which the cookie is valid and is set using the domain name (store.com, for example) of the server sending the file to the client. The client would examine the domain attribute when making future server requests. If the server that the client system is accessing falls within the defined domain name, then the cookie may be sent to the server when making the request. Thus, after making an initial request to the server and providing information to the server (such as a user name, password, credit card information, etc.), future requests to the server within the domain name can be made without having to continually provide the information. This information is sent in the cookie.
The path attribute is used to specify a subset of file system directories in a domain for which the cookie is valid. If a cookie is valid within a particular domain, then the path name (\music, for example) for a requested document is compared with the path attribute. If there is a match, the cookie is considered valid and is sent with the request.
In some systems, the attribute requesting transmission using a secure channel will only transmit the cookie to an HTTP server over a secure sockets layer (SSL), referred to as an HTTPS server.
There are, however, many limitations associated with using such a prior art system and method. To begin with, a state object is transmitted from a server to a client only after the client has requested information (such as a file, document, video, etc.) from the server. Thus, a client must have interaction with a server before the state object can be sent from the server and stored on the client to be used in future requests to the server. Another limitation is the fact that the state object can only be used when a future request is made from the client to a server that is within the domain identified in the domain attribute. If the client requests information from a server that is not within the identified domain name, then the state object may not be used. Instead, another state object must be created by the server in the new domain being accessed. For example, a user may provide information to a domain name (such as store1.com) to purchase a compact disk (CD). If the user then wanted to access a different domain name (such as store2.com) to purchase another compact disk, the store1.com state object could not be utilized. Instead, the user would have to provide much of the same information to store2.com that was provided to store1.com so that a new state object could be created to allow the user to perform a similar function (e.g., buy a CD) from store2.com. Thus, transactions may only be handled between specific clients and specific servers. This leads to inefficiencies for the user and within the network because time will be spent creating multiple state objects that perform similar functionality and space will be utilized storing these multiple state objects.