Summary of the invention
For above-mentioned defect, the object of the present invention is to provide a kind of method and system prevented across station request forgery attack, by the strategy file that service end provides, it judges whether client-requested forges, ensure that the request do not allowed by strategy file can not carry the cookie of user, ensure that the network security of client, solve service end in prior art and do not understand context that client-requested sends and client does not understand the problem which request is service end wish to accept.
To achieve these goals, the invention provides a kind of method prevented across station request forgery attack, described method comprises the steps:
Client, when receiving the Page messages of browser, generates HTTP request;
Described client carries out filtration treatment according to the strategy file obtained from service end to the cookie information in described HTTP request;
Described HTTP request after filtration treatment is sent to described service end by described client.
According to method of the present invention, described client comprises the step that the cookie information in described HTTP request carries out filtration treatment according to the strategy file obtained from service end:
Described client searches the associating policy file of described HTTP request in local file system;
The timestamp that described client does not find the described associating policy file in described associating policy file or described local file system is less than the up-to-date timestamp of the described associating policy file in described service end, upgrades described strategy file from described service end.
According to method of the present invention, described client comprises search the step of the associating policy file of described HTTP request in local file system after:
Described client obtains the up-to-date timestamp of described associating policy file from described service end;
In described client, the up-to-date timestamp of the timestamp of the described associating policy file in local file system with the described associating policy file obtained from described service end is contrasted.
According to method of the present invention, described client also comprises the step that the cookie information in described HTTP request carries out filtration treatment according to the strategy file obtained from service end:
Described client searches processing result information as keyword according to the source address information in described HTTP request, target address information in strategy file;
And according to the described processing result information found, determine whether delete or revise the cookie information in described HTTP request.
According to method of the present invention, the step that described client searches processing result information according to the source address information in described HTTP request, target address information as keyword in strategy file comprises:
Described client searches corresponding strategy entries according to the target address information in described HTTP request in described strategy file, and described strategy file comprises the strategy entries of multiple origin source address information, target address information and processing result information composition;
Described client judges whether the source address information in described HTTP request mates with the source address information in the strategy entries found;
If coupling, described in processing result information in the strategy entries that finds be required processing mode.
The present invention is corresponding provides a kind of system prevented across station request forgery attack, and described system comprises client and service end, and described client comprises:
Request generation module, for when receiving the Page messages of browser, generates HTTP request;
Processing module, for carrying out filtration treatment according to the strategy file obtained from described service end to the cookie information described HTTP request;
Request sending module, for being sent to described service end by the described HTTP request after filtration treatment.
According to system of the present invention, described processing module also comprises strategy file updating block,
Described strategy file updating block is used for the associating policy file searching described HTTP request in local file system, and for less than the up-to-date timestamp of the described associating policy file in described service end at the timestamp not finding the described associating policy file in described associating policy file or described local file system, upgrade described strategy file from described service end.
According to system of the present invention, described strategy file updating block comprises:
Timestamp obtains subelement, for obtaining the up-to-date timestamp of described associating policy file from described service end;
Timestamp contrast subunit, for contrasting the up-to-date timestamp of the timestamp of the described associating policy file in local file system with the described associating policy file obtained from described service end.
According to system of the present invention, described processing module also comprises cookie information filtration treatment unit,
Described cookie information filtration treatment unit is used in strategy file, searching processing result information as keyword according to the source address information in described HTTP request, target address information, and for determining whether delete or revise the cookie information in described HTTP request according to the processing result information found.
According to system of the present invention, described cookie information filtration treatment unit comprises:
Strategy entries inquiry subelement, for searching corresponding strategy entries in described strategy file according to the target address information in described HTTP request, described strategy file comprises the strategy entries of multiple origin source address information, target address information and processing result information composition;
Coupling subelement, for judging whether the source address information in described HTTP request mates with the source address information in the strategy entries found, if mate, described in processing result information in the strategy entries that finds be required processing mode.
The present invention passes through at the strategy file of client maintenance from service end, and determine that the cookie information whether retaining each HTTP request generated by client carries out filtration treatment according to this strategy file content, finally the HTTP request after filtration is sent to service end.Because strategy file is provided by service end, the request which page its hope of service end accurate definition receives from, client carries out true and false judgement according to strategy file to HTTP request, ensure that the request do not allowed by strategy file can not carry the cookie of user, service end does not wish that the request accepted can not be sent by client, ensure that the network security of client.Solve service end in prior art and do not understand context that client-requested sends and client does not understand the problem which request is service end wish to accept.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
The invention provides a kind of method and system prevented across station request forgery attack, target is that protection client is not attacked by CSRF.The basic reason of CSRF success attack is: when service end receives a client-requested, and service end is difficult to judge by the content of this client-requested the occasion (namely how this request is sent by browser) that this request sends; And when browser end sends a request, although browser end knows the occasion that this request sends, and do not know the safety regulation of request object website, therefore can indistinguishably cookie field be joined in request content.Method and system provided by the invention, the strategy file filtered is asked by being provided one by service end, filtered before request sends by the content of browser end strategically file, and safeguard that the local policy file moment keeps the update rule of last state, ensure that request that each is sent by browser end meets the safety regulation of request target website.
As shown in Figure 1, the invention provides a kind of system prevented across station request forgery attack, this system comprises client 100 and service end 200.User visits application site by the browser of client 100, the server that this service end 2000 is disposed for application site.Wherein, this client 100 comprises: request generation module 10, processing module 20 and request sending module 30.
Request generation module 10, for when receiving the Page messages of browser, generates HTTP request.When user uses client 100 browsing page, the event (as clicked) that client 100 can trigger on webpage according to script sentence or the user of webpage, generates HTTP request.
Processing module 20, for carrying out filtration treatment according to the strategy file obtained from service end 200 to the cookie information HTTP request.
Request sending module 30, for being sent to service end 200 by the HTTP request after filtration treatment.Thus ensure that the request do not allowed by strategy file can not carry the cookie of user, Deterministic service end 200 does not wish that the request accepted can not be sent by client 100, ensure that the network security of client 100.
As shown in Figure 1, processing module 20 comprises strategy file updating block 21 and cookie information filtration treatment unit 22.
Strategy file updating block 21, for searching the associating policy file of described HTTP request in local file system, and for less than the up-to-date timestamp of the associating policy file in service end at the timestamp not finding the associating policy file in associating policy file or local file system, from service end 200 update strategy file.Timestamp is less, then the modification time of this strategy file more early, and this strategy file is older; Timestamp is larger, then the modification time of this strategy file is more late, and this strategy file is newer.
Concrete, after client 100 generates HTTP request, client 100 checks the target URL of this HTTP request, searches whether there is corresponding strategy file according to the domain name at target URL in local file system.Local strategy file can be given tacit consent to and all leaves in a certain catalogue, and according to fixing file name formats (as " policy_ domain name .sqlite ").As long as be aware of the domain name field of the target URL of certain request like this, just can obtain path and the filename of its local policy file accordingly, and then know whether this local policy file exists and it revises the date recently.If the modification time of the associating policy file in the local file system of client 100 is more Zao than the modification time of the associating policy file in service end 200, then client 100 needs from service end 200 update strategy file, ensures that the strategy file that client 100 uses is up-to-date.Client 100 can initiate the request of file download to service end 20020, the strategy file of service end 200 is downloaded to local default path, and covers local strategy file (if local file system has strategy file).
Cookie information filtration treatment unit 22, for searching processing result information as keyword according to the source address information in described HTTP request, target address information in strategy file, and for determining whether delete or revise the cookie information in described HTTP request according to the processing result information found.Concrete, strategy file comprises the strategy entries of multiple origin source address information, target address information and processing result information composition.Cookie information filtration treatment unit 22 processes HTTP request according to the processing result information found.If result is safety, then HTTP request is not made an amendment; If result is dangerous, then delete the cookie field in this HTTP request; If result has other to describe, such as, only delete some value in cookie, then delete the analog value in cookie field in this request.Need by the legal cookie ability success of user because CSRF attacks, if therefore this HTTP request is legitimate request, then its strategy entries can be shown as " permission " in strategy file, thus its cookie field can be retained; If this HTTP request is illegal request, then its strategy entries can not occur (also namely can not find processing result information as keyword according to the source address information in HTTP request, target address information in strategy file) in strategy file, or be shown as " not allowing ", therefore its cookie field is deleted.And when the HTTP request of service end 200 receive that client 100 sends not containing cookie field, owing to cannot judge user identity, service end 200 can not carry out the operation relevant to this user identity, thus avoids CSRF attack.
As shown in Figure 1, strategy file updating block 21 also comprises timestamp acquisition subelement 211 and timestamp contrast subunit 212.
Timestamp obtains subelement 211, for obtaining the up-to-date timestamp of associating policy file from service end 200.Concrete, client 100 is according to the domain name of the target of HTTP request, and the time service interface to corresponding domain sends a GET request, obtains the up-to-date timestamp of the strategy file in this territory.This time service interface can be a page script, its URL can be the fixed position under domain name, such as " domain name/time.jsp ", its function is acceptance GET request, read the amendment date of the strategy file (such as " domain name/policy_ domain name .sqlite ") in this territory afterwards, then this date value is added in response message, sent to by response message GET to ask source client.
Timestamp contrast subunit 212, for contrasting the up-to-date timestamp of the timestamp of the associating policy file in local file system with the described associating policy file obtained from service end 200.
As shown in Figure 1, cookie information filtration treatment unit 22 also comprises strategy entries inquiry subelement 221 and coupling subelement 222.
Strategy entries inquiry subelement 221, for searching corresponding strategy entries in strategy file according to the target address information in HTTP request, strategy file comprises the strategy entries of multiple origin source address information, target address information and processing result information composition.
Coupling subelement 222, for judging whether the source address information in HTTP request mates with the source address information in the strategy entries found, if coupling, the processing result information in the strategy entries found is required processing mode.Concrete, the content of strategy file is the strategy entries composition of " address, source; destination address; result " by several forms, address regular expression of wherein originating is expressed, client 100 searches corresponding strategy entries according to the destination address of this HTTP request in strategy file, after finding corresponding strategy entry, the address, source checking this HTTP request whether with address, the source matching regular expressions of this entry, if coupling, the result field of this entry is required processing mode.
In the present invention, client 100 for providing the function of web browser, and after HTTP request generates, is carried out CSRF filtration treatment to it, is sent request more afterwards.This client 100 comprises strategy file updating block 21 and cookie information filtration treatment unit 22, strategy file updating block 21 is for checking the timestamp of local policy file, by the timestamp of GET acquisition request Thin Client Thick Server file, and determine the need of transaction file by comparing timestamp.Obtain the up-to-date strategy file of server end finally by file download and cover local file.Cookie information filtration treatment unit 22 is searched as keyword for address, source, the destination address of this being asked in strategy file, according to the result found, determines whether delete the cookie field contents in this request.Service end 200 is for providing the function of web site server end, and the fixed position under its domain name provides strategy file and time service interface.
As shown in Figure 2, the present invention is corresponding provides a kind of method prevented across station request forgery attack, and the method is realized by the system in Fig. 1.The method comprises:
Step S201, client, when receiving the Page messages of browser, generates HTTP request.This step is realized by request generation module 10 as shown in Figure 1.
Step S202, client carries out filtration treatment according to the strategy file obtained from service end to the cookie information in HTTP request.This step is realized by processing module 20 as shown in Figure 1.
Step S203, the HTTP request after filtration treatment is sent to service end by client.This step is realized by request sending module 30 as shown in Figure 1.
Preferably, client comprises the step that the cookie information in HTTP request carries out filtration treatment according to the strategy file obtained from service end: client searches the associating policy file of HTTP request in local file system; The timestamp that client does not find the associating policy file in associating policy file or local file system is less than the up-to-date timestamp of the associating policy file in service end, from service end update strategy file.
Preferably, client comprises search the step of the associating policy file of HTTP request in local file system after: client obtains the up-to-date timestamp of associating policy file from service end; In client, the up-to-date timestamp of the timestamp of the associating policy file in local file system with the associating policy file obtained from service end is contrasted.
Preferably, client also comprises the step that the cookie information in HTTP request carries out filtration treatment according to the strategy file obtained from service end: client searches processing result information as keyword according to the source address information in HTTP request, target address information in strategy file; And according to the processing result information found, determine whether delete or revise the cookie information in HTTP request.
Preferably, the step that client searches processing result information according to the source address information in HTTP request, target address information as keyword in strategy file comprises: client searches corresponding strategy entries according to the target address information in HTTP request in strategy file, and strategy file comprises the strategy entries of multiple origin source address information, target address information and processing result information composition; Client judges whether the source address information in HTTP request mates with the source address information in the strategy entries found; If coupling, the processing result information in the strategy entries found is required processing mode.
Fig. 3 is the flow chart that the present invention prevents a kind of specific embodiment of method across station request forgery attack.This flow process comprises the following steps:
Step S301, client generates HTTP request.When user uses client 100 browsing page, the event (as clicked) that client can trigger on webpage according to the script sentence of webpage or user, generates HTTP request.In the present invention, client can not perform after generating HTTP request at once, but introduces the handling process of following steps.
Step S302, checks whether the strategy file corresponding with HTTP request in local file system.If have, enter step S303, otherwise enter step S305.After client 100 generates HTTP request, client checks the target URL of this HTTP request, searches whether there is corresponding strategy file according to the domain name at target URL in local file system.Local strategy file can be given tacit consent to and all leaves in a certain catalogue, and according to fixing file name formats (as " policy_ domain name .sqlite ").As long as be aware of the domain name field of the target URL of certain request like this, just can obtain path and the filename of its local policy file accordingly, and then know whether this local policy file exists and it revises the date recently.
Step S303, client is according to the domain name of the target of this request, and the time service interface to corresponding domain sends a GET request, obtains the up-to-date timestamp of the strategy file in this territory.This time service interface can be a page script, its URL can be the fixed position under domain name, such as " domain name/time.jsp ", its function is acceptance GET request, read the amendment date of the strategy file (such as " domain name/policy_ domain name .sqlite ") in this territory afterwards, then this date value is added in response message, sent to by response message GET to ask source client.
Step S304, client judges whether the timestamp of local policy file is less than the timestamp of the strategy file that GET request obtains.If local time stamp is less than the timestamp that GET request obtains, then perform step S305; Local time stamp is not less than the timestamp that GET request obtains, then perform step S306.In this step, timestamp is less, then the modification time of this strategy file more early, and this strategy file is older; Timestamp is larger, then the modification time of this strategy file is more late, and this strategy file is newer.
Step S305, client upgrades local strategy file.Concrete, the strategy file due to client this locality do not exist or its timestamp older than the timestamp of the strategy file of server end, therefore need to upgrade, ensure that the strategy file that client uses is up-to-date.Client can initiate the request of file download to service end, the strategy file of service end is downloaded to local default path, and covers local strategy file (if local file system has strategy file).
Step S306, client reads local strategy file and inquires about.In this step, the content of strategy file is the strategy entries composition of " source address information, target address information, processing result information " by several forms, and address regular expression of wherein originating is expressed.Client searches corresponding entry according to the destination address of this HTTP request in strategy file.After finding respective entries, the address, source checking this HTTP request whether with address, the source matching regular expressions of this entry, if coupling, the result field of this entry is required processing mode.
Step S307, client carries out filtration treatment according to the result found to HTTP request.Concrete, client processes HTTP request according to the processing result information found in step S306, if result is safety, then to the amendment that begs off from doing; If result is dangerous, then delete the cookie field in this request; If result has other to describe, such as, only delete some value in cookie, then delete the analog value in cookie field in this request.
Step S308, the request be disposed is sent to service end by client.
Step S309, service end receives this request and carries out respective handling.
Need by the legal cookie ability success of user because CSRF attacks, if therefore this HTTP request is legitimate request, then its strategy entries can be shown as " permission " in strategy file, thus its cookie field can be retained; If this HTTP request is illegal request, then its strategy entries can not occur (also namely can not find processing result information as keyword according to the source address information in HTTP request, target address information in strategy file) in strategy file, or be shown as " not allowing ", therefore its cookie field is deleted.And when the HTTP request of service end receive that client sends not containing cookie field, owing to cannot judge user identity, service end can not carry out the operation relevant to this user identity, thus avoids CSRF attack.
In sum, the present invention passes through at the strategy file of client maintenance from service end, and determine that the cookie information whether retaining each HTTP request generated by client carries out filtration treatment according to this strategy file content, finally the HTTP request after filtration is sent to service end.Because strategy file is provided by service end, the request which page its hope of service end accurate definition receives from, client carries out true and false judgement according to strategy file to HTTP request, ensure that the request do not allowed by strategy file can not carry the cookie of user, service end does not wish that the request accepted can not be sent by client, ensure that the network security of client.Solve service end in prior art and do not understand context that client-requested sends and client does not understand the problem which request is service end wish to accept.
Certainly; the present invention also can have other various embodiments; when not deviating from the present invention's spirit and essence thereof; those of ordinary skill in the art are when making various corresponding change and distortion according to the present invention, but these change accordingly and are out of shape the protection range that all should belong to the claim appended by the present invention.