CN105530127B - A kind of method and proxy server of proxy server processing network access request - Google Patents

A kind of method and proxy server of proxy server processing network access request Download PDF

Info

Publication number
CN105530127B
CN105530127B CN201510916886.9A CN201510916886A CN105530127B CN 105530127 B CN105530127 B CN 105530127B CN 201510916886 A CN201510916886 A CN 201510916886A CN 105530127 B CN105530127 B CN 105530127B
Authority
CN
China
Prior art keywords
access
heading
client
server
target server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510916886.9A
Other languages
Chinese (zh)
Other versions
CN105530127A (en
Inventor
游九龙
陈卫哨
张华�
刘志祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510916886.9A priority Critical patent/CN105530127B/en
Publication of CN105530127A publication Critical patent/CN105530127A/en
Application granted granted Critical
Publication of CN105530127B publication Critical patent/CN105530127B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0823Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/562Brokering proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • H04L67/5651Reducing the amount or size of exchanged application data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of method of proxy server processing network access request and a kind of proxy servers.This method comprises: receiving the heading of the network request message of client;According to the access target server info in heading, the access target server is connected;The message body for receiving the network request message of client, is sent to access target server for the message body;It receives the Data Concurrent that access target server returns and gives client.Technical solution of the present invention is when establishing the connection with access target server, it does not need to receive complete message, but after the heading for receiving network request message, the information in heading establishes the connection with access target server based on the received, transmission time is shortened, the speed of processing network access is improved, is conducive to the performance for improving proxy server, the waiting time for saving user simultaneously, improve user experience.

Description

A kind of method and proxy server of proxy server processing network access request
Technical field
The present invention relates to Internet technical field, in particular to a kind of method of proxy server processing network access request And proxy server.
Background technique
Proxy server is a kind of special network service, and a network terminal (generally client) is allowed to pass through this Service carries out indirect connection with another network terminal (generally server).Client is created with proxy server first Connection, then according to agency agreement used in proxy server, request creates connection to destination server or obtains target The specified resource of server.Agency service is conducive to the privacy or safety of Logistics networks terminal, prevents from attacking, but when agency's clothes When the speed for device processing network access request of being engaged in is excessively slow, it also will increase the waiting time of user, reduce user experience.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind State the method and proxy server of a kind of proxy server processing network access request of problem.
According to one aspect of the present invention, a kind of method of proxy server processing network access request, the party are provided Method includes:
Receive the heading of the network request message of client;
According to the access target server info in heading, the access target server is connected;
The message body for receiving the network request message of client, is sent to access target server for the message body;
It receives the Data Concurrent that access target server returns and gives the client.
Optionally, when the access target server info in heading is the IP address of access target server, directly According to the IP address connected reference destination server;
When the access target server info in heading is the domain name of access target server, this method is further wrapped Include: nslookup system dns server obtains the IP address of access target server, and visits according to IP address connection is obtained Ask destination server.
Optionally, this method further comprises:
The data correspondence that the specified content of the heading and access target server return is saved in caching;
After receiving the heading of network request message of client, cached according to the specified content search in heading, If reading data corresponding with the content in caching there are identical content in caching and returning to the client.
Optionally, the data correspondence that the specified content of the heading and access target server are returned is saved in It include: that the specified content of the heading is saved in level cache in caching, the data that access target server is returned Correspondence is saved in L2 cache, and establishes mapping relations between the two;
The specified content search according in heading caches, if there are identical contents in caching, reads slow Depositing data corresponding with the content and returning to the client includes: according to the specified content search level cache in heading, such as There are identical contents in fruit level cache, then read data corresponding with the content in L2 cache according to the mapping relations Return to the client.
Optionally, this method further comprises:
When the data correspondence that the specified content of the heading and access target server return is saved in caching, into Corresponding expired time is arranged in one step;
After receiving the heading of network request message of client, cached according to the specified content search in heading When, if reading data corresponding with the content in caching there are identical content and not out of date in caching and returning to the client End.
Optionally, this method further comprises:
Data of distance in the query caching expired time in preset threshold, carry out these data to prefetch place Reason.
Optionally, this method further comprises:
Access target server info in heading is matched with blacklist;Refusal is saved in the blacklist Or redirect the access target server list for the network access request that proxy server is sent;
When the blacklist described in the match hit, error code is returned to client.
Optionally, this method further comprises:
Access log is analyzed, when finding that multiple client accesses the result exception that the same webpage is returned, to this Webpage is verified;
If verification result is that the webpage is normal, the relevant target access service device information of the webpage is counted, When counting reaches preset condition, the relevant target access service device information of the webpage is added in blacklist.
Optionally, the described pair of webpage, which verify, includes:
It is directly connected to the corresponding target access service device of the webpage by client-side program, and obtains access result;
According to the access result verification of the acquisition webpage.
According to another aspect of the invention, a kind of proxy server is proposed, which includes:
Access request processing unit, the heading of the network request message suitable for receiving client;
Processing unit is connected, suitable for connecting the access target service according to the access target server info in heading Device;
The access request processing unit is further adapted for receiving the message body of the network request message of client, by the message Body is sent to access target server;It receives the Data Concurrent that access target server returns and gives the client.
Optionally, the connection processing unit, suitable for being access target when the access target server info in heading When the IP address of server, directly according to the IP address connected reference destination server;When the access target service in heading When device information is the domain name of access target server, further nslookup system dns server obtains access target server IP address, and according to obtain the IP address connected reference destination server.
Optionally, which further comprises: cache unit;
The access request processing unit is further adapted for returning to the specified content of the heading and access target server Data correspondence be saved in cache unit;After receiving the heading of network request message of client, according in heading Specified content search cache unit, if there are identical content in cache unit, read in cache unit with the content Corresponding data return to the client.
Optionally, the cache unit includes: level cache unit and L2 cache unit;
The access request processing unit will be visited suitable for the specified content of the heading to be saved in level cache The data correspondence for asking that destination server returns is saved in L2 cache, and establishes mapping relations between the two;Receiving visitor After the heading of the network request message at family end, according to the specified content search level cache unit in heading, if level-one There are identical contents in cache unit, then read number corresponding with the content in L2 cache unit according to the mapping relations According to the return client.
Optionally, the access request processing unit is further adapted for the specified content of the heading and access mesh When the data correspondence that mark server returns is saved in caching, corresponding expired time is further set;Receiving client After the heading of network request message, when being cached according to the specified content search in heading, if there are identical in caching Content and not out of date then reads data corresponding with the content in caching and returns to the client.
Optionally, which further comprises:
Processing unit is prefetched, data of the time expired suitable for the distance in query caching unit in preset threshold are right It carries out prefetching processing in these data.
Optionally, which further comprises: blacklist storage unit, is suitable for storage blacklist;The black name Refusal is saved in list or redirects the access target server list for the network access request that proxy server is sent;
The access request processing unit is further adapted for the access target server info and blacklist in heading It is matched;When the blacklist described in the match hit, error code is returned to client.
Optionally, which further comprises:
Blacklist maintenance unit is suitable for analysis access log, is returned when discovery multiple client accesses the same webpage Result it is abnormal when, which is verified;If verification result is that the webpage is normal, target relevant to the webpage Access server info is counted, when counting reaches preset condition, by the relevant target access service device information of the webpage It is added in blacklist.
Optionally, the blacklist maintenance unit, suitable for being directly connected to the corresponding target of the webpage by client-side program Server is accessed, and obtains access result;According to the access result verification of the acquisition webpage.
In conclusion technical solution of the present invention does not need to have received when establishing the connection with access target server Whole message, but after the heading for receiving network request message, the information in heading is established and is accessed based on the received The connection of destination server does not need the message body for receiving network request message, reduces in this link when due to establishing connection The data volume for needing to transmit, therefore transmission time is shortened, the speed of processing network access is improved, is conducive to improve agency's clothes The performance of business device, while the waiting time of user is saved, improve user experience.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of method of proxy server processing network access request according to an embodiment of the invention Flow chart;
Fig. 2 shows a kind of schematic diagrames of proxy server according to an embodiment of the invention;
Fig. 3 shows a kind of schematic diagram of proxy server according to an embodiment of the invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure It is fully disclosed to those skilled in the art.
Fig. 1 is the flow chart that a kind of proxy server of one embodiment of the invention handles the method for network access request, As shown in Figure 1, this method comprises:
Step S110 receives the heading of the network request message of client.
Step S120 connects the access target server according to the access target server info in heading.
Step S130 receives the message body of the network request message of client, which is sent to access target clothes Business device.
Step S140 receives the Data Concurrent that access target server returns and gives client.
Technical solution of the present invention is not needed to receive complete network and be asked when establishing with the connection of access target server Message is sought, but after the heading for receiving network request message, the information in heading is established and access mesh based on the received The connection for marking server does not need the message body for receiving network request message when due to establishing connection, reducing needs in this link The data volume to be transmitted, therefore transmission time is shortened, the speed of processing network access is improved, is conducive to improve agency service The performance of device, while the waiting time of user is saved, improve user experience.
In one embodiment of the invention, when the access target server info in heading is access target server IP address when, directly according to the IP address connected reference destination server.
When the access target server info in heading is the domain name of access target server, this method is further wrapped Include: nslookup system dns server obtains the IP address of access target server, and visits according to IP address connection is obtained Ask destination server.
In one embodiment of the invention, this method further comprises:
The data correspondence that the specified content of heading and access target server return is saved in caching by step S150 In.
Step S160, after receiving the heading of network request message of client, according to the specified content in heading Query caching, if reading data corresponding with the content in caching there are identical content in caching and returning to the client.
Wherein, the data correspondence that the specified content of heading and access target server return is saved in slow by step S150 Depositing includes: that the specified content of heading is saved in level cache, and the data that access target server is returned are corresponding to protect It is stored in L2 cache, and establishes mapping relations between the two.
Correspondingly, step S160 is cached according to the specified content search in heading, if there are identical interior in caching Hold, then reads in caching that return to the client include: according to the specified content search in heading to data corresponding with the content Level cache, if there are identical content in level cache, according to mapping relations read in L2 cache with the content pair The data answered return to the client.
It, can be with by the way that the specified content of heading and the data correspondence of access target server return to be saved in caching Conveniently when there is identical network access request again, directly by the heading information of the request, obtained from caching corresponding Data return to client, without being connected to access target server.Meanwhile in this treatment process, client and agency The heading for only needing transmission network to request between server, does not need transmitting message body, further reduced the number of transmission yet According to amount, bandwidth is saved, the response speed and performance of proxy server is improved, saves the waiting time of user, improve User experience.
In addition, this method further comprises:
The data correspondence that the specified content of heading and access target server return is saved in caching by step S170 When, corresponding expired time is further set.
Step S180, after receiving the heading of network request message of client, according to the specified content in heading When query caching, if reading data corresponding with the content in caching there are identical content and not out of date in caching and returning Return the client.
On this basis, this method further comprises:
Step S190, data of distance in the query caching expired time in preset threshold, for these data into Row prefetches processing.
Corresponding expired time is arranged in the data returned for the specified content and access target server of the heading of caching, When being cached according to the specified content search of heading, if there are identical contents and not out of date in caching, can directly it make With the cache contents, guarantee the validity of cache contents.
If cache contents in preset threshold, carry out these data to prefetch processing apart from the expired time, such as It sends a request to and prefetches server, initiation prefetches service.By prefetching processing, can predict to use according to the network request of user Family would be possible to using data, prefetching content can share by multiple users, can react the common interest of group of subscribers. The present invention, which combines, examines data cached expired time, the data that user may use is prefetched, to soon expired in caching Data are updated and supplement, and to improve the probability of the hit caching when user proposes network access request, save processing net Network request and demand file accelerate the speed of customer access network, improve user experience in the time of transmission over networks.
In the various embodiments described above of the invention, this method further comprises:
Step S1100 matches the access target server info in heading with blacklist;It is saved in blacklist Refusal or the access target server list for redirecting the network access request that proxy server is sent.
Step S1110 returns to error code to client when match hit blacklist.
Because some websites will limit the access of agency, by the access reject of agency or other pages are redirected to, are led Cause the access failure of proxy server.In this case, blacklist is set, refusal is saved or redirects proxy server hair The access target server list for the network access request sent, such as the URL of access target server is saved, as long as client is asked These URL have been sought, just error code has been returned to client, tells this URL of client inaccessible.By the way that above-mentioned blacklist machine is arranged System can quickly identify that the URL of limitation proxy access avoids nothing to judge that the access is not available for and informs client in time Network connection is attempted, and the wasting of resources is avoided.
In addition, this method further comprises:
Step S1120 analyzes access log, when to access the result that the same webpage is returned different for discovery multiple client Chang Shi verifies the webpage.
Step S1130, if verification result is that the webpage is normal, target access service device information relevant to the webpage It is counted, when counting reaches preset condition, the relevant target access service device information of the webpage is added in blacklist.
Wherein, step S1120, which verify to the webpage, includes:
Step S1121 is directly connected to the corresponding target access service device of the webpage by client-side program, and is accessed As a result;
Step S1122, according to the access result verification of the acquisition webpage.
Because of limited personnel, web database technology is huge, and the generation of blacklist cannot only lean on manual mode.It needs thus a set of Automatic blacklist excavates mechanism.Blacklist mechanism of the invention is excavated by the access log to proxy server, is found Useful information when returning the result all abnormal, passes through the direct-connected former net of program when discovery multiple client accesses a webpage It stands, verifies the content of the original webpage automatically, if former webpage is normal, just illustrates that the webpage limits proxy access, then the URL is counted When the counting reaches a certain level or reaches certain proportion blacklist is added in the webpage by number.Pass through this side Formula can make full use of access log and automatically generate blacklist, save manpower, and the blacklist accuracy generated is high.
What needs to be explained here is that the execution sequence between above steps is not limited to the sequence of step numbers, that is, walk The sequence of rapid label, which does not limit, executes sequence between each step.
Fig. 2 is a kind of schematic diagram of proxy server of one embodiment of the invention, as shown in Fig. 2, the proxy server 200 include:
Access request processing unit 210, the heading of the network request message suitable for receiving client.
Processing unit 220 is connected, suitable for connecting access target clothes according to the access target server info in heading Business device.
Access request processing unit 210 is further adapted for receiving the message body of the network request message of client, by the message body It is sent to access target server;It receives the Data Concurrent that access target server returns and gives client.
In one embodiment of the invention, processing unit 220 is connected, suitable for when the access target server in heading When information is the IP address of access target server, directly according to the IP address connected reference destination server;When in heading Access target server info be access target server domain name when, further nslookup system dns server, obtain The IP address of access target server, and according to the acquisition IP address connected reference destination server.
Fig. 3 is a kind of schematic diagram of proxy server of another embodiment of the present invention, as shown in figure 3, the agency service Device 300 includes: access request processing unit 310, connection processing unit 320, cache unit 330, prefetches processing unit 340, is black List storage unit 350 and blacklist maintenance unit 360.
Wherein, access request processing unit 310 and connection processing unit 320 have and access request shown in Fig. 2 processing Unit 210 and the corresponding identical function of connection processing unit 220, details are not described herein.
In one embodiment of the invention, which further comprises: cache unit 330.Access request Processing unit 310 is further adapted for the data correspondence that the specified content of heading and access target server return being saved in caching In unit 330;After receiving the heading of network request message of client, cached according to the specified content search in heading Unit 330, if reading data corresponding with the content in cache unit 330 there are identical content in cache unit 330 Return to the client.
Specifically, cache unit 330 includes: level cache unit 331 and L2 cache unit 332.
Correspondingly, access request processing unit 310, suitable for the specified content of heading is saved in level cache 331, The data correspondence that access target server returns is saved in L2 cache 332, and establishes mapping relations between the two;? After the heading for receiving the network request message of client, according to the specified content search level cache unit 331 in heading, If there are identical contents in level cache unit 331, read according to mapping relations interior with this in L2 cache unit 332 Hold corresponding data and returns to the client.
In addition, access request processing unit 310, is further adapted for the specified content and access target server of heading When the data correspondence of return is saved in caching, corresponding expired time is further set;In the network request for receiving client After the heading of message, when being cached according to the specified content search in heading, if in caching there are identical content and not It is expired, then it reads data corresponding with the content in caching and returns to the client.
In one embodiment of the invention, which further comprises: prefetching processing unit 340, is suitable for Data of distance in the query caching unit 330 expired time in preset threshold, carry out these data to prefetch processing.
In one embodiment of the invention, which further comprises: blacklist storage unit 350, fits In storage blacklist;Refusal is saved in blacklist or redirects the access for the network access request that proxy server 300 is sent Destination server list.
Access request processing unit 310 is further adapted for the access target server info and blacklist in heading It is matched;When match hit blacklist, error code is returned to client.
In one embodiment of the invention, which further comprises: blacklist maintenance unit 360, fits In analysis access log, when find multiple client access result that the same webpage is returned it is abnormal when, to the webpage into Row verifying;If verification result is that the webpage is normal, the relevant target access service device information of the webpage is counted, when When counting reaches preset condition, the relevant target access service device information of the webpage is added in blacklist.
In addition, blacklist maintenance unit 360, suitable for being directly connected to the corresponding target access of the webpage by client-side program Server, and obtain access result;According to the access result verification of the acquisition webpage.
It should be noted that each reality of method shown in each embodiment of proxy server shown in Fig. 2 to Fig. 1 and figure 1 above It applies example and corresponds to identical, be described in detail above, details are not described herein.
In conclusion technical solution of the present invention does not need to have received when establishing the connection with access target server Whole message, but after the heading for receiving network request message, the information in heading is established and is accessed based on the received The connection of destination server does not need the message body for receiving network request message, reduces in this link when due to establishing connection The data volume for needing to transmit, therefore transmission time is shortened, the speed of processing network access is improved, is conducive to improve agency's clothes The performance of business device, while the waiting time of user is saved, improve user experience.Secondly, the present invention is also specified to heading The data that content and access target server return are cached, and are combined and prefetched processing, and network request hit caching is improved Probability saves connected reference destination server and the time from server transport data.Again, blacklist mechanism is set, quickly It identifies inaccessible webpage, avoids useless network connection and attempt, save resource, while making full use of access log, Blacklist is automatically generated, manpower is saved, improves the accuracy of blacklist.
It should be understood that
Algorithm and display be not inherently related to any certain computer, virtual bench or other equipment provided herein. Various fexible units can also be used together with teachings based herein.As described above, it constructs required by this kind of device Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects, Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed Meaning one of can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice Microprocessor or digital signal processor (DSP) come realize some in proxy server according to an embodiment of the present invention or The some or all functions of whole components.The present invention is also implemented as a part for executing method as described herein Or whole device or device program (for example, computer program and computer program product).Such realization present invention Program can store on a computer-readable medium, or may be in the form of one or more signals.Such letter It number can be downloaded from an internet website to obtain, be perhaps provided on the carrier signal or be provided in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame Claim.

Claims (16)

1. a kind of method of proxy server processing network access request, wherein this method comprises:
Receive the heading of the network request message of client;
According to the access target server info in heading, the access target server is connected;
The message body for receiving the network request message of client, is sent to access target server for the message body;
It receives the Data Concurrent that access target server returns and gives the client;
This method further comprises:
The data correspondence that the specified content of the heading and access target server return is saved in caching;
After receiving the heading of network request message of client, cached according to the specified content search in heading, if There are identical contents in caching, then read data corresponding with the content in caching and return to the client.
2. the method for claim 1, wherein
When the access target server info in heading is the IP address of access target server, directly according to the IP address Connected reference destination server;
When the access target server info in heading is the domain name of access target server, this method further comprises: Nslookup system dns server obtains the IP address of access target server, and according to the acquisition IP address connected reference mesh Mark server.
3. the method for claim 1, wherein
The data that the specified content of the heading and access target server are returned, which correspond to be saved in caching, includes: The specified content of the heading is saved in level cache, the data correspondence that access target server returns is saved in two In grade caching, and establish mapping relations between the two;
The specified content search according in heading caches, if read in caching in caching there are identical content Data corresponding with the content return the client include: according to the specified content search level cache in heading, if one There are identical contents in grade caching, then read data corresponding with the content in L2 cache according to the mapping relations and return The client.
4. the method for claim 1, wherein this method further comprises:
When the data correspondence that the specified content of the heading and access target server return is saved in caching, further Corresponding expired time is set;
After receiving the heading of network request message of client, when being cached according to the specified content search in heading, such as There are identical content and not out of date in fruit caching, then reads data corresponding with the content in caching and return to the client.
5. method as claimed in claim 4, wherein this method further comprises:
Data of distance in the query caching expired time in preset threshold, carry out these data to prefetch processing.
6. method according to any one of claims 1 to 5, wherein this method further comprises:
Access target server info in heading is matched with blacklist;Refusal or again is saved in the blacklist Orient the access target server list for the network access request that proxy server is sent;
When the blacklist described in the match hit, error code is returned to client.
7. method as claimed in claim 6, wherein this method further comprises:
Access log is analyzed, when finding that multiple client accesses the result exception that the same webpage is returned, to the webpage It is verified;
If verification result is that the webpage is normal, the relevant target access service device information of the webpage is counted, meter is worked as When number reaches preset condition, the relevant target access service device information of the webpage is added in blacklist.
8. the method for claim 7, wherein the described pair of webpage carries out verifying and include:
It is directly connected to the corresponding target access service device of the webpage by client-side program, and obtains access result;
According to the access result verification of the acquisition webpage.
9. a kind of proxy server, wherein the proxy server includes:
Access request processing unit, the heading of the network request message suitable for receiving client;
Processing unit is connected, suitable for connecting the access target server according to the access target server info in heading;
The access request processing unit is further adapted for receiving the message body of the network request message of client, which is sent out Give access target server;It receives the Data Concurrent that access target server returns and gives the client;
The proxy server further comprises: cache unit;
The access request processing unit is further adapted for the number for returning to the specified content of the heading and access target server It is saved in cache unit according to correspondence;After receiving the heading of network request message of client, according to the finger in heading Content search cache unit is determined, if read corresponding with the content in cache unit there are identical content in cache unit Data return to the client.
10. proxy server as claimed in claim 9, wherein
The connection processing unit, suitable for as the IP that the access target server info in heading is access target server When location, directly according to the IP address connected reference destination server;When the access target server info in heading is access When the domain name of destination server, further nslookup system dns server obtains the IP address of access target server, and According to the acquisition IP address connected reference destination server.
11. proxy server as claimed in claim 9, wherein the cache unit includes: that level cache unit and second level are slow Memory cell;
The access request processing unit will access mesh suitable for the specified content of the heading to be saved in level cache The data correspondence that mark server returns is saved in L2 cache, and establishes mapping relations between the two;Receiving client Network request message heading after, according to the specified content search level cache unit in heading, if level cache There are identical contents in unit, then read data corresponding with the content in L2 cache unit according to the mapping relations and return Return the client.
12. proxy server as claimed in claim 9, wherein
The access request processing unit is further adapted for returning to the specified content of the heading and access target server Data it is corresponding when being saved in caching, corresponding expired time is further set;In the network request message for receiving client Heading after, when being cached according to the specified content search in heading, if there are identical content and not out of date in caching, It then reads data corresponding with the content in caching and returns to the client.
13. proxy server as claimed in claim 12, wherein the proxy server further comprises:
Processing unit is prefetched, data of the time expired suitable for the distance in query caching unit in preset threshold, for this A little data carry out prefetching processing.
14. the proxy server as described in any one of claim 9-13, wherein
The proxy server further comprises: blacklist storage unit, is suitable for storage blacklist;It saves and refuses in the blacklist Access target server list that is exhausted or redirecting the network access request that proxy server is sent;
The access request processing unit is further adapted for carrying out the access target server info in heading with blacklist Matching;When the blacklist described in the match hit, error code is returned to client.
15. proxy server as claimed in claim 14, wherein the proxy server further comprises:
Blacklist maintenance unit is suitable for analysis access log, when discovery multiple client accesses the knot that the same webpage is returned When fruit is abnormal, which is verified;If verification result is that the webpage is normal, target access relevant to the webpage Server info is counted, and when counting reaches preset condition, the relevant target access service device information of the webpage is added Into blacklist.
16. proxy server as claimed in claim 15, wherein
The blacklist maintenance unit, suitable for being directly connected to the corresponding target access service device of the webpage by client-side program, And obtain access result;According to the access result verification of the acquisition webpage.
CN201510916886.9A 2015-12-10 2015-12-10 A kind of method and proxy server of proxy server processing network access request Active CN105530127B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510916886.9A CN105530127B (en) 2015-12-10 2015-12-10 A kind of method and proxy server of proxy server processing network access request

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510916886.9A CN105530127B (en) 2015-12-10 2015-12-10 A kind of method and proxy server of proxy server processing network access request

Publications (2)

Publication Number Publication Date
CN105530127A CN105530127A (en) 2016-04-27
CN105530127B true CN105530127B (en) 2019-02-01

Family

ID=55772131

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510916886.9A Active CN105530127B (en) 2015-12-10 2015-12-10 A kind of method and proxy server of proxy server processing network access request

Country Status (1)

Country Link
CN (1) CN105530127B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547417A (en) * 2016-06-29 2018-01-05 中兴通讯股份有限公司 A kind of message processing method, device and base station
CN106357536B (en) * 2016-09-13 2020-01-03 杭州迪普科技股份有限公司 Message transmission method and device
CN106656959B (en) * 2016-09-28 2020-07-28 腾讯科技(深圳)有限公司 Access request regulation and control method and device
CN107678914A (en) * 2017-09-13 2018-02-09 咪咕音乐有限公司 A kind of log processing method and device, storage medium
CN110737579A (en) * 2018-07-20 2020-01-31 北京奇虎科技有限公司 Test method, proxy server, device and system based on code instrumentation
CN109587275A (en) * 2019-01-08 2019-04-05 网宿科技股份有限公司 A kind of method for building up and proxy server of communication connection
CN110071936B (en) * 2019-05-05 2021-10-26 苏州阳野自动化系统有限公司 System and method for identifying proxy IP
CN113158097A (en) * 2020-01-07 2021-07-23 广州探途天下科技有限公司 Network access processing method, device, equipment and system
CN111953742B (en) * 2020-07-22 2023-09-05 深信服科技股份有限公司 Page redirection method, terminal equipment, intermediate equipment and server
CN112153036B (en) * 2020-09-18 2022-09-09 湖南联盛网络科技股份有限公司 Security defense method and system based on proxy server
CN112102010A (en) * 2020-09-25 2020-12-18 北京深演智能科技股份有限公司 Data pushing method, device and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247407A (en) * 2008-03-17 2008-08-20 华为技术有限公司 Network authentication service system and method
CN102571541A (en) * 2010-12-24 2012-07-11 中兴通讯股份有限公司 Message encoding-decoding method and device
WO2014036890A1 (en) * 2012-09-10 2014-03-13 中兴通讯股份有限公司 Method and device for network bridge of wireless network device forwarding package in client mode

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247407A (en) * 2008-03-17 2008-08-20 华为技术有限公司 Network authentication service system and method
CN102571541A (en) * 2010-12-24 2012-07-11 中兴通讯股份有限公司 Message encoding-decoding method and device
WO2014036890A1 (en) * 2012-09-10 2014-03-13 中兴通讯股份有限公司 Method and device for network bridge of wireless network device forwarding package in client mode

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HTTP代理服务器也DIY;《黑客防线》编辑部;《黑客防线》;20041231;第205-208页

Also Published As

Publication number Publication date
CN105530127A (en) 2016-04-27

Similar Documents

Publication Publication Date Title
CN105530127B (en) A kind of method and proxy server of proxy server processing network access request
US11983234B2 (en) Progressive prefetching
CN102930211B (en) A kind of multi-core browser intercepts method and the multi-core browser of malice network address
CN103150513B (en) The method of the implantation information in interception application program and device
FI105249B (en) Procedure and arrangements for connecting information to network resources
CN106067890B (en) A kind of domain name analytic method, apparatus and system
CN104104649B (en) The method of page login, apparatus and system
US20150256646A1 (en) Dynamically selecting between acceleration techniques based on content request attributes
CN110224996A (en) Network Access Method, device, computer equipment and the storage medium of application program
CN104980478B (en) Sharing method, equipment and system are cached in content distributing network
CN103428179B (en) A kind of log in the method for many domain names website, system and device
EP3341854B1 (en) Machine-driven crowd-disambiguation of data resources
CN103281387B (en) Method, server, client side and system for processing child resources in web page
CN105939313B (en) Status code reorientation method and device
CN109088909B (en) Service gray level publishing method and device based on merchant type
CN106933871A (en) Short linking processing method, device and short linked server
CN110830374B (en) Method and device for gray level release based on SDK
CN107835132B (en) Method and device for tracking flow source
US20170220806A1 (en) String property labels for static analysis
CN107465693B (en) Request message processing method and device
CN107959576A (en) Charge on traffic method and system and buffer storage
CN106911735A (en) Data capture method and device
US20070124480A1 (en) System and method for persistent user tracking using cached resource content
CN106411881A (en) Method and device for buying ticket based on client
CN104468549A (en) Client side operating request responding method and device and server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220718

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.