The content of the invention
The present invention is to avoid weak point present in above-mentioned prior art, there is provided a kind of unified terminal IE configurations and guarantor
The method of shield, do not change user normally using IE browser on the basis of realize the configuration of unified terminal IE, unified standard
Change the display of terminal IE, the method is widely used in the browser of various IE versions, meanwhile, the configuration provides to IE browser are protected
Protection mechanism, prevents user from changing manually or suffers that rogue program is distorted.
In order to solve the above technical problems, the present invention is adopted the following technical scheme that:
A kind of method of configuration and the protection of unified terminal IE is comprised the steps of:
A. local IE configuration files are obtained:By read registry entry HKEY_LOCAL_MACHINE SOFTWARE
Microsoft Internet Explorer obtain the version information of local IE browser;By the version of local IE browser
The local IE configuration files of acquisition of information;
The version information of the local IE browser includes:The version number of IE browser;
The local IE configuration files include:File name, MD5 yard;If the IE configuration files do not exist, can be by local
The version information of IE browser identifies the form of IE configuration files, and the form of the IE configuration files is IE+ version numbers;
B. judge whether match with the title of the IE configuration files of service end:The IE of local IE configuration files and service end is configured
File is matched;
The IE configuration files of the service end include:File name, MD5 yard;
If file name is matched, step c is continued executing with, if file name is mismatched, continue executing with step d;
C. judge whether match with MD5 yards in the IE configuration files of service end:By MD5 yards in local IE configuration files and clothes
MD5 yards in the IE configuration files at business end is matched, if it does, then perform step e and reading and parsing local IE configurations text
Part;If it does not match, performing step d updates local IE configuration files;
D. local IE configuration files are updated:It is by file download module that the IE configuration files of service end is locally downloading, and more
New local IE configuration files are the IE configuration files of service end, continue executing with step e;
E. read and parse local IE configuration files:Local IE configuration files are read by API, in obtaining local IE configuration files
Content;The content in local IE configuration files is parsed according to specified rule, local IE profile informations are obtained;
The local IE profile informations include:IE configuration items and corresponding value;
F. judge whether match with local IE configurations:Local IE profile informations are matched with local IE configurations, if
Mismatch, then perform step g and change local IE configurations;If it does, will perform step h protects local IE configurations;
G. local IE configurations are changed:Local IE will be changed by API to configure;
H. local IE is protected to configure:Local IE configurations are protected not to be modified;
I. the local IE that standardizes shows:User start IE browser after, by hook(HOOK)Technology is linked up with local boot
All processes, by process name judge start process whether be IE processes;
If not IE processes, then do not process;
If IE processes, then by enumerating the control obtained in IE forms, by the class name of IE form controls(Class
Name)Set membership find need disabling handle, call API disable handle, make user cannot the local IE of manual modification match somebody with somebody
Put, to realize that the local IE of unified standardization shows.
In the step h, local IE configurations are protected not to be modified, it is further comprising the steps:
H1. registry entry modification operation is monitored:Layer is driven the modification of registry entry is monitored by registering the readjustment of registration table
Operation;
H2. judge whether the process ID of registry entry modification operation is legal:The process ID of modification operation is obtained by API, is judged
Whether the process ID for changing operation is legitimate processes;If legal, do not process;If illegal, step h3 is performed;
H3. judge whether registry entry modification operation is identical with local IE profile informations, if identical, does not allow modification
Local IE configurations;If it is not the same, then allowing to change local IE configurations.
The beneficial effects of the present invention are:
The present invention is to provide a kind of method of unified terminal IE configurations, the browser of various IE versions is can be widely applied to,
The configuration of unified modification terminal IE, conveniently realizes unified configuration.Meanwhile, on the basis of the operating habit for not changing user
On, it is to avoid the configuration that user's manual modification and other rogue programs distort IE browser causes the user cannot normally B/S offices
Problem.The present invention is adapted to IE configurations all configurations of corresponding relation with registration table.
Specific embodiment
Below in conjunction with accompanying drawing and example, the present invention is described in further detail.
The invention provides a kind of unified terminal IE configurations and the method for protection, its application scenarios is LAN environment, such as
Shown in Fig. 3, the LAN includes server computer 301 and computer cluster 302, and computer cluster 302 is by computer A1, calculates
Machine A2, computer A3 are constituted, and IE browser version and the IE configuration of every computer are different from together:
The IE browser version number of computer A1 is configured to that IE menu bars are visible, collection column is visible, trusted for 8.0.2900, IE
Without trusted site in website;
The IE browser version number of computer A2 is configured to that IE menu bars are invisible, collection column is visible for 8.0.2800, IE, receives
Without trusted site in letter website;
The IE browser version number of computer A3 be 10.0.2900, be configured to without IE configuration files, IE IE menu bars it is invisible,
Collection column is visible, trusted site is 192.168.0.1 in trusted site;
The IE of the setting of server computer 301 is configured to:Unified hiding IE menu bars, unified hiding collection column, unified addition
The trusted site 10.192.140.7 of IE
Now need that 3 computers are unified not to be modified for the IE of server computer setting is configured and protected.
As shown in figure 1, the specific works step of unified terminal IE configurations of the invention and protection is as follows:
A. local IE configuration files 101 are obtained:
By read respectively computer A1, computer A2, computer A3 registry entry HKEY_LOCAL_MACHINE
SOFTWARE Microsoft Internet Explorer obtain computer A1, computer A2, computer A3 local IE it is clear
Look at the version information of device;
The version number of the local IE browser of computer A1 is 8.0.2900, the version number of the local IE browser of computer A2 is
8.0.2800, the version number of the local IE browser of computer A3 is 10.0.2900;
Computer A1, computer A2 are obtained by the version number of computer A1, computer A2, the browser of computer A3, is calculated
The local IE configuration files of machine A3;
The local IE configuration files of computer A1 include:File name IE8.txt, MD5 code
1c1297afcc5cd2f5c292e9dad94d6306;
The local IE configuration files of computer A2 include:File name IE8.txt, MD5 code
043464bff5c394d7437c9ee316d8674c;
The local IE configuration files of computer A3 include:File name does not exist, MD5 yards of sky, by the local IE of computer A3
The version number of browser is 10.0.2900, and the form that may recognize that IE configuration files is IE+10;
B. judge whether match 102 with the title of the IE configuration files of service end:
The IE of computer A1, computer A2, the local IE configuration files of computer A3 and server computer 301 is configured respectively
File is matched;
2 IE configuration files, file name IE8.txt, MD5 code are included in server computer 301
1c1297afcc5cd2f5c292e9dad94d6306;File name IE10.txt, MD5 code
221297becc5cd2f5c292e9dad94d6382;
Wherein, the file name IE8.txt and server computer in the local IE configuration files of computer A1, computer A2
File name IE8.txt matchings in 301 IE configuration files, continue executing with step 103;
The local IE configuration files of computer A3 are mismatched with the IE configuration files of server computer 301, continue executing with step
104;
C. judge whether match 103 with MD5 yards in the IE configuration files of service end:
MD5 yards of 1c1297afcc5cd2f5c292e9dad94d6306 and service end in the local IE configuration files of computer A1
MD5 yards of 1c1297afcc5cd2f5c292e9dad94d6306 matchings in the IE configuration files of computer 301, then perform step
105;
MD5 yards of 043464bff5c394d7437c9ee316d8674c and service end in the local IE configuration files of computer A2
MD5 yards of 1c1297afcc5cd2f5c292e9dad94d6306 in the IE configuration files of computer 301 is mismatched, then perform step
Rapid 104;
D. local IE configuration files 104 are updated:
File name IE8.txt, MD5 code in IE configuration files by file download module by server computer 301
1c1297afcc5cd2f5c292e9dad94d6306 downloads to computer A2, and the IE configuration files of more new computer A2 are text
Part title IE8.txt, MD5 code 1c1297afcc5cd2f5c292e9dad94d6306;
File name IE10.txt, MD5 code in IE configuration files by file download module by server computer 301
221297becc5cd2f5c292e9dad94d6382 downloads to computer A3, and the IE configuration files of more new computer A3 are text
Part title IE10.txt, MD5 code 221297becc5cd2f5c292e9dad94d6382;
E. read and parse local IE configuration files 105:
The local IE configuration files of computer A1, computer A2, computer A3 are read by API, local IE configuration files are obtained
In content;The content in local IE configuration files is parsed according to specified rule, computer A1, computer A2, computer is obtained
The local IE profile informations of A3;
The computer A1, computer A2, the local IE profile informations of computer A3 include:
F. judge whether match 106 with local IE configurations:Local IE profile informations are matched with local IE configurations, such as
Fruit mismatches, then perform step 107 and change local IE configurations;Local IE is protected to configure if it does, step 108 will be performed;
IE configurations local with the computer A1 are contrasted:
IE configurations local with the computer A2 are contrasted:
IE configurations local with the computer A3 are contrasted:
G. local IE configurations 107 are changed:
The local IE of the computer A1 are changed by API to configure:
The local IE of the computer A2 are changed by API to configure:
The local IE of the computer A3 are changed by API to configure:
H. local IE configurations 108 are protected:If the IE trusted sites of computer A1 are revised as 192.168.0.58 by user manually,
Need to perform step 201;
Step 201:Monitor the modification operation of the IE trusted sites of computer A1:Drive layer by register the readjustment of registration table come
Monitor the modification operation of the IE trusted sites of computer A1;
Step 202:Judge whether the process ID of the modification operation of the IE trusted sites of computer A1 is legal:Obtained by API and counted
The process ID of the modification operation of the IE trusted sites of calculation machine A1 is 1112, and legitimate processes ID is 1000, judges the IE of computer A1
The process ID of the modification operation of trusted site is illegal process for 1112, then perform step 203;
Step 203:Judge modification operation and the local IE configuration files HKEY_ of computer A1 of the IE trusted sites of computer A1
CURRENT_USER\Software\microsoft\Windows\CurrentVersion\Internet Settings\
Zonemap Ranges Range1 it is identical, then do not allow the local IE for changing computer A1 to configure;
I. the local IE that standardizes shows 109:User start IE browser after, by hook(HOOK)Technology hook is locally being opened
Dynamic all processes, judge whether the process for starting is IE processes by process name;
What computer A1, computer A2, computer A3 started is IE processes, by enumerating the control obtained in IE forms, is passed through
The class name of IE form controls(Class Name)Set membership find need disabling handle, call API disable handle, use
Family cannot manual modification local IE configurations, to realize that the IE configurations by computer A1, computer A2, computer A3 are set to unification
Hide IE menu bars, unified hiding collection column, the trusted site 10.192.140.7 of unified addition IE.
Local IE configurations are configured, read and parse by updating local IE, it is real according to IE configuration items and the difference of respective value
Now unified terminal IE configurations easily and fast, and IE configurations are protected, on the basis of the operating habit for not changing user,
Avoid user's manual modification and other rogue programs distort the configuration of IE browser and cause the user cannot normal asking of handling official business of B/S
Topic.Meanwhile, the present invention is adapted to the browser for being widely used in various IE versions, and has corresponding with registration table suitable for IE configurations
All configurations of relation, greatly improve configurable versatility and reliability.