CN107257372B - Method for supporting communication between multiple browsers and local application program - Google Patents

Method for supporting communication between multiple browsers and local application program Download PDF

Info

Publication number
CN107257372B
CN107257372B CN201710448564.5A CN201710448564A CN107257372B CN 107257372 B CN107257372 B CN 107257372B CN 201710448564 A CN201710448564 A CN 201710448564A CN 107257372 B CN107257372 B CN 107257372B
Authority
CN
China
Prior art keywords
server
browser
application
application system
system server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710448564.5A
Other languages
Chinese (zh)
Other versions
CN107257372A (en
Inventor
梁宁宁
赵敏
梁家声
刘义
袁永强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUANGDONG ELECTRONIC CERTIFICATION AUTHORITY
Original Assignee
GUANGDONG ELECTRONIC CERTIFICATION AUTHORITY
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUANGDONG ELECTRONIC CERTIFICATION AUTHORITY filed Critical GUANGDONG ELECTRONIC CERTIFICATION AUTHORITY
Priority to CN201710448564.5A priority Critical patent/CN107257372B/en
Publication of CN107257372A publication Critical patent/CN107257372A/en
Application granted granted Critical
Publication of CN107257372B publication Critical patent/CN107257372B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention discloses a method for supporting communication between various browsers and local application programs, which comprises the following steps: the browser sends a request to an application system server; the application system server organizes the request content to request service from the auxiliary server; after the auxiliary server successfully authenticates, a user-defined URL is constructed according to the request content and is returned to the browser through the application system server; the browser further organizes a user-defined URL, and calls a local application program in a webpage through a user-defined URL link; the local application program analyzes the URL parameter and submits an operation result to the auxiliary server; the secondary server returns the results to the browser through the application server. The invention can meet the interaction requirement of the browser and the local application program, and solves the problem that the inconvenience is brought to the use of a user due to incompatibility caused by different kernels and different development technologies of various mainstream browsers.

Description

Method for supporting communication between multiple browsers and local application program
Technical Field
The invention relates to the technical field of computer application, in particular to a method for supporting communication between multiple browsers and a local application program.
Background
Currently, the mainstream browsers are Microsoft Internet Explorer, Google Chrome, mozilla firefox, 360 security browser, etc. The existing solutions for supporting the browser to call the local application include the following:
(1) ActiveX/COM of Microsoft
Microsoft Internet Explorer uses Microsoft's ActiveX/COM, but currently the default browser employed by win10 is Edge, which is no longer Microsoft Internet Explorer, and current local application middleware is not available in Edge. With the development of services, more and more users expect to be compatible with browsers such as Chrome, FireFox and Edge at the same time.
(2) Netscape NPAPI plug-in
Old versions of Chrome and FireFox use the Netscape NPAPI, and the code running in the NPAPI plug-in has all the rights of the current user, and cannot utilize the Google Chrome sandbox technology and other security technologies. In view of the risks that NPAPIs may introduce, starting from 1 month 2014, the Chrome Stable version will prevent web pages from installing NPAPI plug-ins, and NPAPI plug-ins have been formally abandoned starting from the Chrome 45 version.
(3) Browser extension
New versions of Chrome use the Google Chrome extension and Native Messaging to enable browser and application interaction, but Google's website is often difficult to access and installation of extensions is not convenient.
Microsoft's Edge also interacts with the local application in the form of a browser extension.
(4) Custom protocol
The customized protocol, similar to the mailto http, is supported by the main stream browser, and only corresponding content needs to be added to the registry, for example, a thunder downloader is started on a page. However, this solution only starts the local application program in the browser, and cannot achieve the purpose of interacting the browser and the application program.
The prior art scheme has the following problems: 1) different browsers need to be researched, targeted development is adopted, and the development and maintenance workload is large. 2) These development techniques are generally proprietary to the respective browser and, if not properly selected, may risk being unsupported later, such as in previous NPAPIs. 3) Even if the custom protocol can meet the requirement that each browser calls the local application program, the interaction between the browser and the local application program cannot be met.
In the prior art, different mechanisms of each browser need to be implemented in different ways, so that in the current environment, a more convenient way is needed to support various browsers to call local application programs, and the requirement for interaction between the browsers and the local application programs is met.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, provides a method for supporting communication between various browsers and local application programs, enables the browsers to start the local application programs by using self-defined URLs, can meet the interaction requirements of the browsers and the local application programs, is compatible with various browsers, and solves the problem that the use inconvenience is brought to users due to different main browser kernels and different development technologies because of incompatibility.
The purpose of the invention is realized by the following technical scheme: a method for supporting multiple browsers communicating with a local application, comprising the steps of:
step 1: the browser sends a request to an application system server;
step 2: the application system server organizes the request content and requests service from the auxiliary server;
and step 3: the auxiliary server authenticates the application system server, generates a request id after the authentication is successful, constructs a custom URL according to the request content, and returns the custom URL to the application system server;
and 4, step 4: the application system server returns the user-defined URL to the browser;
and 5: the browser further organizes a user-defined URL, calls a local application program or displays a two-dimensional code picture in a webpage through a user-defined URL link, and scans the two-dimensional code picture by the application program of the mobile terminal when the two-dimensional code picture is displayed;
step 6: the local application program analyzes the URL parameter and submits an operation result to the auxiliary server;
and 7: after step 5, the browser queries the application system server for results;
and 8: the application system server inquires the result from the auxiliary server;
and step 9: the auxiliary server returns the result of step 6 to the application system server;
step 10: the application server returns the results to the browser.
Preferably, the request from the browser to the application server may be a certificate login, form signature, certificate binding, and the like.
Preferably, the application system server in step 2 organizes the request content to request the service from the auxiliary server in a post manner.
Preferably, an authentication mode of the application account and the authentication code is adopted between the application server and the auxiliary server in step 3.
Preferably, in step 6, the local application program parses the URL parameter, and submits the operation result to the auxiliary server in a post manner.
Preferably, in step 7, the browser opens a long polling or long connection to query the application system server for the result in a post manner.
Preferably, in step 8, the auxiliary server returns the result of step 6 to the application system server, and the application system server verifies the operation result returned by the auxiliary server to verify whether the operation result is valid; and returning the operation result to the browser after the verification is valid.
Preferably, the method adopts a mode of a one-way certificate SSL.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the invention enables the browser to start the local application program by utilizing the user-defined URL, can meet the interaction requirement of the browser and the local application program, is compatible with various browsers, overcomes the problems that the kernel of each mainstream browser is different, the development technology is not uniform, so that the incompatibility brings great inconvenience to the use of a user, and simultaneously can be used by both a PC end and a mobile phone end.
2. The invention adopts a mode of a one-way certificate SSL, and the servers are authenticated by using an application account and an authentication code, thereby ensuring the secret transmission of data in safety.
Drawings
FIG. 1 is a schematic flow chart of example 1;
fig. 2 is a flowchart illustrating a process of login using a digital certificate according to embodiment 2.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
Example 1
A method for supporting multiple browsers to communicate with local application programs relates to browsers, application system servers, auxiliary servers and local application programs. Through the application system server and the auxiliary server, the browser can realize indirect interaction with the local application program. In order to enable the local application program to better interact with the browser and facilitate the integration of application development, an auxiliary server is used, wherein the auxiliary server mainly constructs a URL according to the content of an application request and transmits the running result of the local application program to an application system server.
The specific process is as follows:
step 1: the browser issues a request (login, form signature, etc.) to the application server.
Step 2: the application system server organizes the request content and requests the service from the auxiliary server in a post mode.
And step 3: the auxiliary server authenticates the application system server through the application account and the password, generates a request value, namely a request id after the authentication is successful, the request id is unique, constructs a custom URL (URLScheme) according to the request content, and returns the custom URL (URLScheme) to the application system server.
And 4, step 4: the application system server returns the customized URL to the browser.
And 5: the browser further organizes the URL, calls a local application program in the webpage through a user-defined URL link, or displays the two-dimensional code picture, and when the two-dimensional code picture is displayed, the mobile terminal application program scans the two-dimensional code picture.
Step 6: the local application program analyzes the URL parameters, and because the format of the URL link is standard, in the using process, only the parameters in the URL link need to be analyzed, corresponding operation is carried out according to the parameters, and the operation result is submitted to the auxiliary server in a post mode.
And 7: after step 5, the browser opens a long poll or long connection to query the application system server for the results by post.
And 8: the application system server queries the results from the auxiliary server.
And step 9: the auxiliary server returns the result of step 6 to the application system server.
Step 10: the application server returns the results to the browser.
Example 2
A method for supporting multiple browsers to communicate with a local application program, wherein the operation flow taking digital certificate login as an example comprises the following steps:
step 1: the browser submits a login request to an application system server;
step 2: the application system server generates a random number random;
and step 3: and the application system server sends a signature request to the auxiliary server according to the application account and the password.
And 4, step 4: the auxiliary server returns a response result after successfully authenticating the application system server, namely the self-defined URL: NetcaCryptoSvr://? requestId & submitUrl
Wherein the url scheme is NetcaCryptoSvr://,
the parameters passed are: requestId & submitUrl.
Where sumiturl is the url that the local application submits the result to the secondary server.
And 5: returning to the browser page.
Step 6: the browser further organizes the custom URL, and finally the custom URL is spliced as follows:
NetcaCryptoSvr://?requstId=requsId&submitUrl=url&function=certLogin&param=param
if the notification type is a two-dimensional code, the content format is the same as the url scheme at this time, but converted into a PNG format picture of the two-dimensional code.
And 7: and the browser skips to a local application program or displays the two-dimensional code picture through the user-defined URL link.
And 8: the browser opens a long poll or long connection.
And step 9: the local application begins to parse the custom url parameters for signature operations.
Step 10: the local application submits the signature result to the secondary server.
Step 11: and the application system server inquires the signature result from the auxiliary server.
Step 12: the auxiliary server returns the signature result.
Step 13: the application system server verifies the signature result returned by 12.
Step 14: and the application system server verifies the digital certificate according to the signature result.
Step 15: a success page or a failure page is returned.
The method can be compatible with various browsers, so that the browsers can call the local application program and can realize the interaction between the browsers and the local application program. In order to enable the browser and the local application program to interact, the browser is made to send a request service to the application system server, then the application system server returns a response result according to the content of the request, the application system server sends the returned result to the browser, the browser further organizes a custom url, the browser can select operation according to a notification type, when the notification type is the url scheme, the url scheme directly jumps to the local application program, when the notification type is the url scheme, a two-dimensional code picture is displayed, and the mobile terminal application program executes code scanning. And the PC terminal or the mobile terminal application program analyzes the url parameters, performs corresponding operation according to the parameters and submits the operation result to the auxiliary server. The application system server inquires an operation result from the auxiliary server, verifies the operation result returned by the auxiliary server and verifies whether the operation result is valid; and returning the operation result to the browser after verification, and further realizing indirect interaction between the browser and the local application program.
In order to ensure the secure transmission of data, the method adopts a one-way certificate to authenticate SSL, and an authentication mode of an application account and an authentication code is adopted between an application server and an auxiliary server.
The method can be used by a PC end and a mobile phone end, and under some special scenes: the method is particularly suitable for common business processes such as certificate login, form signature, certificate binding and the like. If the notification type is URL Scheme, the method is suitable for B/S, C/S application of a mobile phone end, signature of the mobile phone end and the like, B/S, C/S application of a PC end, signature of the PC end and the like; if the notification type is two-dimensional code, the method is suitable for B/S, C/S application of the PC side, signature of the mobile phone side and the like.
The above embodiments are preferred embodiments of the present invention, but the present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications which do not depart from the spirit and principle of the present invention should be construed as equivalents thereof, and all such changes, modifications, substitutions, combinations, and simplifications are intended to be included in the scope of the present invention.

Claims (8)

1. A method for supporting multiple browsers communicating with a local application, comprising the steps of:
step 1: the browser sends a request to an application system server;
step 2: the application system server organizes the request content and requests service from the auxiliary server;
and step 3: the auxiliary server authenticates the application system server, generates a request id after the authentication is successful, constructs a custom URL according to the request content, and returns the custom URL to the application system server;
and 4, step 4: the application system server returns the user-defined URL to the browser;
and 5: the browser further organizes a user-defined URL, and calls a local application program in a webpage through a user-defined URL link;
step 6: the local application program analyzes the URL parameter and submits an operation result to the auxiliary server;
and 7: after step 5, the browser queries the application system server for results;
and 8: the application system server inquires the result from the auxiliary server;
and step 9: the auxiliary server returns the result of step 6 to the application system server;
step 10: the application server returns the results to the browser.
2. The method of claim 1, wherein the request from the browser to the application server is one or more of a certificate login, a form signature, and a certificate binding.
3. The method of claim 1, wherein the application system server organization requests the content in step 2, and requests the service from the auxiliary server in a post manner.
4. The method according to claim 1, wherein an authentication mode of the application account and the authentication code is adopted between the application server and the auxiliary server in the step 3.
5. The method of claim 1, wherein the local application parses the URL parameter in step 6 and submits the operation result to the secondary server in a post manner.
6. The method of claim 1, wherein the browser initiates a long poll or a long connection in step 7 to query the application server for the result in a post manner.
7. The method according to claim 1, wherein in step 8, the auxiliary server returns the result of step 6 to the application system server, and the application system server verifies the operation result returned by the auxiliary server to verify whether the operation result is valid; and returning the operation result to the browser after the verification is valid.
8. The method according to claim 1, characterized in that the method takes the form of a one-way certificate, SSL.
CN201710448564.5A 2017-06-14 2017-06-14 Method for supporting communication between multiple browsers and local application program Active CN107257372B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710448564.5A CN107257372B (en) 2017-06-14 2017-06-14 Method for supporting communication between multiple browsers and local application program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710448564.5A CN107257372B (en) 2017-06-14 2017-06-14 Method for supporting communication between multiple browsers and local application program

Publications (2)

Publication Number Publication Date
CN107257372A CN107257372A (en) 2017-10-17
CN107257372B true CN107257372B (en) 2020-04-17

Family

ID=60023861

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710448564.5A Active CN107257372B (en) 2017-06-14 2017-06-14 Method for supporting communication between multiple browsers and local application program

Country Status (1)

Country Link
CN (1) CN107257372B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111638976A (en) * 2020-05-16 2020-09-08 中信银行股份有限公司 Data transmission method and system based on shared memory
CN111638975A (en) * 2020-05-16 2020-09-08 中信银行股份有限公司 Data transmission method and system based on pipeline
CN111641606B (en) * 2020-05-16 2022-11-22 中信银行股份有限公司 Data processing method, device, equipment and storage medium based on pseudo protocol
CN111638977A (en) * 2020-05-16 2020-09-08 中信银行股份有限公司 Data transmission method and system based on mail slot
CN111708501A (en) * 2020-06-23 2020-09-25 北京思特奇信息技术股份有限公司 Entrance ticket remote safe printing system and method
CN112099868A (en) * 2020-08-18 2020-12-18 北京思特奇信息技术股份有限公司 Method and system for calling control across browsers
CN112613025A (en) * 2020-12-30 2021-04-06 宁波三星医疗电气股份有限公司 Communication method of USB (universal serial bus) equipment and browser on computer
CN114268657A (en) * 2021-12-24 2022-04-01 北京天威诚信电子商务服务有限公司 Method and system for establishing SSL _ TLS communication between browser application and local application

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8650622B2 (en) * 2011-07-01 2014-02-11 Telefonaktiebolaget Lm Ericsson (Publ) Methods and arrangements for authorizing and authentication interworking
CN104679564B (en) * 2015-03-09 2017-09-26 浙江万朋教育科技股份有限公司 A kind of method for starting application program by browser
CN106372250A (en) * 2016-09-23 2017-02-01 郑州云海信息技术有限公司 Parameter passing method and device capable of starting local application through URL protocol
CN106406961B (en) * 2016-09-27 2021-01-15 北京奇虎科技有限公司 Method and device for loading and providing application program based on browser

Also Published As

Publication number Publication date
CN107257372A (en) 2017-10-17

Similar Documents

Publication Publication Date Title
CN107257372B (en) Method for supporting communication between multiple browsers and local application program
US9641513B2 (en) Methods and systems for controlling mobile terminal access to a third-party server
US9887999B2 (en) Login method and apparatus
JP2020126602A5 (en)
CN108712372B (en) Method and system for accessing WEB third party login by client
US8214887B2 (en) Method and system for providing user access to a secure application
WO2017067227A1 (en) Third party account number authorisation method, device, server, and system
CN106716960B (en) User authentication method and system
US20100049790A1 (en) Virtual Identity System and Method for Web Services
US8056125B2 (en) Recording medium storing control program and communication system
CN106716918B (en) User authentication method and system
CN115021991A (en) Single sign-on for unmanaged mobile devices
US8909705B2 (en) Method and system for use in providing network services interchange
CN107015870B (en) Method and device for realizing communication between web page and local application and electronic equipment
JP2003337794A (en) Session preservation and migration among different browsers on different devices
WO2014180331A1 (en) Method, device and system for realizing webpage screenshot
KR20100059823A (en) Method for enriching content of a web page with presence information
CN103888408A (en) Method for uploading data to social networking platform and device thereof
CN103179159A (en) Method for processing third-party applications and terminal browser
CN112261011A (en) Cloud desktop authentication method based on two-dimensional code recognition
CN115022047B (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
CN104767614A (en) Information authentication method and device
CN113472735B (en) Big data service single sign-on method, device and storage medium
US11240225B1 (en) Single sign-on techniques
US20230403562A1 (en) Systems and methods for verified communication between mobile applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant