CN108985013A - Method, apparatus, client and the server-side that detection SWF file is used by third party application - Google Patents

Abstract

The present invention relates to technical field of information processing, a kind of method, apparatus, client and server-side that detection SWF file is used by third party application is provided, client is equipped with Flash, applied to client the described method includes: when SWF file is run by the application program of client, the operation address information of SWF file is obtained by Flash；Operation address information is sent to server-side, so that server-side determines whether SWF file is used by third party application according to operation address information；Applied to server-side the described method includes: obtaining the operation address information for the SWF file that client is sent；Judge to run whether address information meets preset standard, if not meeting, determines that SWF file is used by third party application.When SWF file by third party application in use, server-side can be known at the first time, to acquire corresponding measure, effectively avoid the problem that SWF file is by decompiling in the prior art.

Description

Detection SWF file used by third party application method, apparatus, client and Server-side

Technical field

The present invention relates to technical field of information processing, in particular to a kind of detection SWF file by third-party application journey Method, apparatus, client and the server-side that sequence uses.

Background technique

Currently, Flash is widely used in webpage design and web animation production and video web page broadcasting etc..Mostly Video website includes that webcast website all uses Flash as its video player, and most of web game also will use Flash is developed, and the exploitation of Flash developed using ActionScript scripting language.Due to the characteristic of its scripting language, Cause it to be very easy to by decompiling, so as to from the SWF file (the execution file of Flash) finally issued decompiling look into It sees its source code, and finds the application method of its each functional interface and interface.Simultaneously because Flash has the original of emission mechanism Reason, so as to get the total interface of SWF file from the SWF file finally issued, can then be adjusted by emission mechanism With its interface function, third party application then can directly use the function of the SWF, so that Flash is extremely dangerous.

Summary of the invention

The purpose of the present invention is to provide one kind, to improve the above problem.

To achieve the goals above, technical solution used in the embodiment of the present invention is as follows:

In a first aspect, being applied to the present invention provides a kind of method that detection SWF file is used by third party application With the client of server-side communication connection, client is equipped with Flash.The described method includes: working as SWF file answering by client When being run with program, the operation address information of SWF file is obtained by Flash；Operation address information is sent to server-side, with Server-side is set to determine whether SWF file is used by third party application according to operation address information.

Second aspect, the present invention provides a kind of methods that detection SWF file is used by third party application, are applied to The server-side being connect with client communication.The described method includes: obtaining the operation address information for the SWF file that client is sent； Judge to run whether address information meets preset standard, if not meeting, determines that SWF file is used by third party application.

The third aspect, the present invention provides a kind of devices that detection SWF file is used by third party application, are applied to With the client of server-side communication connection, client is equipped with Flash.Described device includes that the first execution module and second execute Module, wherein the first execution module is used to obtain SWF by Flash when SWF file is run by the application program of client The operation address information of file；Second execution module is sent to server-side for will run address information so that server-side according to Operation address information determines whether SWF file is used by third party application.

Fourth aspect, the present invention provides a kind of devices that detection SWF file is used by third party application, are applied to The server-side being connect with client communication.Described device includes third execution module and the 4th execution module, wherein third executes Module is used to obtain the operation address information for the SWF file that the client is sent；4th execution module is for judging institute It states whether operation address information meets preset standard, if not meeting, determines that the SWF file is made by third party application With.

5th aspect is equipped with Flash and communicates to connect with server-side the present invention provides a kind of client.It is described Client includes the device that first memory, first processor and detection SWF file are used by third party application, institute The device that detection SWF file is used by third party application is stated to be installed in the first memory and including one or more The software function mould group executed by the first processor.The device that the detection SWF file is used by third party application Including the first execution module and the second execution module, wherein the first execution module is used for when SWF file is by the application journey of client When sort run, the operation address information of SWF file is obtained by Flash；Second execution module will be for that will run address information hair It send to server-side, so that server-side determines whether SWF file is used by third party application according to operation address information.

6th aspect, the present invention provides a kind of server-side, the server-side is connect with client communication comprising second The device that memory, second processor and detection SWF file are used by third party application, the detection SWF file quilt The device that third party application uses is installed in the second memory and including one or more by the second processing The software function mould group that device executes.The device that the detection SWF file is used by third party application includes that third executes mould Block and the 4th execution module, wherein third execution module is used to obtain the SWF file of the client transmission operably Location information；4th execution module, if not meeting, determines institute for judging whether the operation address information meets preset standard SWF file is stated to be used by third party application.

Compared with the prior art, the invention has the following advantages: a kind of detection SWF file provided by the invention is by third Method, apparatus, client and the server-side that square application program uses, when SWF file is run by the application program of client, visitor Family end obtains the operation address information of SWF file by Flash, and sends server-side, server-side root for operation address information According to operation address information, it will be able to determine whether SWF file is used by third party application, therefore, when SWF file is by third Square application program to take appropriate measures, effectively avoids in the prior art in use, server-side can be known at the first time The problem of SWF file is by decompiling.

To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.

Detailed description of the invention

In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.

Fig. 1 shows the schematic diagram that server-side provided in an embodiment of the present invention and client interact.

Fig. 2 shows the block diagrams of client provided in an embodiment of the present invention.

Fig. 3 shows the block diagram of server-side provided in an embodiment of the present invention.

Fig. 4 shows the detection SWF file provided in an embodiment of the present invention applied to client by third party application The flow chart of the method used.

Fig. 5 is the sub-step flow chart of the step S101 shown in Fig. 4.

Fig. 6 is the sub-step flow chart of the sub-step S1011 shown in Fig. 5.

Fig. 7 is the sub-step flow chart of the sub-step S1012 shown in Fig. 5.

Fig. 8 shows the detection SWF file provided in an embodiment of the present invention applied to server-side by third party application The flow chart of the method used.

Fig. 9 shows the block diagram of the first detection device provided in an embodiment of the present invention.

Figure 10 be Fig. 9 shown in the first detection device in the first execution module block diagram.

Figure 11 be Figure 10 shown in the first execution module in domain-name information acquiring unit block diagram.

Figure 12 be Figure 10 shown in the first execution module in the first URL address acquisition unit block diagram.

Figure 13 shows the block diagram of second detection device provided in an embodiment of the present invention.

Icon: 100- client；The first detection device of 110-；The first execution module of 111-；The second execution module of 112-； 1111- domain-name information acquiring unit；The first judging unit of 11111-；The sub- execution unit of 11112- first；The second son of 11113- is held Row unit；The first URL address acquisition unit of 1112-；11121- second judgment unit；The sub- execution unit of 11122- third； The sub- execution unit of 11123- the 4th；The 2nd URL address acquisition unit of 1113-；120- first memory；130- storage control； 140- first processor；150- Peripheral Interface；The first communication unit of 160-；170- radio frequency unit；200- server-side；210- second Detection device；211- third execution module；The 4th execution module of 212-；220- second memory；230- second processor；240- Second communication unit；300- network；400- third party application.

Specific embodiment

Below in conjunction with attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Usually exist The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause This, is not intended to limit claimed invention to the detailed description of the embodiment of the present invention provided in the accompanying drawings below Range, but it is merely representative of selected embodiment of the invention.Based on the embodiment of the present invention, those skilled in the art are not doing Every other embodiment obtained under the premise of creative work out, shall fall within the protection scope of the present invention.

It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.Meanwhile of the invention In description, term " first ", " second " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.

Fig. 1 is please referred to, Fig. 1 shows server-side 200 provided in an embodiment of the present invention and carries out at least one client 100 Interactive schematic diagram.Server-side 200 can be communicated by network 300 with client 100, to realize server-side 200 and client Data communication or interaction between end 100.Server-side 200 can provide at least one third party for being suitable for various operating systems The installation kit of application program 400 is downloaded for client 100.After client 100 accesses server-side 200 by network 300, it can pass through Network 300 is suitable for the installation kit of the third party application 400 of the operating system of the client 100 from the downloading of server-side 200, Third party application 400 to be installed in client 100.

In embodiments of the present invention, server-side 200 is web (website) server.Client 100 may be, but not limited to, Smart phone, PC (personal computer, PC), tablet computer, personal digital assistant (personal Digital assistant, PDA), mobile internet surfing equipment (mobile Internet device, MID) etc..Client 100 Operating system may be, but not limited to, Android (Android) system, IOS (iPhone operating system) system, Windows phone system, Windows system etc..Third party application 400 can be any of the offer of server-side 200 can For application program client 100 customized downloading and installed, it is preferable that in the present embodiment, third party application 400 can be The local program of the client 100 of various operation SWF files.

Referring to figure 2., Fig. 2 is the block diagram of client 100 described in Fig. 1.The client 100 includes the first detection Device 110, first memory 120, storage control 130, first processor 140, Peripheral Interface 150, the first communication unit 160 And radio frequency unit 170.

First memory 120, storage control 130, first processor 140, Peripheral Interface 150, radio frequency unit 170 and Each element of first communication unit 160 is directly or indirectly electrically connected between each other, to realize the transmission or interaction of data.Example Such as, these elements can be realized by one or more communication bus or signal wire be electrically connected between each other.First detection device 110 include that at least one can be stored in the first memory 120 or solidify in the form of software or firmware (firmware) Software function module in the operating system (operating system, OS) of client 100.First memory 120 stores The third party application 400 for thering is client 100 to download and install from server-side 200.First processor 140 is for executing the The executable module stored in one memory 120, such as software function module and computer included by the first detection device 110 Program etc..

Wherein, first memory 120 may be, but not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc..Wherein, first memory 120 is for storing program, and first processor 140 is executed instruction receiving Afterwards, described program is executed.First processor 140 and other possible components can store the access of first memory 120 It is carried out under the control of controller 130.

First processor 140 may be a kind of IC chip, the processing capacity with signal.Above-mentioned processor can To be general processor, including central processing unit (Central Processing Unit, CPU), network processing unit (Network Processor, NP) etc.；Can also be digital signal processor (DSP)), specific integrated circuit (ASIC), field programmable gate Array (FPGA) either other programmable logic device, discrete gate or transistor logic, discrete hardware components.It can be real Now or execute the embodiment of the present invention in disclosed each method, step and logic diagram.General processor can be micro process Device or the processor are also possible to any conventional processor etc..Peripheral Interface 150 by various input/output devices (such as Radio frequency unit 170) it is coupled to the first processor 140 and first memory 120.In some embodiments, Peripheral Interface 150, first processor 140 and storage control 130 can be realized in one single chip.In some other example, they It can be realized respectively by independent chip.

Radio frequency unit 170 realizes radio wave and telecommunications for receiving and transmitting radio wave signal (such as electromagnetic wave) Number mutual conversion, to realize the wireless communication between client 100 and network 300 or other communication equipments.

First communication unit 160 is used to establish connection by network 300 and server-side 200, thus realize server-side 200 with Communication connection between client 100.For example, first communication unit 160 can use the radio frequency letter of the transmission of radio frequency unit 170 It number is connected to network 300, and then is established and is communicated to connect by network 300 and server-side 200.

Referring to figure 3., Fig. 3 is the block diagram of server-side 200 shown in FIG. 1.Server-side 200 includes the second detection dress Set 210, second memory 220, second processor 230 and the second communication unit 240.

Second memory 220, second processor 230 and each element of the second communication unit 240 between each other directly or Ground connection is electrically connected, to realize the transmission or interaction of data.For example, these elements can pass through one or more communication between each other Bus or signal wire, which are realized, to be electrically connected.Second detection device 210 includes at least one can be with software or firmware (firmware) Form be stored in second memory 220 or be solidificated in the server-side 200 operating system (operating system, OS the software function module in).Second processor 230 is used to execute the executable module stored in second memory 220, such as Software function module included by second detection device 210 and computer program etc..

Wherein, the second memory 220 may be, but not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc..Wherein, second memory 220 is for storing program, and second processor 230 is executed instruction receiving Afterwards, described program is executed.Second communication unit 240 is used to establish between server-side 200 and client 100 by network 300 Communication connection, and for passing through 300 sending and receiving data of network.

First embodiment

Referring to figure 4., Fig. 4 shows the detection SWF file provided in an embodiment of the present invention applied to client 100 by The flow chart for the method that tripartite's application program uses.Client 100 is equipped with Flash, the detection SWF applied to client 100 Method that file is used by third party application the following steps are included:

Step S101 obtains the operation of SWF file by Flash when SWF file is run by the application program of client Address information.

In embodiments of the present invention, the application program of client 100 includes web application and third party application 400, web application can be the application software operated on the net using web browser in internet or enterprises, example Such as, the Baidu that is operated on the net using web browsers such as 360 browsers, Google's browser, IE browser, youku.com, bucket fish are straight Application software, the third party application 400 such as broadcasting can be the various local programs for being installed on client 100, such as Baidu.com Disk, storm video etc. are installed on the various APP (Application, using) of client 100.In embodiments of the present invention, SWF File is the file of web application, if hacker directly acquires SWF file, can by third party application 400 into Row operation, and when the application program of client 100 operation SWF file, it needs by calling the function in Flash.It therefore, can be with Operation address acquisition of information function is write in Flash, and SWF file is obtained by this operation address acquisition of information function Address information is run, the running environment of SWF file is judged by operation address information, to whether detect SWF by third party Application program 400 uses.Operation address information may be, but not limited to, the domain name letter including the application program for running SWF file Breath and URL (Uniform Resoure Locator, uniform resource locator) address of SWF file etc..

Referring to figure 5., step S101 may include following sub-step:

Whether sub-step S1011, the application program according to operation SWF file have domain name, determine the application of operation SWF file The domain-name information of program.

In embodiments of the present invention, when SWF file is run by web application, that is, when normal operation, pass through The domain name of the application program for the operation SWF file that Flash is obtained necessarily corresponds to the domain name of website, for example, when SWF file passes through When browser is run by Baidu, the webpage of Baidu calls Flash to run SWF file, then Flash obtains the domain of its application program Name is www.baidu.com；But when hacker directly acquires the SWF file of web application and by third-party application journey When sequence 400 is run, website domain name can not then be got by Flash, it therefore, can be according to the application program of operation SWF file Whether there is domain name, to determine the domain-name information for the application program for running SWF file, website domain can not be got when passing through Flash When name, the domain-name information that the application program of operation SWF file can be set is a fixed local information, such as Localhost (local host).

As an implementation, the application program of operation SWF file is determined by operation address acquisition of information function The method of domain-name information may is that firstly, create a field object localDomain using the component that Flash is provided, can be with Pass through var localDomain:LocalConnection=new LocalConnection ()；Sentence is realized, wherein LocalConnection is then the component of creation field object localDomain is obtained by calling the method for the component To field object localDomain, and the domain name for running the application program of SWF file is obtained by field object localDomain MyDomainNameData can pass through var myDomainNameData:String=localDomain.domain；Sentence It realizes, wherein.For normal operation SWF file acquisition to domain-name information be its domain name for corresponding to website, and for by the The SWF file that tripartite uses, the domain-name information got are then fixed " localhost " information.

Fig. 6 is please referred to, step S1011 may include following sub-step:

Sub-step S10111, judges whether the application program for running SWF file has domain name.

In embodiments of the present invention, if the application program of operation SWF file has domain name, sub-step S10112 is executed, If the application program of operation SWF file does not have domain name, sub-step S10113 is executed.

Sub-step S10112 obtains the domain-name information of application program.

In embodiments of the present invention, if the application program of operation SWF file has domain name, this is obtained by Flash and is answered With the domain-name information of program, for example, domain-name information is www.baidu.com.

Sub-step S10113, using the first preset value as the domain-name information of application program.

In embodiments of the present invention, if operation SWF file application program there is no domain name, using the first preset value as The domain-name information of application program, when all third party applications 400 run SWF file, domain-name information is first pre- If value, the first preset value can be a fixed local information, such as localhost (local host).

Whether sub-step S1012, the application program according to operation SWF file have the address URL, determine the first of SWF file The address URL.

In embodiments of the present invention, the first address URL may be, but not limited to, the application program according to operation SWF file The address URL of identified SWF file.When SWF file is run by web application, that is, when normal operation, SWF text The server path information of first address URL of the part SWF file that necessarily domain name of the website and the website are run, that is, The address URL of the Website page, for example, http://zhidao.baidu.com/question/124891257.html；But It is, when hacker directly acquires the SWF file of web application and runs by third party application 400, to pass through Flash The address URL of website can not be then got, therefore, whether can be had according to the current page of the application program of operation SWF file The address URL, to determine the first address URL of SWF file, when the address URL of current page can not be got by Flash, First URL address of the local disk routing information as SWF file of SWF file can be set, wherein third party application 400 are stored in client 100 by local disk path.

It as an implementation, can be by calling JavaScript script generation in operation address acquisition of information function In other words code is provided to obtain the address URL of the application program of operation SWF file by Flash ExternalInterface.call interface calls the function code of JavaScript, can pass through var weburl: String=ExternalInterface.call (function getUrl () { return window.location.href；})；Sentence is realized, wherein function getUrl () { return window.location.href；Sentence be the address acquisition application program URL write JavaScript code, Window.location.href sentence is then the JavaScript code of the address application program URL got.

Fig. 7 is please referred to, step S1012 may include following sub-step:

Sub-step S10111, judges whether the application program for running SWF file has the address URL.

In embodiments of the present invention, if the application program of operation SWF file has the address URL, sub-step is executed S10122 executes sub-step S10123 if the application program of operation SWF file does not have the address URL.

Sub-step S10122, using the address URL as the first address URL of SWF file.

In embodiments of the present invention, if the application program of operation SWF file has the address URL, by the URL of application program First URL address of the address as SWF file, such as http://zhidao.baidu.com/question/ 124891257.html。

Sub-step S10123, using the local disk routing information of SWF file as the first address URL of SWF file, In, third party application is stored in client by local disk path.

It in embodiments of the present invention, will be by SWF file if the application program of operation SWF file has and there is not the address URL First URL address of the local disk routing information as SWF file, for example, C: Users Administrator Desktop\**.swf。

Sub-step S1013, the 2nd address URL of the stage object acquisition SWF file loaded from SWF file, wherein SWF The operation address information of file includes domain-name information, the first address URL and the 2nd address URL.

In embodiments of the present invention, the 2nd address URL may be, but not limited to, the stage object loaded according to SWF file The address URL of identified SWF file.Since the stage object for being used to be rendered in SWF file all has rootSprite Root object, therefore the address URL of the rootSprite root object is exactly the 2nd address URL of SWF file.

In embodiments of the present invention, when SWF file is run by web application, that is, when normal operation, The server path of the address URL of the rootSprite root object SWF file that necessarily domain name of the website and the website are run Information, that is, the address URL of the Website page；But when hacker directly acquires the SWF file of web application and passes through When third party application 400 is run, the address URL of rootSprite root object can not be then got by Flash, therefore, It can not be got currently according to rootSprite root object, to determine the 2nd address URL of SWF file when by Flash When the address URL of the page, second of the local disk routing information of rootSprite root object as SWF file can be set The address URL.

As an implementation, SWF is obtained according to rootSprite root object in operation address acquisition of information function The method of 2nd address URL of file may be, but not limited to, through Var weburl:String= rootSprite.stage.loaderInfo.url.toString()；Sentence is realized, wherein weburl is then got The address URL of rootSprite root object.

In embodiments of the present invention, the operation address information of SWF file includes running the domain name of the application program of SWF file Information, the first address URL of SWF file and the 2nd address URL of SWF file.By call Javascript scripted code come The advantages of obtaining the first address URL of SWF file and coming the 2nd address URL of SWF file using stage object is to use difference Technological means obtain the address URL of SWF file, data can be prevented to be tampered, improve the operation of the SWF file of acquisition The safety of address information.

Operation address information is sent to server-side, so that server-side determines SWF according to operation address information by step S102 Whether file is used by third party application.

In embodiments of the present invention, operation address acquisition of information function can be called to obtain in the Key Functions of Flash The operation address information of SWF file is taken, and reports server after the information is encrypted.Key Functions can be Flash most Start the function for executing or initializing, which must can be called to, and Key Functions get operation address information After the operation address information of acquisition SWF file for obtaining function acquisition, then accessed operation address information can be added Server is reported to after close, server can judge operation address information, so that it is determined that whether SWF file is by third party Application program 400 uses.

As an implementation, Info=AES.encrypt (myDomainNameData+weburl+ can be passed through weburl2,KEY)；Sentence realizes the operation address information that SWF file is added in the Key Functions of Flash, and by the information Server is reported to after being encrypted, wherein AES.encrypt is the encryption interface of AES encryption algorithm；Parameter MyDomainNameData+weburl+weburl2 is domain-name information, the SWF file for running the application program of SWF file respectively The first address URL and SWF file the 2nd address URL；KEY is the KEY information that encryption uses；Info data be encryption after on The data of registration server.

Fig. 8 is please referred to, Fig. 8 shows the detection SWF file provided in an embodiment of the present invention applied to server-side 200 by The flow chart for the method that tripartite's application program uses.Detection SWF file applied to server-side 200 is made by third party application Method the following steps are included:

Step S201 obtains the operation address information for the SWF file that client is sent.

In embodiments of the present invention, after client 100 has reported the operation address information of SWF, server-side 200 is got After reporting information, information can be reported to be decrypted this first, to get the domain name letter of the application program of operation SWF file Breath, the first address URL of SWF file and the 2nd address URL of SWF file.

As an implementation, server-side 200 can pass through myDomainNameData+ to reporting information to be decrypted Weburl+weburl2=AES.decrypt (Info, KEY)；Sentence is realized, wherein AES.decrypt is AES decipherment algorithm Decryption interface；Parameter KEY is the same KEY used when encrypting with client 100；Result data myDomainNameData+ Weburl+weburl2 is the domain-name information of application program, the first address URL of SWF file and the SWF for running SWF file respectively 2nd address URL of file.

Step S202 judges to run whether address information meets preset standard, if not meeting, determines SWF file by the Tripartite's application program uses.

In embodiments of the present invention, server-side 200 can judge the SWF file according to SWF running paper address information It is to run in normal web application or used by third party application 400, preset standard can be, but unlimited In domain-name information, the first address URL of SWF file and the 2nd address URL of SWF file of the application program of operation SWF file It is network address, when SWF running paper address information meets preset standard, that is, the application program of operation SWF file Domain-name information, the first address URL of SWF file and the 2nd address URL of SWF file when being network address, determine SWF text Part operates in normal environment, otherwise, when SWF running paper address information does not meet preset standard, that is, operation SWF file The domain-name information of application program, the first address URL of SWF file and SWF file the 2nd address URL in any one not When being network address, for example, parameter myDomainNameData is the first address URL of " localhost " or SWF file It is similar " C: Users Administrator Desktop * * .swf " with any one in the 2nd address URL of SWF file SWF file in the disk storage routing information of client 100, be determined as that SWF file is made by third party application 400 With.

In embodiments of the present invention, firstly, when SWF file is run by the application program of client 100, client 100 The operation address information of SWF file is obtained by Flash, and sends server-side 200, server-side 200 for operation address information According to operation address information, it will be able to determine whether SWF file is used by third party application 400, when SWF file is by third Square application program 400 to acquire corresponding measure, effectively avoids existing in use, server-side 200 can be known at the first time The problem of SWF file is by decompiling in technology；Secondly, with obtaining the URL of SWF file by using different technological means Location can prevent data to be tampered, and improve the safety of the operation address information of the SWF file of acquisition；Finally, server-side 200 by the operation address information of SWF file include the domain-name information of application program for running SWF file, SWF file first The different information in the 2nd address URL three of the address URL and SWF file carrys out the running environment of comprehensive judgement SWF file, improves The accuracy that server-side 200 determines.

Second embodiment

Fig. 9 is please referred to, Fig. 9 shows the block diagram of the first detection device 110 of present pre-ferred embodiments offer. First detection device 110 is applied to client 100 comprising the first execution module 111 and the second execution module 112.

First execution module 111, for being obtained by Flash when SWF file is run by the application program of client The operation address information of SWF file.

In embodiments of the present invention, the first execution module 111 can be used for executing step S101.

Figure 10 is please referred to, Figure 10 illustrates for the box of the first execution module 111 in the first detection device 110 shown in Fig. 9 Figure.First execution module 111 is including domain-name information acquiring unit 1111, the first URL address acquisition unit 1112 and the 2nd URL Location acquiring unit 1113.

Domain-name information acquiring unit 1111 determines operation for whether having domain name according to the application program of operation SWF file The domain-name information of the application program of SWF file.

In embodiments of the present invention, domain-name information acquiring unit 1111 can be used for executing sub-step S1011.

Please refer to Figure 11, Figure 11 is the side of domain-name information acquiring unit 1111 in the first execution module 111 shown in Figure 10 Frame schematic diagram.Domain-name information acquiring unit 1111 includes the first judging unit 11111, the first sub- execution unit 11112 and second Sub- execution unit 11113.

First judging unit 11111, for judging whether the application program for running SWF file has domain name.

In embodiments of the present invention, the first judging unit 11111 can be used for executing sub-step S10111.

In embodiments of the present invention, if the implementing result of the first judging unit 11111 is "Yes", turn the first son and execute Unit 11112 executes sub-step S10112, if the implementing result of the first judging unit 11111 is "No", turns the second son and holds Row unit 11113 executes sub-step S10113.

First sub- execution unit 11112, for obtaining the domain-name information of application program.

In embodiments of the present invention, the first sub- execution unit 11112 can be used for executing sub-step S10112.

Second sub- execution unit 11113, for using the first preset value as the domain-name information of application program.

In embodiments of the present invention, the second sub- execution unit 11113 can be used for executing sub-step S10113.

First URL address acquisition unit 1112, for whether having the address URL according to the application program of operation SWF file, really Determine the first address URL of SWF file.

In embodiments of the present invention, the first URL address acquisition unit 1112 can be used for executing sub-step S1012.

Figure 12 is please referred to, Figure 12 is the first URL address acquisition unit 1112 in the first execution module 111 shown in Figure 10 Block diagram.First URL address acquisition unit 1112 include second judgment unit 11121, the sub- execution unit 11122 of third and 4th sub- execution unit 11123.

Second judgment unit 11121, for judging whether the application program for running SWF file has the address URL.

In embodiments of the present invention, second judgment unit 11121 can be used for executing sub-step S10121.

In embodiments of the present invention, if the implementing result of second judgment unit 11121 is "Yes", turn the execution of third Unit 11122 executes sub-step S10122, if the implementing result of second judgment unit 11121 is "No", turns the 4th son and holds Row unit 11123 executes sub-step S10123.

The sub- execution unit 11122 of third, for using the address URL as the first address URL of SWF file.

In embodiments of the present invention, the sub- execution unit 11122 of third can be used for executing sub-step S10122.

4th sub- execution unit 11123, for using the local disk routing information of SWF file as the first of SWF file The address URL, wherein third party application is stored in client by local disk path.

In embodiments of the present invention, the 4th sub- execution unit 11123 can be used for executing sub-step S10123.

2nd URL address acquisition unit 1113, second of the stage object acquisition SWF file for being loaded from SWF file The address URL, wherein the operation address information of SWF file includes domain-name information, the first address URL and the 2nd address URL.

In embodiments of the present invention, the 2nd URL address acquisition unit 1113 can be used for executing sub-step S1013.

Second execution module 112 is sent to server-side for that will run address information, so that server-side is according to operation address Information determines whether SWF file is used by third party application.

In embodiments of the present invention, the second execution module 112 can be used for executing step S102.

Figure 13 is please referred to, Fig. 9 shows the box signal of the second detection device 210 of present pre-ferred embodiments offer Figure.Second detection device 210 is applied to server-side 200 comprising third execution module 211 and the 4th execution module 212.

Third execution module 211, the operation address information of the SWF file for obtaining client transmission.

In embodiments of the present invention, third execution module 211 can be used for executing step S201.

4th execution module 212 runs whether address information meets preset standard for judging, if not meeting, determines SWF file is used by third party application.

In embodiments of the present invention, the 4th execution module 212 can be used for executing step S202.

In conclusion a kind of method, apparatus that detection SWF file is used by third party application provided by the invention, Client and server-side, client are equipped with Flash, applied to client the described method includes: when SWF file is by client Application program operation when, pass through Flash obtain SWF file operation address information；Operation address information is sent to service End, so that server-side determines whether SWF file is used by third party application according to operation address information.Applied to server-side The described method includes: obtain client send SWF file operation address information；Judge to run whether address information meets Preset standard determines that SWF file is used by third party application if not meeting.The present invention is answered when SWF file by third party With program in use, server-side can be known at the first time, to acquire corresponding measure, SWF in the prior art is effectively avoided The problem of file is by decompiling；In addition, obtaining the address URL of SWF file using different technological means, data can be prevented It is tampered, improves the safety of the operation address information of the SWF file of acquisition；Meanwhile server-side by different information come comprehensive The running environment for determining SWF file is closed, the accuracy of server-side judgement is improved.

In several embodiments provided herein, it should be understood that disclosed device and method can also pass through Other modes are realized.The apparatus embodiments described above are merely exemplary, for example, flow chart and block diagram in attached drawing Show the device of multiple embodiments according to the present invention, the architectural framework in the cards of method and computer program product, Function and operation.In this regard, each box in flowchart or block diagram can represent the one of a module, section or code Part, a part of the module, section or code, which includes that one or more is for implementing the specified logical function, to be held Row instruction.It should also be noted that function marked in the box can also be to be different from some implementations as replacement The sequence marked in attached drawing occurs.For example, two continuous boxes can actually be basically executed in parallel, they are sometimes It can execute in the opposite order, this depends on the function involved.It is also noted that every in block diagram and or flow chart The combination of box in a box and block diagram and or flow chart can use the dedicated base for executing defined function or movement It realizes, or can realize using a combination of dedicated hardware and computer instructions in the system of hardware.

In addition, each functional module in each embodiment of the present invention can integrate one independent portion of formation together Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.

It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention. And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.It needs Illustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation with Another entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realities The relationship or sequence on border.Moreover, the terms "include", "comprise" or its any other variant are intended to the packet of nonexcludability Contain, so that the process, method, article or equipment for including a series of elements not only includes those elements, but also including Other elements that are not explicitly listed, or further include for elements inherent to such a process, method, article, or device. In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including the element Process, method, article or equipment in there is also other identical elements.

The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, made any to repair Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.It should also be noted that similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and explained.

Claims (10)

1. a kind of method that detection SWF file is used by third party application, which is characterized in that be applied to communicate with server-side The client of connection, the client are equipped with Flash, which comprises

When the SWF file is run by the application program of the client, the operation of the SWF file is obtained by Flash Address information；

The operation address information is sent to server-side, so that the server-side is according to operation address information judgement Whether SWF file is used by third party application.

2. the method as described in claim 1, which is characterized in that the operation address for obtaining the SWF file by Flash The step of information, comprising:

Whether there is domain name according to the application program for running the SWF file, determines the domain for running the application program of the SWF file Name information；

Whether there is the address URL according to the application program for running the SWF file, determines the first address URL of the SWF file；

2nd address URL of SWF file described in the stage object acquisition loaded from the SWF file, wherein the SWF file Operation address information include domain name information, the first address URL and the 2nd address URL.

3. method according to claim 2, which is characterized in that whether the application program according to the operation SWF file The step of having domain name, determining the domain-name information for running the application program of the SWF file, comprising:

When the application program for running the SWF file has domain name, the domain-name information of the application program is obtained；Described in operation When the application program of SWF file does not have domain name, using the first preset value as the domain-name information of the application program.

4. method according to claim 2, which is characterized in that whether the application program according to the operation SWF file The step of having the address URL, determining the first address URL of the SWF file, comprising:

When the application program for running the SWF file has the address URL, using the address URL as the first of the SWF file The address URL, when the application program for running the SWF file does not have the address URL, by the local disk path of the SWF file First URL address of the information as the SWF file, wherein the third party application is stored by local disk path In the client.

5. a kind of method for being used by third party application of detection SWF file, which is characterized in that be applied to and client communication The server-side of connection, which comprises

Obtain the operation address information for the SWF file that the client is sent；

Judge whether the operation address information meets preset standard, if not meeting, determines that the SWF file is answered by third party It is used with program.

6. method as claimed in claim 5, which is characterized in that operation address information includes running the SWF file The domain-name information of application program, the first address URL of the SWF file and the SWF file the 2nd address URL, it is described to sentence The step of whether the operation address information of breaking meets preset standard, comprising:

When domain name information, the first address URL and the 2nd address URL are network address, the operation address information symbol Close preset standard.

7. a kind of device that detection SWF file is used by third party application, which is characterized in that be applied to communicate with server-side The client of connection, the client are equipped with Flash, and described device includes:

First execution module, for being obtained by Flash when the SWF file is run by the application program of the client The operation address information of the SWF file；

Second execution module, for the operation address information to be sent to server-side, so that the server-side is according to the fortune Row address information determines whether the SWF file is used by third party application.

8. a kind of device for being used by third party application of detection SWF file, which is characterized in that be applied to and client communication The server-side of connection, described device include:

Third execution module, for obtaining the operation address information for the SWF file that the client is sent；

4th execution module, for judging whether the operation address information meets preset standard, if not meeting, described in judgement SWF file is used by third party application.

9. a kind of client, which is characterized in that the client is equipped with Flash, and communicates to connect with server-side, the client End includes:

First memory；

First processor；And

The device that detection SWF file is used by third party application, the detection SWF file are used by third party application The device software function mould that is installed in the first memory and is executed including one or more by the first processor Group comprising:

First execution module, for obtaining the SWF file by Flash when the SWF file is run by application program Run address information；

Second execution module, for the operation address information to be sent to server-side, so that the server-side is according to the fortune Row address information determines whether the SWF file is used by third party application.

10. a kind of server-side, which is characterized in that the server-side is connect with client communication, and the server-side includes:

Second memory；

Second processor；And

The device that detection SWF file is used by third party application, the detection SWF file are used by third party application The device software function mould that is installed in the second memory and is executed including one or more by the second processor Group comprising:

Third execution module, for obtaining the operation address information for the SWF file that the client is sent；

4th execution module, for judging whether the operation address information meets preset standard, if not meeting, described in judgement SWF file is used by third party application.