CN114500113A - JS protection method, system, electronic equipment and medium - Google Patents
JS protection method, system, electronic equipment and medium Download PDFInfo
- Publication number
- CN114500113A CN114500113A CN202210387299.5A CN202210387299A CN114500113A CN 114500113 A CN114500113 A CN 114500113A CN 202210387299 A CN202210387299 A CN 202210387299A CN 114500113 A CN114500113 A CN 114500113A
- Authority
- CN
- China
- Prior art keywords
- http
- code segment
- response
- structured data
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a JS protection method, a JS protection system, electronic equipment and a JS protection medium, wherein the JS protection method is applied to an HTTP proxy system, and the HTTP proxy system is connected with a client and a server and comprises the following steps: receiving response data sent by a server; performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data; identifying code segments of the HTTP structured data, and performing confusion encryption processing on the identified target code segments by using a JS dynamic loading technology to obtain confusion encryption code segments; and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client. The JS protection method provided by the invention can solve the problem of insecurity of the plaintext of the front JS code, prevent illegal users from embezzlement of the JS code, improve the safety of code use, reduce the development cost of hardware and improve the user experience.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a JS protection method, a JS protection system, electronic equipment and a JS protection medium.
Background
With the continuous development of network security technology, the network security construction of the page is more and more emphasized.
JavaScript (JS) is a lightweight, interpreted, or just-in-time programming language with function preference, and although named as a scripting language for developing Web pages, it is also applied to many non-browser environments. JavaScript is a dynamic scripting language based on prototype programming and multiple paradigms, supports object-oriented, command, declarative and functional programming paradigms, and plays a vital role in network security.
In the prior art, the JS code belongs to a front-end technology, is transparent to a client, can be stolen and analyzed by checking source codes, in the traditional JS obfuscation technology, the source codes of a server end need to be modified, and some third-party obfuscation plug-ins need to be introduced, and the encryption processing mode can generate unnecessary overhead to a front-end page, and meanwhile, the generality is low, so that the user experience is poor.
Disclosure of Invention
The invention provides a JS protection method, a JS protection system, electronic equipment and a JS protection medium, which are used for solving the technical problems of high development cost, low code security and poor user experience caused by installation of a confusion plug-in the prior art.
In a first aspect, the present invention provides a JS protection method applied to an HTTP proxy system, where the HTTP proxy system connects a client and a server, and includes:
receiving response data sent by a server;
performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data;
carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment;
and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
Further, according to the JS protection method provided by the present invention, the identifying of the code segment of the HTTP structured data, and the obfuscating and encrypting the identified target code segment by using the JS dynamic loading technique to obtain the obfuscated and encrypted code segment include:
carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment;
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
Further, according to the JS protection method provided by the present invention, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the identifying the code segment of the HTTP structured data to determine the position information and the code segment length of the target code segment includes:
and identifying the JS code segment for response head information and response body information in the HTTP structured data, and determining the position information and the code segment length of the target code segment.
Further, according to the JS protection method provided by the present invention, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the performing HTTP protocol deep parsing on the response data to obtain parsed HTTP structured data includes:
and performing HTTP deep analysis on the response data, and acquiring response head information and response body information of the analyzed HTTP.
Further, according to the JS protection method provided by the present invention, the HTTP structured data includes request header information and request body information of HTTP,
correspondingly, the HTTP proxy system is also used for receiving HTTP request data sent by the client, performing HTTP protocol deep analysis on the request data, and acquiring analyzed request head information and request body information of the HTTP.
In a second aspect, the present invention further provides a JS protection system for implementing the JS protection method according to any one of the above embodiments, including an HTTP proxy system, where the HTTP proxy system connects a client and a server, and the HTTP proxy system includes an HTTP parsing module, a code segment identifying module, an obfuscation encrypting module, and an HTTP response rewriting module, where,
the HTTP analysis module is used for carrying out HTTP protocol deep analysis on the received response data issued by the server and acquiring analyzed HTTP structured data;
the code segment identification module is used for identifying the code segment of the HTTP structured data to obtain a target code segment;
the confusion encryption module is used for carrying out confusion encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain a confusion encryption code segment;
and the HTTP response rewriting module is used for replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
Further, according to the JS protection system provided by the present invention, the HTTP proxy system is configured to forward the received HTTP request to the server.
Further, according to the JS protection system provided by the present invention, the code segment identifying module is further configured to:
and carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment.
Further, according to the JS protection system provided by the present invention, the obfuscation encryption module is further configured to:
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
Further, according to the JS protection system provided by the present invention, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the HTTP parsing module is further configured to:
and performing HTTP deep analysis on the response data, and acquiring response head information and response body information of the analyzed HTTP.
In a third aspect, the present invention also provides an electronic device, including:
a processor, a memory, and a bus, wherein,
the processor and the memory are communicated with each other through the bus;
the memory stores program instructions executable by the processor, the processor invoking the steps of the program instructions to perform the JS fencing method of any of the above.
In a fourth aspect, the present invention also provides a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the steps of the JS fencing method as in any one of the above.
The invention provides a JS protection method and a JS protection system, wherein the JS protection method is applied to an HTTP proxy system, and the HTTP proxy system is connected with a client and a server and comprises the following steps: receiving response data sent by a server; performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data; carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment; and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client. The security protection method provided by the invention can solve the problem of insecurity of the plaintext of the front JS code, prevent illegal users from embezzlement of the JS code, improve the security of code use, reduce the development cost of hardware and improve the user experience.
Drawings
In order to more clearly illustrate the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flow chart of a JS safeguard method provided by the prior art;
FIG. 2 is a schematic overall flow chart of the JS protection method provided by the present invention;
FIG. 3 is a schematic structural diagram of the JS protection system provided by the present invention;
fig. 4 is a schematic structural diagram of an electronic device provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention.
In order to better understand the technical solution of the present invention, the following description of the prior art is provided.
As shown in fig. 1, a principle of a JS obfuscated encryption technology in the prior art is given, in the JS obfuscated encryption processing in the prior art, a source code of a server needs to be modified, and an obfuscation plug-in of a third party needs to be introduced to implement encryption processing of the JS code.
Fig. 2 is a schematic flow diagram of a JS protection method provided by the present invention, and as shown in fig. 2, the JS protection method provided by the present invention is applied to an HTTP proxy system, where the HTTP proxy system connects a client and a server, and includes:
step 201: and receiving response data sent by the server.
In this embodiment, an HTTP proxy system needs to be installed in advance, and the HTTP proxy system receives response data sent by a server and then performs corresponding processing on the response data, where a hypertext Transfer Protocol (HTTP) is a simple request-response Protocol, and generally operates on a TCP, and specifies what messages the client may send to the server and what responses the client may obtain. In this embodiment, the HTTP proxy system belongs to a connector between a server and a client, and is capable of sending an HTTP request sent by the client to a Web page server, and also capable of receiving response data sent by the server according to the HTTP request and processing the response data, and a specific processing procedure is described in the following embodiments, which is not described in detail herein.
The HTTP Proxy system belongs to a Proxy mode system, and the Proxy (Proxy) mode is to receive a connection request on the Internet by using the Proxy system, then forward the request to a server on an internal network, and return result data obtained from the server to a client requesting connection on the Internet.
Step 202: and performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data.
In this embodiment, the HTTP proxy system is required to perform HTTP protocol deep parsing on the response data to obtain parsed structured data, where for the response data, the parsed structured data is response header information and response body information, and for other data types, the parsed structured data obtains corresponding HTTP structured data, which may be specifically set according to actual needs of a user, and is not limited specifically herein.
Step 203: and identifying the code segment of the HTTP structured data, and performing obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment.
In this embodiment, JS code segment identification processing needs to be performed on HTTP structured data, and then obfuscating and encrypting the identified target code segment by using a JS dynamic loading technology to obtain an obfuscated and encrypted code segment, where the JS dynamic loading technology may be specifically divided into multiple modes, such as direct document.
It should be noted that, in this embodiment, the target code segment has two modes, one is in the form of a JS file, and the other is embedded in the website of the web page, which is embedded in HTML. In this embodiment, the JS dynamic loading technology is used to achieve the purpose of improving security by performing opaque processing without displaying the JS code on the client. The specific treatment process comprises the following steps: recognizing that the existing mode of the target code segment is a mode of a JS file, and the target code segment is ABC, then directly adding the encrypted content of the JS code segment into the JS file, namely dynamically encrypting the encrypted content into XYZ, and further storing an encryption code XXX for front-end decryption processing, wherein the finally obtained obfuscated encryption code segment is XYZXXX, namely the client side sees the XYZXXX.
Step 204: and replacing the target code segment with the obfuscated encrypted code segment and sending the obfuscated encrypted code segment to the client.
In this embodiment, the target code segment is replaced with the obfuscated encrypted code segment obtained through obfuscating and encrypting, and then the obfuscated encrypted code segment is sent to the client, and the client can dynamically load the obfuscated encrypted code segment at the front end through the added JS dynamic loading technology and perform decryption and restoration processing to obtain the target code segment.
According to the JS protection method provided by the invention, the JS protection method is applied to an HTTP proxy system, and the HTTP proxy system is connected with a client and a server, and specifically comprises the following steps: the method comprises the steps of receiving response data issued by a server, carrying out HTTP protocol deep analysis on the response data, obtaining analyzed HTTP structured data, carrying out code segment identification on the HTTP structured data, carrying out obfuscating encryption processing on identified target code segments by using a JS dynamic loading technology to obtain obfuscated encryption code segments, replacing the target code segments with the obfuscated encryption code segments, and sending the obfuscated encryption code segments to a client. The JS protection method provided by the invention can solve the problem of insecurity of the plaintext of the front JS code, prevent illegal users from embezzlement of the JS code, improve the safety of code use, reduce the development cost of hardware and improve the user experience.
Based on any one of the foregoing embodiments, in this embodiment, the performing code segment identification on the HTTP structured data, and performing obfuscating encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscated encrypted code segment includes:
carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment;
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
In this embodiment, code segment identification needs to be performed on HTTP structured data, position information and a code segment length of a target code segment are determined, and then dynamic loading obfuscated encryption processing is performed on the target code segment by using a JS dynamic loading technology according to the determined position information and the determined code segment length of the target code segment to obtain an obfuscated encrypted code segment.
It should be noted that, in this embodiment, the target code segment needs to be obfuscated and encrypted by using the JS dynamic loading technology, and if the target code segment is ABCDEF and a section of encrypted content is 12345, the obtained obfuscated and encrypted code segment is ABCDEF12345, which may be encrypted according to the actual needs of the user, and is not limited specifically herein.
According to the JS protection method, the position information and the code segment length of the target code segment are determined by carrying out code segment identification on HTTP structured data, dynamic loading confusion encryption processing is carried out on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain the confusion encryption code segment, the JS code can be subjected to confusion encryption under the condition that a source code of a server does not need to be modified, the complexity of JS confusion encryption is simplified, and the reliability and the applicability of safety protection are improved.
Based on any one of the above embodiments, in this embodiment, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the identifying the code segment of the HTTP structured data to determine the position information and the code segment length of the target code segment includes:
and identifying the JS code segment for response head information and response body information in the HTTP structured data, and determining the position information and the code segment length of the target code segment.
In this embodiment, it is necessary to identify the JS code segment for the response header information and the response body information in the HTTP structured data, and determine the location information and the code segment length of the target code segment.
According to the JS protection method provided by the invention, the JS code segment is identified by the response head information and the response body information in the HTTP structured data to determine the position information and the code segment length of the target code segment, so that the JS code can be subjected to obfuscation encryption without modifying the source code of the server, the complexity of the JS obfuscation encryption is simplified, and the reliability and the applicability of security protection are improved.
Based on any one of the above embodiments, in this embodiment, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the performing HTTP protocol deep parsing on the response data to obtain parsed HTTP structured data includes:
and performing HTTP deep analysis on the response data, and acquiring response head information and response body information of the analyzed HTTP.
In this embodiment, when the HTTP system receives response data sent by the Web server, it needs to perform HTTP protocol deep analysis on the response data, obtain response header information and response body information of the HTTP after analysis, and apply the structured data obtained by analysis to subsequent code segment identification processing. The deep parsing manner of the HTTP protocol adopts a relatively mature parsing manner in the prior art, and is not described in detail herein.
According to the JS protection method provided by the invention, the HTTP protocol deep analysis is carried out on the response data, and the response head information and the response body information of the analyzed HTTP are obtained and used in the subsequent identification processing, so that the reliability and the applicability of the security protection can be improved.
Based on any one of the above embodiments, in this embodiment, the HTTP structured data includes request header information and request body information of HTTP,
correspondingly, the HTTP proxy system is also used for receiving HTTP request data sent by the client, performing HTTP protocol deep analysis on the request data, and acquiring analyzed request head information and request body information of the HTTP.
In this embodiment, the HTTP proxy system is further configured to receive HTTP request data sent by a client, perform HTTP protocol deep parsing on the request data, obtain parsed request header information and request body information of the HTTP, and forward the request data to the server, where the request data refers to HTTP request data, and specifically includes: request line, request header and request body.
According to the JS protection method provided by the invention, the HTTP protocol deep analysis is carried out on the response data, and the response head information and the response body information of the analyzed HTTP are obtained and used in the subsequent identification processing, so that the reliability and the applicability of safety protection can be improved, and the user experience is improved.
Based on any of the above embodiments, in this embodiment, first, an HTTP proxy system needs to be deployed to connect the client and the backend Web server, where the HTTP proxy system is used to proxy all HTTP request and response data of the backend Web server, and the deploying the HTTP proxy system to connect the client and the backend Web server specifically includes: the HTTP proxy system is connected to a back-end Web server through an intranet, and the HTTP proxy system is connected to the client through the Internet. It should be noted that the HTTP proxy system may be in any form of: reverse proxy, transparent proxy.
The HTTP proxy system receives HTTP response data of the back-end Web server, performs HTTP protocol deep analysis on the response data, and stores the analyzed HTTP data in a structured manner for use by a subsequent module; in the structured HTTP data, the Content-Type in the response header information and the data Content in the response body information are combined, JS code segment recognition processing is carried out on the received response data, and the initial position information and the code segment length of the target code segment are determined. The JS code segment has the following two modes, wherein the first mode is a JS file, and the second mode is embedded in HTML.
It should be noted that, after receiving the HTTP structured data analyzed by the HTTP parsing module, the JS code segment identifying module determines whether the response data has JS codes through the Content-Type in the response header information and the data Content in the response body information, and if yes, transmits the start position information and the code segment length of the target code segment to the subsequent module.
It should be noted that the identified target code segment (JS code segment) is encrypted word by using the JS dynamic loading technology, and the encrypted code segment and the front-end decryption algorithm code are combined together to form the obfuscated encrypted code segment. Then, the HTTP response rewriting module replaces the original JS code segment with the obfuscated encryption code segment and sends the obfuscated encryption code segment to the client.
According to the JS protection method provided by the invention, the JS code segment is subjected to obfuscation encryption based on the HTTP proxy system, and the purpose of performing obfuscation encryption on the JS code segment can be realized under the condition that the JS source code at the server end is not required to be modified. Because the security department and the business department belong to different responsibility departments in the actual operation and maintenance environment, the invention can realize the security protection of the JS code under the condition of not modifying the business JS code of the server, simplifies the complexity of JS confusion encryption, and has the advantages of reliability, applicability, security and the like.
Based on any one of the above embodiments, in this embodiment, as shown in fig. 3, a JS protection system for implementing the security protection method described in any one of the above embodiments includes an HTTP proxy system 1, where the HTTP proxy system 1 connects a client 2 and a server 3, and the HTTP proxy system 1 includes an HTTP parsing module 11, a code segment identifying module 12, an obfuscation encrypting module 13, and an HTTP response rewriting module 14, where,
the HTTP parsing module 11 is configured to perform HTTP protocol deep parsing on the received response data sent by the server, and obtain parsed HTTP structured data;
the code segment identification module 12 is configured to identify a code segment of the HTTP structured data to obtain a target code segment;
the obfuscation encryption module 13 is configured to perform obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscated encrypted code segment;
the HTTP response rewriting module 14 is configured to replace the target code segment with the obfuscated encrypted code segment and send the obfuscated encrypted code segment to the client.
In this embodiment, the HTTP proxy system 1 is preferably required to be deployed and connected to the client 2 and the server 3, specifically, the HTTP proxy system 1 is connected to the back-end Web server 3 through an intranet, and the HTTP proxy system 1 is connected to the client 2 through the internet; the HTTP proxy system 1 includes an HTTP parsing module 11, a code segment identifying module 12, an obfuscating encryption module 13, and an HTTP response rewriting module 14, and completes obfuscating encryption processing of the JS code segment through mutual cooperation among the modules, and finally, the HTTP response rewriting module 14 uses the obtained obfuscating encryption code segment to replace the original target code segment, and sends the target code segment to the client 2.
It should be noted that, in this embodiment, the HTTP proxy system may be a reverse proxy, and may also be a transparent proxy, where the reverse proxy refers to a manner of installing a reverse proxy server between the user and the target server, and for the user, the reverse proxy server is equivalent to the target server, that is, the user may obtain the resource of the target server by directly accessing the reverse proxy server. Meanwhile, the user does not need to know the address of the target server and does not need to make any setting at the user end. The reverse proxy server can be generally used for Web acceleration, namely, the reverse proxy is used as a front-end processor of the Web server to reduce the load of the network and the server and improve the access efficiency. The transparent proxy means that the client does not need to know the existence of the proxy server at all, and the transparent proxy changes request fields (messages), transmits real IP and is mostly used in NAT forwarding of the router. In addition, the encrypted transparent proxy belongs to the anonymous proxy.
According to the JS protection system provided by the invention, the HTTP proxy system is arranged between the client and the server, so that the JS codes can be subjected to obfuscation encryption without modifying the source code of the server, the complexity of the JS obfuscation encryption is simplified, and the reliability and the applicability of safety protection are improved.
Based on any of the above embodiments, in this embodiment, the HTTP proxy system 1 is configured to forward the received HTTP request to the server.
In this embodiment, the HTTP proxy system 1 is configured to forward the received HTTP request to the server, and can further screen the request data, reduce the working strength of the server, and improve the usability of security protection.
Based on any one of the above embodiments, in this embodiment, the code segment identifying module is further configured to:
and carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment.
In this embodiment, the code segment identification module is specifically configured to perform code segment identification on HTTP structured data, and determine location information and a code segment length of a target code segment, where the HTTP structured data specifically includes response header information and response body information.
According to the JS protection system provided by the invention, the code segment identification is carried out on HTTP structured data to determine the position information and the code segment length of the target code segment, so that the reliability of safety protection processing is improved.
Based on any one of the above embodiments, in this embodiment, the obfuscating encryption module is further configured to:
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
In this embodiment, the obfuscating encryption module is specifically applied to perform dynamic loading obfuscating encryption processing on a target code segment by using a JS dynamic loading technology according to the position information and the code segment length of the target code segment to obtain an obfuscated encryption code segment, where the identified target code segment is encrypted word by using the JS dynamic loading technology to generate the obfuscated encryption code segment, and it should be noted that the JS dynamic loading technology adopts a mature technology in the prior art, which is not specifically limited herein.
According to the JS protection system provided by the invention, the target code segment is dynamically loaded with the obfuscated encryption processing by using the JS dynamic loading technology according to the position information and the code segment length of the target code segment, so that the obfuscated encryption code segment is obtained, the reliability and the safety of the security protection processing are improved, and the user experience is improved.
Based on any one of the above embodiments, in this embodiment, the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the HTTP parsing module is further configured to:
and performing HTTP deep analysis on the response data, and acquiring response head information and response body information of the analyzed HTTP.
In this embodiment, the HTTP parsing module is specifically configured to perform HTTP protocol deep parsing on the response data, acquire response header information and response body information of the parsed HTTP, and apply the structured data obtained through parsing in subsequent code segment identification processing. The deep parsing manner of the HTTP protocol adopts a relatively mature parsing manner in the prior art, and is not described in detail herein.
According to the JS protection system provided by the invention, the HTTP protocol deep analysis is carried out on the response data to obtain the response head information and the response body information of the analyzed HTTP, and the analyzed HTTP response head information and response body information are used in the subsequent identification processing, so that the reliability and the applicability of the security protection can be improved
Since the principle of the apparatus according to the embodiment of the present invention is the same as that of the method according to the above embodiment, further details are not described herein for further explanation.
Fig. 4 is a schematic structural diagram of an electronic device provided in an embodiment of the present invention, and as shown in fig. 4, the present invention provides an electronic device, including: a processor (processor)401, a memory (memory)402, and a bus 403;
the processor 401 and the memory 402 complete communication with each other through the bus 403;
the processor 401 is configured to call the program instructions in the memory 402 to execute the methods provided in the above-mentioned embodiments of the methods, including, for example: the HTTP proxy system is applied to an HTTP proxy system, the HTTP proxy system is connected with a client and a server, and the HTTP proxy system comprises: receiving response data sent by a server; performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data; carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment; and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
In addition, the logic instructions in the memory 403 may be implemented in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention also provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the method provided by the above methods, the method comprising: the HTTP proxy system is applied to an HTTP proxy system, the HTTP proxy system is connected with a client and a server, and the HTTP proxy system comprises: receiving response data sent by a server; performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data; carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment; and replacing the target code segment with the obfuscated encrypted code segment and sending the obfuscated encrypted code segment to the client.
In yet another aspect, the present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program that, when executed by a processor, is implemented to perform the methods provided above, the method comprising: the HTTP proxy system is applied to an HTTP proxy system, the HTTP proxy system is connected with a client and a server, and the HTTP proxy system comprises: receiving response data sent by a server; performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data; carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment; and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (12)
1. A JS protection method is applied to an HTTP proxy system, wherein the HTTP proxy system connects a client and a server, and comprises the following steps:
receiving response data sent by a server;
performing HTTP deep analysis on the response data to obtain analyzed HTTP structured data;
carrying out code segment identification on the HTTP structured data, and carrying out obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain an obfuscation encryption code segment;
and replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
2. The JS protection method according to claim 1, wherein the identifying the HTTP structured data includes performing code segment identification, and performing obfuscation encryption processing on the identified target code segment by using a JS dynamic loading technique to obtain an obfuscated encrypted code segment, and includes:
carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment;
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
3. The JS guard method of claim 2 wherein the HTTP structured data comprises response header information and response body information of HTTP,
correspondingly, the identifying the code segment of the HTTP structured data to determine the position information and the code segment length of the target code segment includes:
and identifying the JS code segment for response head information and response body information in the HTTP structured data, and determining the position information and the code segment length of the target code segment.
4. The JS guard method of claim 1, wherein the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the performing HTTP protocol deep parsing on the response data to obtain parsed HTTP structured data includes:
and performing HTTP deep analysis on the response data, and acquiring response head information and response body information of the analyzed HTTP.
5. The JS protection method of claim 1, wherein the HTTP structured data includes request header information and request body information of HTTP,
correspondingly, the HTTP proxy system is also used for receiving HTTP request data sent by the client, performing HTTP protocol deep analysis on the request data, and acquiring analyzed HTTP request header information and HTTP request body information.
6. A JS guard system for implementing the JS guard method as claimed in any one of claims 1 to 5, comprising an HTTP proxy system connecting a client and a server, the HTTP proxy system comprising an HTTP parsing module, a code segment identification module, an obfuscation encryption module, and an HTTP response rewriting module, wherein,
the HTTP analysis module is used for carrying out HTTP protocol deep analysis on the received response data issued by the server and acquiring analyzed HTTP structured data;
the code segment identification module is used for identifying the code segment of the HTTP structured data to obtain a target code segment;
the confusion encryption module is used for carrying out confusion encryption processing on the identified target code segment by using a JS dynamic loading technology to obtain a confusion encryption code segment;
and the HTTP response rewriting module is used for replacing the target code segment with the obfuscated encryption code segment and sending the obfuscated encryption code segment to the client.
7. The JS safeguard system according to claim 6, wherein the HTTP proxy system is configured to forward the received HTTP request to the server.
8. The JS protection system of claim 6, wherein the code segment identification module is further configured to:
and carrying out code segment identification on the HTTP structured data, and determining the position information and the code segment length of the target code segment.
9. The JS protection system of claim 8, wherein the obfuscation encryption module is further configured to:
and carrying out dynamic loading obfuscation encryption processing on the target code segment according to the position information and the code segment length of the target code segment and the JS dynamic loading technology to obtain an obfuscated encrypted code segment.
10. The JS protection system of claim 6, wherein the HTTP structured data includes response header information and response body information of HTTP,
correspondingly, the HTTP parsing module is further configured to:
and performing HTTP deep analysis on the response data to acquire analyzed HTTP response head information and analyzed HTTP response body information.
11. An electronic device, comprising:
a processor, a memory, and a bus, wherein,
the processor and the memory are communicated with each other through the bus;
the memory stores program instructions executable by the processor, the processor invoking the steps of the program instructions being capable of performing the JS fencing method of any of claims 1-5.
12. A non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the steps of the JS fencing method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210387299.5A CN114500113A (en) | 2022-04-14 | 2022-04-14 | JS protection method, system, electronic equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210387299.5A CN114500113A (en) | 2022-04-14 | 2022-04-14 | JS protection method, system, electronic equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114500113A true CN114500113A (en) | 2022-05-13 |
Family
ID=81488439
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210387299.5A Pending CN114500113A (en) | 2022-04-14 | 2022-04-14 | JS protection method, system, electronic equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114500113A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116502192A (en) * | 2023-06-28 | 2023-07-28 | 远江盛邦(北京)网络安全科技股份有限公司 | Data confusion method and device and electronic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108141478A (en) * | 2015-10-16 | 2018-06-08 | 阿卡麦科技公司 | Server end detection and subduction to customer end contents filter |
| CN110881044A (en) * | 2019-12-05 | 2020-03-13 | 北京宏达隆和科技有限公司 | Computer firewall dynamic defense security platform |
| CN112182614A (en) * | 2020-09-29 | 2021-01-05 | 北京天云海数技术有限公司 | Dynamic Web application protection system |
| US20210034719A1 (en) * | 2019-07-30 | 2021-02-04 | Cameron Brown | Systems and methods for obfuscating web content |
| CN114063985A (en) * | 2020-08-10 | 2022-02-18 | 奇安信科技集团股份有限公司 | Plug-in development method and device for Web application, electronic device, medium, and program |
-
2022
- 2022-04-14 CN CN202210387299.5A patent/CN114500113A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108141478A (en) * | 2015-10-16 | 2018-06-08 | 阿卡麦科技公司 | Server end detection and subduction to customer end contents filter |
| US20210034719A1 (en) * | 2019-07-30 | 2021-02-04 | Cameron Brown | Systems and methods for obfuscating web content |
| CN110881044A (en) * | 2019-12-05 | 2020-03-13 | 北京宏达隆和科技有限公司 | Computer firewall dynamic defense security platform |
| CN114063985A (en) * | 2020-08-10 | 2022-02-18 | 奇安信科技集团股份有限公司 | Plug-in development method and device for Web application, electronic device, medium, and program |
| CN112182614A (en) * | 2020-09-29 | 2021-01-05 | 北京天云海数技术有限公司 | Dynamic Web application protection system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116502192A (en) * | 2023-06-28 | 2023-07-28 | 远江盛邦(北京)网络安全科技股份有限公司 | Data confusion method and device and electronic equipment |
| CN116502192B (en) * | 2023-06-28 | 2023-08-25 | 远江盛邦(北京)网络安全科技股份有限公司 | Data confusion method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9553865B2 (en) | Protecting websites from cross-site scripting | |
| CN108809890B (en) | Vulnerability detection method, test server and client | |
| US20150271202A1 (en) | Method, device, and system for detecting link layer hijacking, user equipment, and analyzing server | |
| CN107046544B (en) | Method and device for identifying illegal access request to website | |
| CN107528865B (en) | File downloading method and system | |
| CN107016074B (en) | Webpage loading method and device | |
| CN104683407B (en) | A kind of transmission method and equipment of page data and application data | |
| WO2016101635A1 (en) | Method, apparatus and device for synchronizing login status, and computer storage medium | |
| CN111460503B (en) | Data sharing method, device, equipment and storage medium | |
| CN104067561A (en) | Dynamically scanning a WEB application through use of WEB traffic information | |
| CN103338211A (en) | Malicious URL (unified resource locator) authenticating method and device | |
| CN107959660A (en) | A kind of static file access method and device based on Nginx | |
| US11770385B2 (en) | Systems and methods for malicious client detection through property analysis | |
| CN105635064B (en) | CSRF attack detection method and device | |
| CN104243475A (en) | Method and system for dynamic mixing based on WEB reverse proxy | |
| CN104579657A (en) | Method and device for identity authentication | |
| US11405403B2 (en) | Method and device, and server and terminal for processing network resource access | |
| CN112118238B (en) | Method, device, system, equipment and storage medium for authenticating login | |
| CN109561010B (en) | Message processing method, electronic equipment and readable storage medium | |
| CN111212033A (en) | Page display method and device based on combined web crawler defense technology and electronic equipment | |
| CN114500113A (en) | JS protection method, system, electronic equipment and medium | |
| CN111901218A (en) | Message transmission method, SSLVPN proxy server, electronic device and storage medium | |
| CN109726578B (en) | Dynamic two-dimensional code anti-counterfeiting solution | |
| CN114978637A (en) | Message processing method and device | |
| CN112653695A (en) | Method and system for realizing crawler resistance |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220513 |