CN115022387A

CN115022387A - Method, device, equipment and medium for processing cross-domain pre-detection request

Info

Publication number: CN115022387A
Application number: CN202210734702.7A
Authority: CN
Inventors: 曾干
Original assignee: Pingan Payment Technology Service Co Ltd
Current assignee: Pingan Payment Technology Service Co Ltd
Priority date: 2022-06-27
Filing date: 2022-06-27
Publication date: 2022-09-06

Abstract

The application discloses a method, a device, equipment and a medium for processing a cross-domain pre-detection request, wherein the method is executed by a proxy server, and the method comprises the following steps: acquiring configuration information of at least one domain name, wherein the configuration information at least comprises the domain name and a lower field of the domain name; generating a configuration file according to the configuration information, and saving the configuration file according to a first specified path; running a Lua script to read the configuration file according to the first specified path and complete configuration according to the configuration file; and processing the received cross-domain pre-detection request based on the configuration, and returning a processing result. The method and the device realize dynamic configuration of the domain name and are flexible to operate; the Options request link is shortened, the processing result return time is greatly shortened, the processing efficiency is obviously improved, and the pressure of a back-end server is reduced; the front end has strong expansibility, and dynamically configures the domain name and improves the degree of freedom of the field under the domain name.

Description

Method, device, equipment and medium for processing cross-domain pre-detection request

Technical Field

The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a medium for processing a cross-domain preview request.

Background

The homologous policy sop (name origin policy) is a convention, which is the most core and basic security function of the browser, and if the homologous policy is lacked, the browser is easily attacked.

The page of the browser sends a cross-domain preview options request to a service server at the back end aiming at different ports or different domain names for accessing the back-end service, and the browser continues to initiate a formal request only if the service server receives the cross-domain preview request.

However, in the actual development of this method, there are many problems that cause failure of options requests, for example, there is groupID (a unique known identifier for a project organization is used to distinguish a specific server number at a back end), the groupID needs to be transmitted to the back end to inform which back end server is, and since the options requests do not transmit values, a corresponding back end server cannot be found, which causes an exception to the options request; as another example, the situation that the front end dynamically adds the header field often occurs, because the nginx proxy server does not configure or the backend service system does not configure the relevant field, the browser check fails, the options request fails, and the like.

At present, the solutions to the exceptions of options requests generally include the following methods, such as cross-domain resource sharing (CORS), making the front end request through a relative path, avoiding the browser from issuing the options request, and avoiding triggering the options request through the jsonnp protocol.

However, the above solutions all have many disadvantages, for example, the flow of the cross-domain resource sharing (CORS) method is that the front-end request has a width redundancy true, the back-end service system writes down the allowed header field according to the received options request, and returns a 200 status code to the front-end; by adopting the method, when the domain name or the field is newly added at the front end every time, the domain name or the field needs to be added manually, the domain name or the field is very passive, and the head returned by the back-end service code and the head configured by nginx have redundancy. If the front end requests through a relative path, a mode of avoiding the browser from sending options requests is adopted, a large amount of customized transformation of the front end codes is needed, decoupling of the front end and the back end is not facilitated, and the method is only suitable for a small internal system. And through the Jsonp protocol, the mode of triggering options request is avoided, and because the Jsonp protocol does not support POST request and needs the support of a back-end service system, the service requirement can not be met.

In summary, the prior art generally has the problems of rigid mode, poor flexibility, limited applicable scenes and incapability of well meeting business requirements.

It should be noted that the above description is only a background example and does not necessarily become a prior art.

Disclosure of Invention

In view of the above problems, embodiments of the present application provide a method, an apparatus, a device, and a medium for processing a cross-domain pre-detection request, so as to implement flexible configuration of parameters of the cross-domain pre-detection request, intercept the cross-domain pre-detection request at a proxy server, shorten a link, improve return efficiency, and reduce pressure on a back-end server; the method is convenient to operate, high in degree of freedom, wide in application range and scene and high in practicability.

In a first aspect, an embodiment of the present application provides a method for processing a cross-domain preview request, where the method is performed by a proxy server, and the method includes:

acquiring configuration information of at least one domain name, wherein the configuration information at least comprises the domain name and a lower field of the domain name;

generating a configuration file according to the configuration information, and saving the configuration file according to a first specified path;

running a Lua script to read the configuration file according to the first specified path and realize the configuration of processing the cross-domain preview request according to the configuration file, wherein the Lua script is integrated in the proxy server in advance;

and processing the received cross-domain pre-detection request based on the configuration, and returning a processing result.

In a second aspect, an embodiment of the present application provides an apparatus for processing a cross-domain preview request, where the apparatus is deployed in a proxy server to execute, and the apparatus includes:

the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring configuration information of at least one domain name, and the configuration information at least comprises the domain name and a field under the domain name;

the generating unit is used for generating a configuration file according to the configuration information and saving the configuration file according to a first specified path;

the configuration unit is used for running a Lua script to read the configuration file according to the first specified path and realize the configuration of processing the cross-domain preview request according to the configuration file, wherein the Lua script is integrated in the proxy server in advance;

and the processing unit is used for processing the received cross-domain pre-detection request based on the configuration and returning a processing result.

In a third aspect, an embodiment of the present application further provides an electronic device, including: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform any of the methods described above.

In a fourth aspect, this application embodiment also provides a computer-readable storage medium storing one or more programs which, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform any of the methods described above.

The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects:

the method is executed by the proxy server, the configuration information of at least one domain name is obtained, the configuration file is generated according to the configuration information and is stored in the first designated path, the Lua script is integrated and operated in the proxy server, so that the Lua script can read the configuration file from the first designated path and perform related configuration on the proxy server, the configured proxy server can directly request cross-domain previews and return processing results, the cross-domain previewing request is not required to be sent to the back-end service server, and the Options request link is shortened. The method and the device realize dynamic configuration of the domain name and are flexible to operate; the Options request link is shortened, the processing result return time is greatly shortened, the processing efficiency is obviously improved, and the pressure of a back-end server is reduced; the front end has strong expansibility, the freedom degree of dynamically configuring the domain name and the field under the domain name is improved, and the online efficiency of the service is accelerated; the configuration of the proxy server and the processing of Options requests are realized by adopting the lightweight Lua script, the configuration reading and processing performance is improved, the pressure on the proxy server is avoided, the application range and the scene are wide, and the practicability is high.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

FIG. 1 shows a schematic diagram of a cross-domain preview request link according to the prior art;

FIG. 2 illustrates a flow diagram of a method of processing a cross-domain preview request according to one embodiment of the present application;

FIG. 3 illustrates a block diagram of a system for processing a cross-domain preview request according to one embodiment of the present application;

FIG. 4 shows a schematic diagram of a configuration interface according to an embodiment of the present application;

FIG. 5 shows a schematic structural diagram of a cross-domain preview request processing apparatus according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of an electronic device in an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.

The concept of front-end cross-domain can be understood as a class of request scenarios limited by browser origin policies.

The Same-source policy (SOP) is a convention, which is the most core and basic security function of the browser, and if the Same-source policy is lacked, the browser is easily attacked by XSS (cross site scripting), CSFR (cross site request forgery), and the like. The homology means that the three are the same, i.e. protocol + domain name + port, and even if two different domain names point to the same ip address, the homology is not the same.

If the source is not the same, the browser triggers a cross-domain pre-check options request, a back-end service server is requested to verify whether the domain name of the browser can be accessed, no value is transmitted in the process, and only field names (attached to header fields) are included, so that the browser can be understood as the service server to continuously initiate formal requests if the options request is received; otherwise, the browser cannot initiate a formal request.

Fig. 1 is a schematic diagram illustrating a cross-domain preview request link according to the prior art, and as can be seen from fig. 1, a user accesses a certain page of a browser, and if the page is cross-domain, the page initiates an options request, and the options request passes through the following links: browser- > virtual server lvs (if any) - > nginx proxy server- > nginx background server- > backend server, i.e. service system server.

The page of the browser sends options requests for different ports or different domain names for accessing the back-end server. In actual development, the following problems are often encountered:

if there is groupID (a unique known identifier for a project organization is used for distinguishing the number of a specific server at the back end for the same service system, the back end can distribute a plurality of servers), the groupID needs to be transmitted to the back end in a transparent way to inform which back end server is, and because the options request does not transmit a value, the corresponding back end server cannot be found, so that the options request is abnormal; the situation that a head field is dynamically added at the front end often occurs, and due to the fact that the nginx proxy server is not configured or a back-end service system is not configured with a relevant field, the browser is not checked to be passed, options requests fail and the like; in order to save development time, a 'allowed domain name to be written dead' is configured, and the browser can also perform untrustworthy processing on the 'word', so that options requests fail; the front end depends on more domain names of the back end, the nginx proxy server corresponding to a certain back end is often configured, and the other nginx proxy server forgets to configure, so that the configuration change is frequent; the options requests for all domain names are released, which causes that the page of any domain name can access the system backend interface, and the security has hidden trouble.

The current solutions to the issue of options requests in the industry include, one is, cross-domain resource sharing (CORS), in this method, a front-end request carries with width redundancy true, a back-end service system writes a header field of an allowance according to the received options request, and returns a 200 status code to the front-end. The method needs to be added dynamically every time the front end is newly added, and is very passive; in addition, the header returned by the back-end service code and the header of the nginx configuration can be repeated. For example, it is often seen that the contents of Access-Control-Allow-Headers, Access-Control-Allow-Methods, etc. returned by the Headers will be repeated. Secondly, the front end makes a request through a relative path, and the nginx proxy server forwards the request according to the path, so that the browser is prevented from sending options requests. Therefore, a large amount of customized transformation of front-end codes is needed, the front-end and rear-end decoupling is not facilitated, and the method is only suitable for a small internal system. Thirdly, triggering options requests is avoided through a JSONP protocol. In general, in order to reduce the load of a web server, static resources such as js, css, img and the like are separated to another server with an independent domain name, and the static resources are loaded from different domain names through corresponding tags in an html page and allowed by a browser. Based on the principle, cross-domain communication can be realized by dynamically creating the script tag and requesting a reference website. However, the JSONP protocol does not support POST requests, needs to be supported by a back-end service system, has potential safety hazards, and cannot meet service requirements.

In view of the above, fig. 2 is a schematic flowchart illustrating a method for processing a cross-domain preview request according to an embodiment of the present application, where the method is executed by a proxy server, and as can be seen from fig. 2, the present application at least includes steps S210 to S240:

step S210: the method comprises the steps of obtaining configuration information of at least one domain name, wherein the configuration information at least comprises the domain name and a field under the domain name.

For the defects in the prior art, the application starts from the cross-domain pre-detection request, and in view of the fact that the options request of the browser does not request any actual service data, the browser does not need to reach the back-end service server, so that the pressure of the back-end service server is reduced, and the length of a processing link is shortened at the same time.

Fig. 3 is a schematic diagram illustrating a processing system for a cross-domain preview request according to an embodiment of the present application, and as can be seen from fig. 3, the processing system 300 for a cross-domain preview request of the present application includes a front-end browser 310 and a nginx proxy server 320, where the nginx proxy server 320 is further connectable to the backend service server 100. In an actual scenario, the virtual server and the backend server of the nginx proxy server may also be included, and since there is no influence on the present application, no description is given in this embodiment.

Based on the processing system 300 for cross-domain preview request shown in fig. 3, if the prior art is adopted, when the front-end browser 310 sends an options request to the back-end service server 100, the front-end browser 310 sends the options request to the nginx proxy server 320, the nginx proxy server 320 routes the options request to the back-end service server 100, the back-end service server 100 processes the options request and returns a processing result, and the processing result is returned to the front-end browser 310 by the nginx proxy server 320.

In the present application, when the front-end browser 310 sends an options request to the back-end service server 100, the front-end browser 310 sends the options request to the nginx proxy server 320, and the nginx proxy server 320 intercepts and processes the options request instead of sending the options request to the back-end service server 100, and after a processing result is obtained, the nginx proxy server 320 returns to the front-end browser 310.

Firstly, obtaining configuration information of at least one domain name, wherein the configuration information at least comprises the domain name and a field under the domain name. The allowed domain name and the field under the domain name can be configured through the configuration information, in another embodiment, parameters such as configuration time and configuration operator identity information can be configured, namely, the domain name and the field under the domain name (usually, a header field) are both managed in a warehouse, and operation traces are aimed at, so that the operation time and the operator can be conveniently known, and the method can be used for backtracking reasons when problems occur.

Step S220: and generating a configuration file according to the configuration information, and saving the configuration file according to a first specified path.

And then automatically generating a configuration file according to the configuration information, and saving the generated configuration file to the local of the nginx proxy server according to the first specified path. After the configuration file is generated, the configuration file may be stored locally at the proxy server in a certain format, such as a Json format.

The first path may be, but is not limited to,/usr/local/nginx/conf/domainconfig.

The format of the configuration file is not limited by the present application, and in some embodiments of the present application, the configuration file includes a plurality of lines of text, each line of text representing a domain name configuration information in which a domain name and a field below the domain name are separated by a space, and a plurality of fields in the field below the domain name are separated by a comma. Such as: http? // www.yqb.com Content-Type, accesstocken, group, devinfo

https://www.company.com Content-Type,accesstoken,groupid,devinfo。

Step S230: and running a Lua script to read the configuration file according to the first specified path and finish the configuration of processing the cross-border preview request according to the configuration file, wherein the Lua script is integrated in the proxy server in advance.

In some embodiments of the present application, the Lua script may be, but is not limited to, a domain. The specific process of configuration may be: constructing domain. Embedding the domain.Lua script into the proxy server; and running the domain.Lua script, reading the configuration file according to the first specified path, and generating a configuration function, wherein the configuration function at least comprises: function getOrigiginAndHeaders (file); and function counters _ requests (allowed _ orientations, allowed _ headers). And configuring a control function, wherein the control function is access _ by _ lua _ file/usr/local/nginx/conf/lua/domain.

In some embodiments of the present application, the configuration function includes at least two kernel functions, as follows:

function getOriginsAndHeaders(file)

// processing the configuration file generated in the previous step to obtain allowed _ orientations, allowed _ headers

End。

function cors_request(allowed_origins,allowed_headers)

// function processing, returning nginx configuration

End。

In addition, the following control functions can be configured in the nginx proxy server:

access_by_lua_file/usr/local/nginx/conf/lua/domain.lua；

// access _ by _ lua: and processing in the request access phase for access control.

It should be noted that the Lua script may be integrated in the proxy server in advance, or the Lua script may be integrated first, and then the Lua script is executed, so as to read the configuration file according to the first specified path, and complete the configuration step of processing the cross-border preview request according to the configuration file.

For integrating the Lua script in the Nginx proxy server, the Lua script is specifically embedded into the Nginx proxy server to form ngx _ Lua module, and the ngx _ Lua module controls the Nginx proxy server to execute the Lua script, so that the Lua script calls the configuration file to complete the configuration of the Nginx proxy server.

The principle of integrating the Lua script in the nginx proxy server is as follows: the Lua script is embedded into the Nginx to form an ngx _ Lua module, and the ngx _ Lua module lets the Nginx proxy server execute the Lua script and handle various requests with high concurrency and non-blocking.

Specifically, a coroutine is built in the Lua script, so that the asynchronous callback can be well converted into a sequential calling form, and IO (input and output) operations performed by the ngx _ Lua module in the Lua script are delegated to an event model of the Nginx proxy server, so that non-blocking calling is realized. A developer can write a program in a serial mode, and the ngx _ lua module can be automatically interrupted when blocked IO operation is carried out, so that context is saved; then the IO operation is delegated to the event handling mechanism of the Nginx proxy server, and after the IO operation is completed, the ngx _ lua module restores the context and the program continues to execute, all of which are transparent to the user program. Each NginxWorker process holds a Lua interpreter or LuaJIT instance, which all requests processed by this NginxWorker share. The Context of each request is split by the Lua lightweight protocol to ensure that the requests are independent. The ngx _ lua module adopts a processing model of "one-core-per-request", and for each user request, the ngx _ lua module wakes up a protocol for executing the user code processing request, and the protocol is destroyed when the request processing is completed. Each coroutine has an independent global environment (variable space) that inherits to globally shared, read-only "comman data". Therefore, any variable injected into the global space by the user code will not affect the processing of other requests, and the variables will be released after the request processing is completed, so that all the user code is guaranteed to run in a "sandbox", which has the same life cycle as the request. Thanks to the support of the Lua protocol, the ngx _ Lua module requires only little memory when processing 10000 concurrent requests. According to the test, the ngx _ lua module only requires 2KB of memory to process each request, and less if LuaJIT is used. The ngx _ lua module is well suited for implementing scalable, highly concurrent services.

Step S240: and processing the received cross-domain pre-detection request based on the configuration, and returning a processing result.

After the configuration of the nginx proxy server is completed, the nginx proxy server can process the cross-domain pre-detection request. After the nginx proxy server receives the cross-domain pre-detection request, the cross-domain pre-detection request can be directly processed based on the configuration achieved by the method, and a processing result is returned to the browser, so that the cross-domain pre-detection request is not required to be sent to a back-end service server.

It is simply understood that, in the cross-domain preview request, both the domain name and the field under the domain name of the browser are provided, if the domain name and the field under the domain name of the browser are allowed to be configured, the browser is allowed to send a formal request, otherwise, the browser is not allowed to send the formal request.

In some embodiments of the present application, in the above method, processing the received cross-domain preview request based on the configuration, and returning a processing result includes: receiving a cross-domain pre-check request, wherein the cross-domain pre-check request is sent by a browser or forwarded by a virtual server; checking the cross-domain pre-check request, and if the checking result is successful, returning a first status code; and if the verification result is failure, returning the second state code.

options request does not need any interaction with a real back-end server, the options are only a checking function, no service field needs to be taken, the nginx proxy server generally has two situations when processing the cross-domain pre-detection request, namely checking success and checking failure respectively, if the checking result is success, a first status code is returned, the first status code can be, but not limited to 204, 204 represents that no substantial content is successfully returned; if the verification result is failure, a second state code is returned, where the second state code may be, but is not limited to, 400, and 400 represents that the request of the browser is not allowed.

As can be seen from the method shown in fig. 2, the method is executed by the proxy server, the configuration information of at least one domain name is obtained, the configuration file is generated according to the configuration information, the configuration file is stored in the first designated path, and the Lua script is integrated and run in the proxy server, so that the Lua script can read the configuration file from the first designated path and perform relevant configuration on the proxy server, the configured proxy server can directly perform cross-domain previewing on Options request and return a processing result, the cross-domain previewing request does not need to be sent to the back-end service server, and the Options request link is shortened. The method and the device realize dynamic configuration of the domain name and are flexible to operate; the Options request link is shortened, the processing result return time is greatly shortened, the processing efficiency is obviously improved, and the pressure of a back-end server is reduced; the front end has strong expansibility, the freedom degree of dynamically configuring the domain name and the field under the domain name is improved, and the online efficiency of the service is accelerated; the proxy server configuration and the Options request processing are realized by adopting the lightweight Lua script, the configuration reading and processing performance is improved, the pressure on the proxy server is avoided, the application range and the scene are wide, and the practicability is high.

In some embodiments of the present application, in the method above, the obtaining configuration information of at least one domain name includes: and responding to a configuration instruction of a configuration interface, and receiving the configuration information, wherein the configuration interface comprises a domain name control and a field under domain name control. In other embodiments of the present application, the obtaining configuration information of at least one domain name further includes: receiving the configuration information in response to a configuration instruction for a configuration interface, wherein the configuration information further comprises: configuring time and operator identity information; the configuration interface further comprises a configuration time control and an operator identity information configuration control.

In order to facilitate the work of developers, the application also provides a visual configuration interface, a plurality of controls are arranged in the configuration interface, and the configuration information of the domain name can be obtained through the configuration interface. The visualized configuration interface is provided by the nginx proxy server and can be displayed on a terminal of a developer, and the nginx proxy server responds to an operation instruction of the developer on the configuration interface and acquires the configuration parameters of the domain name. Domain names to which the present application is applicable include, but are not limited to, http, server, location if-like domain names, and the like.

The control in the configuration interface is configured according to the parameter information of the domain name which needs to be configured, and at least comprises a domain name control and a field under domain name control, and can also comprise a configuration time control, a configuration operator identity information control and the like according to needs.

Fig. 4 shows a schematic diagram of a configuration interface according to an embodiment of the present application, and as can be seen from fig. 4, in the configuration interface, a domain name, a field under the domain name, configuration time, and a configuration operator can be configured, the domain name can be dynamically increased or decreased, the operation is convenient, and the degree of freedom is high.

When a developer clicks the newly added button in fig. 4, a left interface can be popped up, and the domain name, the field under the domain name, and the like can be configured on the interface; the contents in the right-hand table are available by configuration.

In some embodiments of the present application, in the above method, a regular expression may be used for verification, specifically, a domain name and a field under the domain name in the cross-domain pre-inspection request are matched according to the regular expression, and if matching is successful, a verification result is determined to be successful; if the matching is unsuccessful, determining that the verification result is failure; wherein the regular expression is:

$http_origin～*

"(http.？://.*\.company\.com$)|(http.？://.*\.yqb\.com$)|(http.？://.*\.1qianbao\.com$)|(https://.*\.company\.com\.cn)|^.？$"。

the checking process may be simply understood as checking whether the domain name of the received options request and the field under the domain name are allowed in the configuration information. The regular expression can be adopted to match the domain name in the options request and the field under the domain name, and if the matching is successful, the verification result is determined to be successful; and if the matching is unsuccessful, determining that the verification result is failure.

Fig. 5 is a schematic structural diagram illustrating a device for processing a cross-domain preview request according to an embodiment of the present application, where the device is deployed in the nginx proxy server 320, and as can be seen from fig. 5, the device 500 includes:

an obtaining unit 510, configured to obtain configuration information of at least one domain name, where the configuration information at least includes the domain name and a field under the domain name;

a generating unit 520, configured to generate a configuration file according to the configuration information, and store the configuration file according to a first specified path;

a configuration unit 530, configured to run a Lua script, so as to read the configuration file according to the first specified path, and implement configuration for processing a cross-domain preview request according to the configuration file, where the Lua script is integrated in the proxy server in advance;

and the processing unit 540 is configured to process the received cross-domain preview request based on the configuration, and return a processing result.

In some embodiments of the present application, in the above apparatus, the obtaining unit 510 is configured to receive the configuration information in response to a configuration instruction for a configuration interface, where the configuration interface includes a domain name control and a field under domain name control.

In some embodiments of the present application, in the above apparatus, the obtaining unit 510 is further configured to receive the configuration information in response to a configuration instruction for a configuration interface, where the configuration information further includes: configuring time and operator identity information; the configuration interface further comprises a configuration time control and an operator identity information configuration control.

In some embodiments of the present application, in the above apparatus, the generating unit 520 is configured to generate a configuration file according to the configuration information, where the configuration file includes a plurality of lines of text, each line of the text represents a domain name configuration information, a domain name and a field below the domain name in each line of the domain name configuration information are separated by a space, and a plurality of fields in the field below the domain name are separated by commas; and storing the configuration file locally in the proxy server in a Json format.

In some embodiments of the present application, in the above apparatus, the configuration unit 530 is configured to run the domain.lua script, read the configuration file according to the first specified path, and generate a configuration function, where the configuration function includes: function getOrigiginsAndHeaders (file); and functions _ requests (allowed _ orientations, allowed _ headers), wherein the domain. And configuring a control function, wherein the control function is access _ by _ lua _ file/usr/local/nginx/conf/lua/domain.

In some embodiments of the present application, in the above apparatus, the processing unit 540 is configured to receive a cross-domain preview request, where the cross-domain preview request is sent by a browser or forwarded through a virtual server; verifying the cross-domain pre-inspection request by adopting the Lua script, and returning a first state code if the verification result is successful; and if the verification result is failure, returning the second state code.

In some embodiments of the present application, in the above apparatus, the processing unit 540 is configured to match a domain name and a field under the domain name in the cross-domain pre-inspection request according to a regular expression, and if the matching is successful, determine that a verification result is successful; if the matching is unsuccessful, determining that the verification result is failure; wherein the regular expression is:

$http_origin～*

it should be noted that, the processing apparatus for cross-domain pre-detection request can implement the processing method for cross-domain pre-detection request one by one, and details are not described here.

Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application. Referring to fig. 6, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 6, but that does not indicate only one bus or one type of bus.

And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.

The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to form a processing device of the cross-domain preview request on a logic level. And a processor for executing the program stored in the memory and specifically for executing the method.

The method executed by the processing device for cross-domain preview request disclosed in the embodiment of fig. 5 of the present application can be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

The electronic device may further execute the method executed by the device for processing the cross-domain preview request in fig. 5, and implement the function of the device for processing the cross-domain preview request in the embodiment shown in fig. 5, which is not described herein again.

Embodiments of the present application further propose a computer-readable storage medium storing one or more programs, where the one or more programs include instructions, which, when executed by an electronic device including a plurality of application programs, can cause the electronic device to perform the method performed by the processing apparatus of the cross-domain preview request in the embodiment shown in fig. 5, and in particular to perform the foregoing method.

As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims

1. A method for processing a cross-domain preview request, the method being performed by a proxy server, the method comprising:

running a Lua script to read the configuration file according to the first specified path and realize the configuration of processing the cross-domain pre-detection request according to the configuration file, wherein the Lua script is integrated in the proxy server in advance;

2. The method of claim 1, wherein obtaining configuration information of at least one domain name comprises:

and responding to a configuration instruction of a configuration interface, and receiving the configuration information, wherein the configuration interface comprises a domain name control and a field under domain name control.

3. The method of claim 1, wherein obtaining configuration information of at least one domain name further comprises:

receiving the configuration information in response to a configuration instruction for a configuration interface, wherein the configuration information further comprises: configuring time and operator identity information; the configuration interface also comprises a configuration time control and an operator identity information control.

4. The method of claim 1, wherein generating a configuration file according to the configuration information and saving the configuration file according to a first specified path comprises:

generating a configuration file according to the configuration information, wherein the configuration file comprises a plurality of lines of texts, each line of texts represents domain name configuration information, a domain name and a field under the domain name in each line of domain name configuration information are separated by a space, and a plurality of fields in the field under the domain name are separated by commas;

and storing the configuration file locally in the proxy server in a Json format.

5. The method of claim 1, wherein the executing a Lua script to read the configuration file according to the first specified path and implement a configuration for processing a cross-domain preview request according to the configuration file comprises:

and operating a domain.Lua script, reading the configuration file according to the first specified path, and generating a configuration function, wherein the configuration function comprises: function getOrigiginAndHeaders (file); and function registers _ requests (allowed _ orientations, allowed _ headers), wherein the domain.

And configuring a control function, wherein the control function is access _ by _ lua _ file/usr/local/nginx/conf/lua/domain.

6. The method of claim 1, wherein processing the received cross-domain preview request and returning a processing result based on the configuration comprises:

receiving a cross-domain pre-check request, wherein the cross-domain pre-check request is sent by a browser or forwarded by a virtual server;

based on the configuration, the cross-domain pre-detection request is verified, and if the verification result is successful, a first status code is returned; and if the verification result is failure, returning the second state code.

7. The method of claim 1, wherein the verifying the cross-domain preview request comprises:

matching the domain name and the field under the domain name in the cross-domain pre-detection request according to the regular expression, and if the matching is successful, determining that the verification result is successful; if the matching is unsuccessful, determining that the verification result is failure;

wherein the regular expression is:

$http_origin～*

8. an apparatus for cross-domain pre-detection request processing, wherein the apparatus is deployed for proxy server execution, the apparatus comprising:

the configuration unit is used for running a Lua script to read the configuration file according to the first specified path and complete the configuration of processing the cross-domain preview request according to the configuration file, wherein the Lua script is integrated in the proxy server in advance;

9. An electronic device, comprising:

a processor; and

a memory arranged to store computer executable instructions which, when executed, cause the processor to perform the method of claims 1 to 7.

10. A computer readable storage medium storing one or more programs which, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of claims 1-7.