CN103647652B - A kind of method for realizing data transfer, device and server - Google Patents

A kind of method for realizing data transfer, device and server Download PDF

Info

Publication number
CN103647652B
CN103647652B CN201310714560.9A CN201310714560A CN103647652B CN 103647652 B CN103647652 B CN 103647652B CN 201310714560 A CN201310714560 A CN 201310714560A CN 103647652 B CN103647652 B CN 103647652B
Authority
CN
China
Prior art keywords
url
authentication token
data transmission
data
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310714560.9A
Other languages
Chinese (zh)
Other versions
CN103647652A (en
Inventor
唐永刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201310714560.9A priority Critical patent/CN103647652B/en
Publication of CN103647652A publication Critical patent/CN103647652A/en
Application granted granted Critical
Publication of CN103647652B publication Critical patent/CN103647652B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a kind of method for realizing data transfer, device and server;Wherein, the method includes:Authentication token is sent to far-end server and obtain request, and receive the authentication token of the far-end server feedback after data transmission conversation starts;Using the authentication token and data to be transmitted generation URL;URL interface IP address access requests are sent to far-end server;The verification of far-end server feedback is received by transmitting data by URL interface IP addresses after information.Using the method for the present invention, device and server, improve the security of data transfer, it is to avoid request playback and URL further increase the efficiency of data transfer by the caused potential safety hazard such as brush again.

Description

Method, device and server for realizing data transmission
Technical Field
The invention relates to the technical field of data processing, in particular to a method, a device and a server for realizing data transmission.
Background
With the rapid development of network technology, computer networks are becoming more and more intimate with people's lives, users can obtain various resources through the network, and the simplest method is to directly obtain resources on a browser. Currently, HTTP (Hyper Text Transfer Protocol) connection is most commonly used to acquire resources. HTTP is a protocol for transferring data to a client browser, is one of the most common protocols on the Internet, and is a standard for client and server requests and responses, and data transmission between computers can be realized through HTTP.
In the prior art, HTTP defines different methods for client-server interaction, and the most basic data transmission methods include Get and Post methods. Both are data submission modes, but the actual transmission is very different, and the data transmission may be seriously affected. Get is used to Get data from the server, and Post is used to pass data to the server; however, in the actual data transmission process, both the two modes can be realized in a plaintext mode, and are often illegally tampered, so that a serious potential safety hazard exists.
Disclosure of Invention
In view of the above problems, the present invention is proposed to provide a method for implementing data transmission and a corresponding apparatus and server for implementing data transmission, which overcome the above problems or at least partially solve the above problems.
According to an aspect of the present invention, there is provided a method for implementing data transmission, including:
when a data transmission session is started, sending an authentication token acquisition request to a remote server, and receiving an authentication token fed back by the remote server; generating a URL by using the authentication token and the data to be transmitted; sending a URL interface address access request to a remote server; and transmitting data through the URL interface address after receiving the verification passing information fed back by the remote server.
Preferably, the generating the URL using the authentication token and the data to be input includes: constructing a data character string by using the data to be transmitted; calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token; and adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
Preferably, the data transmission parameters further include a preset key shared with the remote server.
Preferably, the data transmission parameter further includes a sequence number of the data transmission session, and the data transmission session is greater than the sequence number of the previous data transmission session.
Preferably, the method further comprises: after generating the URL, sending an authentication token acquisition request to a remote server; and sending a URL interface address access request to the remote server after receiving the authentication token fed back by the remote server.
Preferably, the method further comprises: and when receiving the authentication token fed back by the remote server, acquiring the feedback time of the remote server.
According to another aspect of the present invention, there is provided a method for implementing data transmission, including:
after a data transmission session is started, receiving an authentication token acquisition request sent by a client, and feeding back an authentication token to the client; receiving a URL interface address access request sent by the client after the client generates a URL by using the authentication token and the data to be transmitted; and checking the safety of the URL, and if the URL passes the check, feeding back a check passing message to the client to instruct the client to transmit data through the URL interface address.
Preferably, the verifying the security of the URL includes: checking whether the authentication token in the URL is the feedback authentication token or not, and if so, determining that the check is passed; and after the authentication token passes the verification, verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally, and if so, determining that the verification passes.
Preferably, the verifying the security of the URL further includes: and when the check value of the check bit MD5 in the URL passes the check, checking whether the sequence number of the data transmission session in the URL is larger than the sequence number of the previous data transmission session, and if so, determining that the check passes.
Preferably, the method further comprises: recording feedback time when an authentication token is fed back to the client; and after the sequence number passes the verification, verifying whether the authentication token acquisition time in the URL is earlier than the URL interface address access request time, and if so, determining that the verification passes.
According to another aspect of the present invention, there is provided an apparatus for implementing data transmission, including: the device comprises a first request unit, a generation unit, a second request unit and a transmission unit; wherein,
the first request unit is used for sending an authentication token acquisition request to a remote server after a data transmission session is started and receiving an authentication token fed back by the remote server; the generation unit is used for generating a URL by using the authentication token received by the first request unit and the data to be transmitted; the second request unit is used for sending a URL interface address access request to a remote server; and the transmission unit is used for transmitting data through the URL interface address after receiving the verification success information fed back by the remote server.
Preferably, the generating unit includes: the device comprises a construction module, a calculation module and an addition module; the construction module is used for constructing a data character string by using the data to be transmitted; the calculation module is used for calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token; and the adding module is used for adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
Preferably, the generating unit is further configured to instruct the first requesting unit to send an authentication token obtaining request to a remote server after the URL is generated; the first request unit is further configured to receive an authentication token request fed back by the remote server after sending the authentication token acquisition request according to the instruction of the generation unit, and instruct the second request unit to send a URL interface address access request to the remote server.
Preferably, the apparatus further comprises: and the obtaining unit is used for obtaining the feedback time of the remote server after the first request unit receives the authentication token fed back by the remote server.
According to another aspect of the present invention, there is provided a server for implementing data transmission, including: the device comprises a first feedback unit, a receiving unit, a checking unit and a second feedback unit; wherein,
the first feedback unit is used for receiving an authentication token acquisition request sent by a client and feeding back an authentication token to the client after a data transmission session is started; the receiving unit is used for receiving a URL interface address access request sent by the client after the client generates a URL by using the authentication token and the data to be transmitted; the verification unit is used for verifying the safety of the URL and informing the second feedback unit of the verification result; and the second feedback unit is used for receiving the verification result of the verification unit and feeding back a verification success message to the client when the verification is passed so as to indicate the client to transmit data through the URL interface address.
Preferably, the verification unit includes: a first processing module and a second processing module; the first processing module is used for checking whether the authentication token in the URL is the authentication token fed back by the first feedback unit, and if so, notifying the second processing module of a checking passing result; and the second processing module is used for verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally after receiving the check passing result of the first processing module, and if so, determining that the check passes.
Preferably, the verification unit further includes: and the third processing module is used for checking whether the sequence number of the data transmission session in the URL is greater than the sequence number of the previous data transmission session after the second processing module passes the check, and if so, determining that the check passes.
Preferably, the server further comprises: and the recording unit is used for recording feedback time when the first feedback unit feeds back the authentication token to the client.
Preferably, the verification unit further includes: and the fourth processing module is used for checking whether the acquisition time of the authentication token in the URL is earlier than the time when the receiving unit receives the URL interface address access request or not after the third processing module passes the check, and if so, determining that the check is passed. .
According to the embodiment of the invention, the URL containing different verification information is constructed, and the URL is used for sending the URL interface address access request to the remote server, so that the remote server can verify the validity of the data transmission session by using the verification information, the safety of data transmission is improved, potential safety hazards caused by request playback, URL re-brushing and the like are avoided, and the efficiency of data transmission is further improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow diagram of a method for implementing data transmission according to one embodiment of the present invention;
FIG. 2 is a block diagram of an apparatus for implementing data transmission according to an embodiment of the present invention; and the number of the first and second groups,
fig. 3 is a block diagram of a server for implementing data transmission according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Referring to fig. 1, a flowchart illustrating steps of embodiment 1 of a method for implementing data transmission according to an embodiment of the present invention is shown, which may specifically include the following steps:
step 110: after a data transmission session is started, a client sends an authentication token (token) acquisition request to a remote server;
it should be noted that, in this embodiment, the authentication token refers to an identity of information interaction between the client and the remote server, and the specific form may be a certain request message or a segment of character string; preferably, the authentication token may be acquired from the remote server through an authentication token acquisition URL; in addition, the client is only referred to as a remote server, and not only refers to a physical client, but also may be a browser, an application, an APP, software, and the like; the specific embodiment is not limited.
Step 120: after receiving an authentication token acquisition request sent by a client, the remote server feeds back the authentication token to the client;
in this embodiment, after the remote server receives the acquisition request from the client, the authentication token may be fed back to the remote server in a variety of ways, for example: feeding back a response message to the user equipment, wherein the response message contains the authentication token; for another example: the authentication token may be fed back to the client directly as a message format with the authentication token itself. It is to be noted that the authentication token in this embodiment may be a content randomly generated by the remote server after receiving the acquisition request of the client, or may be a preset content, and this embodiment is not limited in this embodiment.
In addition, the present embodiment proposes to record the TIME1 of the feedback operation when the remote server feeds back the authentication token to the client, for subsequent other operations.
Step 130: after receiving the authentication token fed back by the remote server, the client generates a URL by using the authentication token and the data to be transmitted;
in an actual application process, the embodiment proposes that the URL is generated in the following manner, specifically including:
s131: constructing a data character string by using the data to be transmitted;
for example, when a user needs to log in a server through a client to obtain a service provided by the server, the user needs to pass identity authentication first, and authentication information is data to be transmitted in the data transmission session; if the client side constructs the mobile phone number and the password of the user during login into a data string: a user/login/mobile/{ mobile phone number }/password/{ code string };
s132: calculating a check bit MD5 value of the data transmission parameter;
wherein the data transmission parameters include at least the data string and the authentication token; the calculation rule of the check bit MD5 may be: MD5 (token + PATH), where the authentication token is the authentication token string fed back by the remote server, and the PATH is the data string constructed in step S131.
S133: adding the authentication token, the MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL;
specifically, the token (token) and the check digit (MD5) are attached to the URL in a GET manner, for example: the method comprises the steps that the URL request data string is constructed, wherein the URL request data string is composed of a user, a login, a mobile phone number, a password string, a token, a sequence number, a md5 and a check bit, wherein the user, the login, the mobile phone number, the password string and the check bit are combined;
the constructed URL request data string then generates a full format URL, which is http:// { domain name } { URI }, e.g., http:// api. browser.360.cn/user/login/mobile/{ mobile phone number }/password/{ password string }.
It should be noted that, in this embodiment, the data transmission parameter may further include a shared key preset between the client and the server, where the shared key is used to identify the identity information of the client; on the basis, the check bit MD5 value of the data transmission parameter calculated in step S132 is the check bit MD5 value of the data transmission parameter containing the key, i.e., MD5 (token + key + PATH).
In addition, when the client performs data interaction with the remote server, each interaction request and response will set the sequence number i of the data transmission session, and when data interaction is performed next time, the sequence number i needs to be accumulated, for example, when i is 12 in the previous request, i > =13 should be set this time; therefore, the check bit MD5 value calculated in step 132 may also include the sequence number, i.e., MD5 (token + key + sequence number + PATH).
Step 140: after the client generates the URL, the client sends a URL interface address access request to a remote server by using the URL;
step 150: after receiving the URL interface address access request of the client, the remote server verifies the safety of the URL and feeds back a verification result to the client, namely, the client is informed whether the verification is successful;
specifically, the present embodiment proposes that the URL security can be verified through the following method, but is not limited to this:
s151: the remote server checks whether the authentication token in the URL is an authentication token fed back to the client side, and if so, the remote server determines that the check is passed; specifically, an authentication token character string is extracted from http:// api. browser.360. cn/user/logic/mobile/{ mobile phone number }/password/{ password string }; otherwise, determining that the authentication token check fails.
S152: after the authentication token passes the verification, verifying whether the value of a check digit MD5 in the URL is the same as the value of a check digit MD5 calculated locally, and if so, determining that the verification passes; specifically, after the remote server verifies that the authentication token passes, a check bit MD5 (token + PATH) is calculated, and a check bit MD5 value is extracted from http:// api. browser.360.cn/user/login/mobile/{ mobile phone number }/password/{ password string }' token = { token } & i = { sequence number } & MD5= { check bit }, and if the check bit MD5 value is consistent with the check bit MD5 value, the check bit MD5 value is determined to pass the check, otherwise, the check bit is not passed.
In addition, the embodiment proposes that the method may further include: and when the check value of the check bit MD5 in the URL passes the check, checking whether the sequence number of the data transmission session in the URL is larger than the sequence number of the previous data transmission session, and if so, determining that the check passes.
It should be noted that, if the TIME1 of the feedback operation is recorded when the remote server feeds back the authentication token to the client, after passing the sequence number check, the remote server records the TIME2 of receiving the URL interface address access request sent by the client, and checks whether the TIME1 is earlier than the TIME2, if so, it is determined that the temporal check passes, otherwise, it is determined that the check does not pass.
It should be noted that after the sequence setting between the above-mentioned verification processes is completed, if any verification fails, the data transmission session is considered to be illegal, that is, the remote server feeds back information that the verification fails to pass to the client, and the subsequent client cannot perform data transmission through the URL interface address.
Step 160: and the client receives the verification result fed back by the remote server, and if the verification is successful, the client transmits data through the URL interface address.
It can be seen that, in the method of the embodiment of the present invention, by constructing URLs containing different verification information and sending a URL interface address access request to a remote server by using the URL, the remote server verifies the validity of the data transmission session by using the verification information, so that the security of data transmission is improved, potential safety hazards caused by request playback and URL re-brushing are avoided, and the efficiency of data transmission is further improved.
Of course, the specific information and the determination method thereof are only examples, and when the embodiment of the present invention is implemented, other specific information and determination method thereof may be set according to actual situations, which is not limited in the embodiment of the present invention. In addition, besides the above-mentioned specific information and the determination method thereof, a person skilled in the art may also use other specific information and determination method thereof according to actual needs, and the embodiment of the present invention is not limited thereto.
For simplicity of explanation, the method embodiments are described as a series of acts or combinations, but those skilled in the art will appreciate that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the embodiments of the invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Referring to fig. 2, a block diagram of a device for implementing data transmission according to an embodiment of the present invention is shown, which may specifically include the following modules: a first request unit 210, a generation unit 220, a second request unit 230, and a transmission unit 240; wherein,
the first request unit 210 is configured to send an authentication token acquisition request to a remote server after a data transmission session is started, and receive an authentication token fed back by the remote server; the generating unit 220 is configured to generate a URL using the authentication token and the data to be transmitted received by the first requesting unit 210; the second request unit 230 is configured to send a URL interface address access request to a remote server; the transmission unit 240 is configured to transmit data through the URL interface address after receiving the verification success information fed back by the remote server.
Wherein the generating unit 220 comprises (not shown in the figure): the device comprises a construction module, a calculation module and an addition module; the construction module is used for constructing a data character string by using the data to be transmitted; the calculation module is used for calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token; and the adding module is used for adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
In addition, the generating unit 220 is further configured to instruct the first requesting unit to send an authentication token obtaining request to a remote server after generating the URL; the first requesting unit 210 is further configured to receive an authentication token request fed back by the remote server after sending an authentication token obtaining request according to the instruction of the generating unit 220, and instruct the second requesting unit 230 to send a URL interface address access request to the remote server.
Notably, the apparatus further comprises (not shown in the figures): and the obtaining unit is used for obtaining the feedback time of the remote server after the first request unit receives the authentication token fed back by the remote server.
Referring to fig. 3, a block diagram of a server for implementing data transmission according to an embodiment of the present invention is shown, which may specifically include the following modules: a first feedback unit 310, a receiving unit 320, a verifying unit 330 and a second feedback unit 340; wherein,
the first feedback unit 310 is configured to receive an authentication token acquisition request sent by a client after a data transmission session is started, and feed back an authentication token to the client; the receiving unit 320 is configured to receive a URL interface address access request sent by the client after generating a URL using the authentication token and the data to be transmitted; the verification unit 330 is configured to verify the security of the URL and notify the second feedback unit 340 of the verification result; the second feedback unit 340 is configured to receive the verification result of the verification unit 330, and when the verification passes, feed back a verification success message to the client to instruct the client to transmit data through the URL interface address.
Wherein the verification unit 330 includes (not shown in the figure): a first processing module and a second processing module; the first processing module is used for checking whether the authentication token in the URL is the authentication token fed back by the first feedback unit, and if so, notifying the second processing module of a checking passing result; and the second processing module is used for verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally after receiving the check passing result of the first processing module, and if so, determining that the check passes.
In addition, the verification unit 330 may further include (not shown in the figure): and the third processing module is used for checking whether the sequence number of the data transmission session in the URL is greater than the sequence number of the previous data transmission session after the second processing module passes the check, and if so, determining that the check passes.
It should be noted that the server may further include (not shown in the figure): and the recording unit is used for recording feedback time when the first feedback unit feeds back the authentication token to the client.
On this basis, the verification unit 330 may further include (not shown in the figure): and the fourth processing module is used for checking whether the acquisition time of the authentication token in the URL is earlier than the time when the receiving unit receives the URL interface address access request or not after the third processing module passes the check, and if so, determining that the check is passed.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components of an apparatus implementing data transmission according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The embodiment of the invention also discloses A1 and a method for realizing data transmission, which comprises the following steps:
when a data transmission session is started, sending an authentication token acquisition request to a remote server, and receiving an authentication token fed back by the remote server;
generating a URL by using the authentication token and the data to be transmitted;
sending a URL interface address access request to a remote server;
and transmitting data through the URL interface address after receiving the verification passing information fed back by the remote server.
A2, the method of A1, the generating a URL using the authentication token and the tape pending data comprising: constructing a data character string by using the data to be transmitted;
calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token;
and adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
A3, the method of A2, wherein the data transmission parameters further comprise a preset key shared with the remote server.
A4, the method of claim a2 or A3, the data transmission parameters further including a sequence number for this data transmission session, the sequence number for this data transmission session being greater than a sequence number for a previous data transmission session.
A5, the method of a1, the method further comprising:
after generating the URL, sending an authentication token acquisition request to a remote server;
and sending a URL interface address access request to the remote server after receiving the authentication token fed back by the remote server.
A6, the method of a1, the method further comprising:
and when receiving the authentication token fed back by the remote server, acquiring the feedback time of the remote server.
The embodiment of the invention also discloses B7 and a method for realizing data transmission, which comprises the following steps:
after a data transmission session is started, receiving an authentication token acquisition request sent by a client, and feeding back an authentication token to the client;
receiving a URL interface address access request sent by the client after the client generates a URL by using the authentication token and the data to be transmitted;
and checking the safety of the URL, and if the URL passes the check, feeding back a check passing message to the client to instruct the client to transmit data through the URL interface address.
B8, the method as in B7, the verifying the security of the URL includes: checking whether the authentication token in the URL is the feedback authentication token or not, and if so, determining that the check is passed;
and after the authentication token passes the verification, verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally, and if so, determining that the verification passes.
B9, the method as in B8, the verifying the security of the URL further comprising: and when the check value of the check bit MD5 in the URL passes the check, checking whether the sequence number of the data transmission session in the URL is larger than the sequence number of the previous data transmission session, and if so, determining that the check passes.
B10, the method of B9, further comprising:
recording feedback time when an authentication token is fed back to the client;
and after the sequence number passes the verification, verifying whether the authentication token acquisition time in the URL is earlier than the URL interface address access request time, and if so, determining that the verification passes.
The embodiment of the invention also discloses C11, a device for realizing data transmission, comprising: the device comprises a first request unit, a generation unit, a second request unit and a transmission unit; wherein,
the first request unit is used for sending an authentication token acquisition request to a remote server after a data transmission session is started and receiving an authentication token fed back by the remote server;
the generation unit is used for generating a URL by using the authentication token received by the first request unit and the data to be transmitted;
the second request unit is used for sending a URL interface address access request to a remote server;
and the transmission unit is used for transmitting data through the URL interface address after receiving the verification success information fed back by the remote server.
C12, the apparatus as described in C11, the generating unit comprising: the device comprises a construction module, a calculation module and an addition module; wherein,
the construction module is used for constructing a data character string by using the data to be transmitted;
the calculation module is used for calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token;
and the adding module is used for adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
C13, the apparatus of C11, the generating unit further configured to instruct the first requesting unit to send an authentication token obtaining request to a remote server after generating the URL;
the first request unit is further configured to receive an authentication token request fed back by the remote server after sending the authentication token acquisition request according to the instruction of the generation unit, and instruct the second request unit to send a URL interface address access request to the remote server.
C14, the apparatus of C11, further comprising:
and the obtaining unit is used for obtaining the feedback time of the remote server after the first request unit receives the authentication token fed back by the remote server.
The invention also discloses D15, a server for realizing data transmission, comprising: the device comprises a first feedback unit, a receiving unit, a checking unit and a second feedback unit; wherein,
the first feedback unit is used for receiving an authentication token acquisition request sent by a client and feeding back an authentication token to the client after a data transmission session is started;
the receiving unit is used for receiving a URL interface address access request sent by the client after the client generates a URL by using the authentication token and the data to be transmitted;
the verification unit is used for verifying the safety of the URL and informing the second feedback unit of the verification result;
and the second feedback unit is used for receiving the verification result of the verification unit and feeding back a verification success message to the client when the verification is passed so as to indicate the client to transmit data through the URL interface address.
D16, the server as D15, the verification unit includes: a first processing module and a second processing module; wherein,
the first processing module is used for checking whether the authentication token in the URL is the authentication token fed back by the first feedback unit, and if so, notifying the second processing module of the checking passing result;
and the second processing module is used for verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally after receiving the check passing result of the first processing module, and if so, determining that the check passes.
D17, the server as D16, the verification unit further comprising:
and the third processing module is used for checking whether the sequence number of the data transmission session in the URL is greater than the sequence number of the previous data transmission session after the second processing module passes the check, and if so, determining that the check passes.
D18, the server of D17, further comprising:
and the recording unit is used for recording feedback time when the first feedback unit feeds back the authentication token to the client.
D19, the server as D18, the verification unit further comprising:
and the fourth processing module is used for checking whether the acquisition time of the authentication token in the URL is earlier than the time when the receiving unit receives the URL interface address access request or not after the third processing module passes the check, and if so, determining that the check is passed.

Claims (17)

1. A method of implementing data transmission, comprising:
when a data transmission session is started, sending an authentication token acquisition request to a remote server, and receiving an authentication token fed back by the remote server, wherein the authentication token is an identity of information interaction between a client and the remote server;
generating a URL by using the authentication token and the data to be transmitted;
sending a URL interface address access request to a remote server;
after receiving verification passing information fed back by the remote server, transmitting data through the URL interface address;
the generating the URL using the authentication token and the data to be input includes:
constructing a data character string by using the data to be transmitted;
calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token;
and adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
2. The method of claim 1, wherein:
the data transmission parameters further comprise a preset key shared with the remote server.
3. The method of claim 2, wherein:
the data transmission parameters also comprise the sequence number of the data transmission session, and the data transmission session is greater than the sequence number of the previous data transmission session.
4. The method of claim 1, further comprising:
after generating the URL, sending an authentication token acquisition request to a remote server;
and sending a URL interface address access request to the remote server after receiving the authentication token fed back by the remote server.
5. The method of claim 1, further comprising:
and when receiving the authentication token fed back by the remote server, acquiring the feedback time of the remote server.
6. A method of implementing data transmission, comprising:
after a data transmission session is started, receiving an authentication token acquisition request sent by a client, and feeding back an authentication token to the client, wherein the authentication token is an identity of information interaction between the client and a remote server;
receiving a URL interface address access request sent by the client after the client generates a URL by using the authentication token and the data to be transmitted, wherein the generation of the URL by using the authentication token and the data to be transmitted comprises: constructing a data character string by using the data to be transmitted; calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token; adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL;
and checking the safety of the URL, and if the URL passes the check, feeding back a check passing message to the client to instruct the client to transmit data through the URL interface address.
7. The method of claim 6, wherein the verifying the security of the URL comprises: checking whether the authentication token in the URL is the feedback authentication token or not, and if so, determining that the check is passed;
and after the authentication token passes the verification, verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally, and if so, determining that the verification passes.
8. The method of claim 7, wherein the verifying the security of the URL further comprises: and when the check value of the check bit MD5 in the URL passes the check, checking whether the sequence number of the data transmission session in the URL is larger than the sequence number of the previous data transmission session, and if so, determining that the check passes.
9. The method of claim 8, further comprising:
recording feedback time when an authentication token is fed back to the client;
and after the sequence number passes the verification, verifying whether the authentication token acquisition time in the URL is earlier than the URL interface address access request time, and if so, determining that the verification passes.
10. An apparatus for implementing data transmission, comprising: the device comprises a first request unit, a generation unit, a second request unit and a transmission unit; wherein,
the first request unit is used for sending an authentication token acquisition request to a remote server after a data transmission session is started and receiving an authentication token fed back by the remote server, wherein the authentication token is an identity of information interaction between a client and the remote server;
the generation unit is used for generating a URL by using the authentication token received by the first request unit and the data to be transmitted;
the second request unit is used for sending a URL interface address access request to a remote server;
the transmission unit is used for transmitting data through the URL interface address after receiving the verification success information fed back by the remote server;
the generation unit includes: the device comprises a construction module, a calculation module and an addition module; wherein,
the construction module is used for constructing a data character string by using the data to be transmitted;
the calculation module is used for calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token;
and the adding module is used for adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL.
11. The apparatus of claim 10, the generating unit further configured to instruct the first requesting unit to send an authentication token acquisition request to a remote server after generating the URL;
the first request unit is further configured to receive an authentication token request fed back by the remote server after sending the authentication token acquisition request according to the instruction of the generation unit, and instruct the second request unit to send a URL interface address access request to the remote server.
12. The apparatus of claim 10, further comprising:
and the obtaining unit is used for obtaining the feedback time of the remote server after the first request unit receives the authentication token fed back by the remote server.
13. A server for implementing data transmission, comprising: the device comprises a first feedback unit, a receiving unit, a checking unit and a second feedback unit; wherein,
the first feedback unit is used for receiving an authentication token acquisition request sent by a client and feeding back an authentication token to the client after a data transmission session is started, wherein the authentication token is an identity of information interaction between the client and a remote server;
the receiving unit is configured to receive a URL interface address access request sent by the client after generating a URL using the authentication token and the data to be transmitted, where generating the URL using the authentication token and the data to be transmitted includes: constructing a data character string by using the data to be transmitted; calculating a check bit MD5 value of the data transmission parameter; the data transmission parameters comprise at least the data string and the authentication token; adding the authentication token, the check digit MD5 value and the sequence number of the data transmission to a URL request data string to generate a complete-format URL;
the verification unit is used for verifying the safety of the URL and informing the second feedback unit of the verification result;
and the second feedback unit is used for receiving the verification result of the verification unit and feeding back a verification success message to the client when the verification is passed so as to indicate the client to transmit data through the URL interface address.
14. The server of claim 13, the verification unit comprising: a first processing module and a second processing module; wherein,
the first processing module is used for checking whether the authentication token in the URL is the authentication token fed back by the first feedback unit, and if so, notifying the second processing module of the checking passing result;
and the second processing module is used for verifying whether the value of the check bit MD5 in the URL is the same as the value of the check bit MD5 calculated locally after receiving the check passing result of the first processing module, and if so, determining that the check passes.
15. The server of claim 14, the verification unit further comprising:
and the third processing module is used for checking whether the sequence number of the data transmission session in the URL is greater than the sequence number of the previous data transmission session after the second processing module passes the check, and if so, determining that the check passes.
16. The server of claim 15, further comprising:
and the recording unit is used for recording feedback time when the first feedback unit feeds back the authentication token to the client.
17. The server of claim 16, the verification unit further comprising:
and the fourth processing module is used for checking whether the acquisition time of the authentication token in the URL is earlier than the time when the receiving unit receives the URL interface address access request or not after the third processing module passes the check, and if so, determining that the check is passed.
CN201310714560.9A 2013-12-20 2013-12-20 A kind of method for realizing data transfer, device and server Active CN103647652B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310714560.9A CN103647652B (en) 2013-12-20 2013-12-20 A kind of method for realizing data transfer, device and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310714560.9A CN103647652B (en) 2013-12-20 2013-12-20 A kind of method for realizing data transfer, device and server

Publications (2)

Publication Number Publication Date
CN103647652A CN103647652A (en) 2014-03-19
CN103647652B true CN103647652B (en) 2017-06-09

Family

ID=50252813

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310714560.9A Active CN103647652B (en) 2013-12-20 2013-12-20 A kind of method for realizing data transfer, device and server

Country Status (1)

Country Link
CN (1) CN103647652B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108694249B (en) * 2018-05-30 2022-02-25 平安科技(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium
CN108900471B (en) * 2018-05-31 2022-02-25 北京证大向上金融信息服务有限公司 Server, client, network system and method for transmitting data
CN111107445B (en) * 2018-10-29 2023-04-18 浙江宇视科技有限公司 Media protocol stream optimization method and system
CN109831446B (en) * 2019-03-05 2021-08-20 广州虎牙信息科技有限公司 Request checking method, device, equipment and storage medium
CN114257583A (en) * 2021-12-22 2022-03-29 贵州东彩供应链科技有限公司 Safe downloading method for solving JWT authorization
CN114531246A (en) * 2022-02-22 2022-05-24 中国银行股份有限公司 Data downloading method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075866A (en) * 2006-12-26 2007-11-21 腾讯科技(深圳)有限公司 Method and system for loading message on Internet
CN101351027A (en) * 2007-07-19 2009-01-21 中国移动通信集团公司 Method and system for processing service authentication
WO2011152593A1 (en) * 2010-05-31 2011-12-08 Hyo-Hwan Bae Data upload method using shortcut
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system
CN102946392A (en) * 2012-11-15 2013-02-27 亚信联创科技(中国)有限公司 URL (Uniform Resource Locator) data encrypted transmission method and system
CN103004244A (en) * 2010-05-18 2013-03-27 诺基亚公司 Generic bootstrapping architecture usage with web applications and web pages

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075866A (en) * 2006-12-26 2007-11-21 腾讯科技(深圳)有限公司 Method and system for loading message on Internet
CN101351027A (en) * 2007-07-19 2009-01-21 中国移动通信集团公司 Method and system for processing service authentication
CN103004244A (en) * 2010-05-18 2013-03-27 诺基亚公司 Generic bootstrapping architecture usage with web applications and web pages
WO2011152593A1 (en) * 2010-05-31 2011-12-08 Hyo-Hwan Bae Data upload method using shortcut
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system
CN102946392A (en) * 2012-11-15 2013-02-27 亚信联创科技(中国)有限公司 URL (Uniform Resource Locator) data encrypted transmission method and system

Also Published As

Publication number Publication date
CN103647652A (en) 2014-03-19

Similar Documents

Publication Publication Date Title
US11777911B1 (en) Presigned URLs and customer keying
CN103647652B (en) A kind of method for realizing data transfer, device and server
CN105610810B (en) Data processing method, client and server
US9887999B2 (en) Login method and apparatus
CN104320377B (en) The anti-stealing link method and equipment of a kind of files in stream media
CN104735066B (en) A kind of single-point logging method of object web page application, device and system
US8572756B2 (en) Captcha method and system
US11610182B2 (en) System and method for electronic lead verification
US8949935B2 (en) Secure account creation
US20160381001A1 (en) Method and apparatus for identity authentication between systems
CN102238007A (en) Method, device and system for acquiring session token of user by third-party application
JP2005317022A (en) Account creation via mobile device
CN104283841A (en) Method, device and system for carrying out service access control on third-party application
US9544317B2 (en) Identification of potential fraudulent website activity
CN107016074B (en) Webpage loading method and device
JP2011100489A (en) User confirmation device and method, and program
US20170244700A1 (en) Device and method for validating a user using an intelligent voice print
CN114338130B (en) Information processing method, device, server and storage medium
WO2014026542A1 (en) Implementation method, system and device for instant communication application
CN107026828A (en) A kind of anti-stealing link method cached based on internet and internet caching
JP5456842B2 (en) User confirmation apparatus, method, and user authentication system
CN102946397B (en) User authen method and system
CN106878018B (en) Operation verification method and device
CN107294920B (en) Reverse trust login method and device
KR102661484B1 (en) Fraud prevention in aggregated network measurements

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220721

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.