CN104283903B - The method for down loading and device of file - Google Patents
The method for down loading and device of file Download PDFInfo
- Publication number
- CN104283903B CN104283903B CN201310272313.8A CN201310272313A CN104283903B CN 104283903 B CN104283903 B CN 104283903B CN 201310272313 A CN201310272313 A CN 201310272313A CN 104283903 B CN104283903 B CN 104283903B
- Authority
- CN
- China
- Prior art keywords
- file
- downloading
- cookie
- url
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention is suitable for Internet technical field, provide the method for down loading and device of a kind of file, it include: to return to cookie information corresponding with the downloading page to the downloading client when detecting that downloading client accesses the downloading page of file described in the source web of the file;Downloading client is received to request the downloading of the file;The URL of the file is generated according to the downloading request, the check information of the file is carried in the URL, the check information includes the cookie value in the cookie information;The URL is sent to the downloading client, so that the file is sent to the downloading client after containing the cookie value in the URL in the cookie information that the first server carries in verifying out the HTTP request.Invention prevents downloading clients to download file by stealing chain mode, improves the safety of network data.
Description
Technical field
The invention belongs to Internet technical field more particularly to the method for down loading and device of a kind of file.
Background technique
With the continuous development of Internet technology, user has got used to obtaining various types of files from internet,
Including film, video, music, picture and document etc..Generally, based on hypertext transfer protocol (Hyper Text Transfer
Protocol, HTTP), browser etc. downloads client and provides the website of file download by access, gets from the website
Download link corresponding to the file for needing to download is corresponding to be downloaded from the Resource Server of the website according to the download link
File.Occurring robber's chain phenomenon under above-mentioned file download mechanism, on network, i.e., robber chain side does not provide resource, but directly
The download link of other websites is provided on the website of oneself, to occupy the lower carrier band of the Resource Server of other websites
Width has gained pageview and clicking rate by cheating for the website of oneself, has but compromised the interests of resource provider.
In order to avoid stealing the appearance of chain phenomenon, under website has imported this in its download link for being supplied to downloading client
The identification information of client, such as the HTTP:User-Agent of the downloading client are carried, if the Resource Server of the website is found
Identification information in the download link that the downloading client is sent with it mismatches, then Resource Server refusal is downloading client
End provides file download service.However, for the downloading client of same type identical version, identification information is usually
It is identical, that is, only to need that just still file can be downloaded by way of stealing chain using identical downloading client.
Summary of the invention
The embodiment of the present invention provides a kind of method for down loading of file, it is intended to prevent downloading client from downloading by stealing chain mode
File improves the safety of network data.
The embodiments of the present invention are implemented as follows, a kind of method for down loading of file, comprising:
When detecting that downloading client accesses the downloading page of file described in the source web of the file, Xiang Suoshu
It downloads client and returns to cookie information corresponding with the downloading page;
Downloading client is received to request the downloading of the file;
The URL of the file is generated according to the downloading request, and the check information of the file is carried in the URL,
The check information includes the cookie value in the cookie information;
The URL is sent to the downloading client, so that the downloading client is by the URL and the cookie
Information carries the first server that the website is sent in HTTP request, and makes the first server verifying out
After stating the cookie value contained in the URL in the cookie information carried in HTTP request, by the file
It is sent to the downloading client.
The another object of the embodiment of the present invention is to provide a kind of method for down loading of file, comprising:
The HTTP request that downloading client is sent is received, the URL of the file is carried in the HTTP request, it is described
URL is generated by the second server of the file affiliated web site, includes the check information of the file, the check information packet
Include the cookie value in cookie information corresponding with the downloading page of file described in the website;
It verifies and whether carries the cookie information comprising the cookie value in the HTTP request;
When verify out the cookie information comprising the cookie value is carried in the HTTP request after, by the file
It is sent to the downloading client.
The another object of the embodiment of the present invention is to provide a kind of download apparatus of file, comprising:
Cookie information return unit detects that downloading client accesses described in the source web of the file for working as
When the downloading page of file, cookie information corresponding with the downloading page is returned to the downloading client;
Request reception unit is downloaded, the downloading of the file is requested for receiving downloading client;
URL generation unit carries described for generating the URL of the file according to the downloading request in the URL
The check information of file, the check information include the cookie value in the cookie information;
URL transmission unit, for the URL to be sent to the downloading client, so that the downloading client is by institute
It states URL and the cookie information and carries the first server for being sent to the website in HTTP request, and make described the
Described in being contained in the cookie information that one server carries in verifying out the HTTP request in the URL
After cookie value, the file is sent to the downloading client.
The another object of the embodiment of the present invention is to provide a kind of download apparatus of file, comprising:
HTTP request receiving unit carries in the HTTP request for receiving the HTTP request of downloading client transmission
The URL of the file, the URL are generated by the second server of the file affiliated web site, include the school of the file
Information is tested, the check information includes in cookie information corresponding with the downloading page of file described in the website
Cookie value;
Whether verification unit carries the cookie letter comprising the cookie value for verifying in the HTTP request
Breath;
File transmission unit carries the cookie comprising the cookie value for working as to verify out in the HTTP request
After information, the file is sent to the downloading client.
In embodiments of the present invention, website is provided as the resource of file, by downloading client access downloading page institute energy
The cookie value got is as check information, so that the URL of file is dynamically generated, so that the Resource Server of the website
Whether the downloading request that downloading client can be verified out according to the URL is to be initiated by normally downloading channel, thus effectively
Ground prevents downloading client from downloading file by stealing chain mode, improves the safety of network data.
Detailed description of the invention
Fig. 1 is the network architecture diagram that the method for down loading of file provided in an embodiment of the present invention is applicable in;
Fig. 2 is the implementation flow chart of the method for down loading of file provided in an embodiment of the present invention;
Fig. 3 is the specific implementation flow chart of the method for down loading S203 of file provided in an embodiment of the present invention;
Fig. 4 be another embodiment of the present invention provides file method for down loading implementation flow chart;
Fig. 5 be another embodiment of the present invention provides file method for down loading implementation flow chart;
Fig. 6 is the interaction diagrams of the method for down loading of file provided in an embodiment of the present invention;
Fig. 7 is the structural block diagram of the download apparatus of file provided in an embodiment of the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
In embodiments of the present invention, website is provided as the resource of file, by downloading client access downloading page institute energy
The cookie value got is as check information, to be dynamically generated the uniform resource locator (Uniform of file
Resource Locator, URL) so that the Resource Server of the website can verify out downloading client according to the URL
Whether downloading request is to be initiated by normally downloading channel, is thus effectively prevented downloading client and is downloaded by stealing chain mode
File improves the safety of network data.
Fig. 1 shows the network architecture diagram that the method for down loading of file provided in an embodiment of the present invention is applicable in, for the ease of
Illustrate, only the parts related to this embodiment are shown.
Referring to Fig.1, website 11 is provided as the resource of file comprising first server 111 and second server
112, wherein first server 111 is the Resource Server of the website 11, is used to store and manage what the website 11 was possessed
Internet resources, while for providing file download service for downloading client 12, load client 12 returns to corresponding file downwards,
Make to download the completion file download of client 12.And second server 112 is used to provide web page access service for downloading client 12,
According to the request of downloading client 12, load client 12 returns downwards publishes papers under corresponding web document or downloading client 12
The link of file download needed for part.
In the network architecture shown in Fig. 1, downloading client 12 can be browser client or other have webpage
The client application of browsing ability and file download ability runs on the computer equipment with network accessibility
On, wherein computer equipment includes but is not limited to desktop computer, laptop, mobile phone, tablet computer etc..
In embodiments of the present invention, the downloading process of file is all based on http protocol to carry out, and website 11 is in file
The downloading page in show the description information of file, and provide the downloading portal of file, carry client 12 instantly and pass through the downloading
When entrance is requested to the downloading that second server 112 initiates file, second server 112 carries downwards client 12 and sends this document
URL so that downloading client 12 request the required file of downloading to first server 111 by the URL.
Based on the network architecture shown in FIG. 1, below in conjunction with specific embodiment, to file provided in an embodiment of the present invention
Method for down loading is described in detail:
Fig. 2 shows the implementation flow charts of the method for down loading of file provided in an embodiment of the present invention, in the present embodiment, stream
The executing subject of journey is the second server 112 of website 11 in the network architecture shown in Fig. 1, and details are as follows:
In S201, when detecting that downloading client accesses the downloading page of file described in the source web of the file
When, cookie information corresponding with the downloading page is returned to the downloading client.
Wherein, cookie information is generated by the server end of website, when carrying the respective page of client access website instantly,
If the page pre-sets cookie information, server end can carry downwards client and send the cookie information, by downloading
The cookie information is saved in the text file under some local catalogue by client, and when next time, the downloading client is requested again
When same website, which can be sent to again the cookie information of preservation the server end of the website, with reality
Existing website is to functions such as the identifications of user identity.
In the present embodiment, as the resource provider of file, website is prefixed cookie in the downloading page of file
Information, the cookie information is corresponding with the downloading page of this document, should when only load client accesses the downloading page instantly
Cookie information can be just sent to downloading client by second server, and carry client instantly and access other pages under the website
When face, other cookie informations may be returned, but cookie information corresponding with the downloading page can not be returned.By above-mentioned
Mode, when downloading next time client initiates HTTP request to the website again, cookie information corresponding with the downloading page
It will be carried in HTTP request and send, the server end of website just can learn that downloading client accessed the downloading
The page.
In S202, receives downloading client and the downloading of the file is requested.
In the present embodiment, website provides the downloading portal of this document in the downloading page of file, which can
To be shown in a manner of picture relevant to this document or text etc. in the downloading page, when detecting the point to the downloading portal
After hitting instruction, downloading client sends a HTTP request to the second server of website, and the HTTP request is as downloading client
The downloading to this document is held to request, for requesting second server to carry the URL that client returns to this document downwards.
In S203, the URL of the file is generated according to the downloading request, carries the file in the URL
Check information, the check information include the cookie value in the cookie information.
In the present embodiment, after the downloading to this document for receiving downloading client transmission is requested, second service
The check information in path and this document that device is stored in the first server of website according to this document generates this document
URL, wherein check information includes the cookie value in the cookie information for return in S201 downloading client.
Due to may include multiple and different cookie values in above-mentioned cookie information, as an implementation of the invention
, the cookie value in check information can be one or more cookie value in above-mentioned cookie information, then in S202
Later, before S203, further includes:
Determine one or more of cookie values at random in the cookie information.
That is, cookie value included in the URL that second server generates every time can be dynamic change, it can be certain
String content in a cookie value, or the string content in certain several cookie value, to guarantee generation
The randomness of URL.
As an embodiment of the present invention, the check information in URL can be in addition to including above-mentioned cookie value
Validity period including file, the validity period are used to identify the downloading time limit of this document, can be worked as by first server for judging
Whether preceding this document has had exceeded the downloading time limit, if exceeding, no longer provides the download service of this document for downloading client.
For example, for some files for being stored in network hard disc or cloud for transfer, in order to avoid file is long-term
Ground storage is so as to cause network storage resource anxiety, it will usually a downloading time limit be arranged for these files, if having exceeded under this
The time limit is carried, server can automatically delete these files, no longer provide the download service of these files, for above situation, i.e.,
The validity period of file can be used to identify the downloading time limit of this document.
Meanwhile the check information in URL obviously can also include the other contents such as the index information of file, be used for server
Whether the file of end verification downloading client request downloading and the URL that it sends are consistent, and this is no longer going to repeat them.
As an embodiment of the present invention, the URL generated in order to prevent is intercepted or steals in communication process, can
To be encrypted to the check information in URL, as shown in Figure 3:
In S301, the check information is encrypted according to preset Encryption Algorithm.
Wherein, preset Encryption Algorithm can be between or first server and second server preset for website about
The Encryption Algorithm set, including but not limited to Advanced Encryption Standard (Advanced Encryption Standard, AES) algorithm
Or data encryption algorithm (Data Encryption Algorithm, DEA) etc..
In S302, the path of the first server and the check information life of encryption are stored according to the file
At the URL of the file.
That is, adding upper encrypted check information after the original URL of file, just generates needs and return to downloading client
The URL of this document at end.For example, the URL generated can be such that
http://ftn.qq.com/73fc22af6ecc959ae1a973c70b16cd8518679beff267cd01c3
b82e81725e357ce4be250b92c20d93244f4c5db5ef229ce0058ba60183a8593f7bfe9f9eb345
96,
Wherein, " ftn.qq.com " is the path that file is stored in first server, and " http://ftn.qq.com/ "
Part later is then the check information by the encrypted file of preset Encryption Algorithm.
By above-mentioned cipher mode, above-mentioned URL is got by improper channel if stealing one side of chain, but due to its nothing
Method cracks out the cookie value wherein carried, therefore, also can not in such a way that the cookie value is set on its page come
The illusion that downloading client accessed the downloading page of the originating website is forged, has thus thoroughly prevented robber's chain phenomenon, further
Ground improves the safety of network data.
In S204, the URL is sent to the downloading client so that the downloading client by the URL and
The cookie information carries the first server that the website is sent in HTTP request, and makes the first server
After containing the cookie value in the URL in the cookie information carried in verifying out the HTTP request,
The file is sent to the downloading client.
In the present embodiment, after the URL generated in S203 is sent to downloading client by second server, according to HTTP
Agreement, the cookie information that downloading client can return to the second server received in the URL and S201 carry
In HTTP request, and according to the routing information provided in the URL, which is sent to first server, so that the
It, will be literary after containing the cookie value in the URL in the cookie information that one server carries in verifying out the HTTP request
Part is sent to downloading client.The specific verification mode of first server will be described in detail in subsequent embodiment, herein
It repeats no more.
It should be noted that in embodiments of the present invention, downloading the cookie information being arranged in the page can have centainly
Life cycle, within the life cycle, cookie information is effective, will be removed beyond life cycle cookie information.
For example, setting " 0 " or negative value for the life cycle of cookie information, in this way when closing downloading client, just remove at once
The cookie information, hereafter downloading client will not carry in the HTTP request for being sent to first server identical again
Cookie information, so that the validity period for the URL that downloading client is got is only primary.So, in fact, second service
The cookie information that device returns to each different downloading clients every time is thus further to have prevented to steal always in variation
The appearance of chain phenomenon improves the safety of network data.
The implementation process of method for down loading second server corresponding to aforementioned document, Fig. 4 show another implementation of the present invention
The implementation process of the method for down loading for the file that example provides, in the present embodiment, the executing subject of process are the network architecture shown in Fig. 1
The first server 111 of middle website 11, details are as follows:
In S401, the HTTP request that downloading client is sent is received, carries the file in the HTTP request
URL, the URL are generated by the second server of the file affiliated web site, include the check information of the file, the school
Testing information includes the cookie value in cookie information corresponding with the downloading page of file described in the website.
In S402, verifies and whether carry the cookie information comprising the cookie value in the HTTP request.
In S403, when verify out the cookie information comprising the cookie value is carried in the HTTP request after,
The file is sent to the downloading client.
Principle described in Fig. 2 embodiment according to the present invention, if downloading client, which accessed this document, provides net in its resource
The downloading page stood is the downloading request by normally downloading channel initiation, is then sent to the first clothes in the downloading client
It is engaged in the HTTP request of device, necessarily carries the cookie information comprising the cookie value in URL, in this case, the first clothes
Business device thinks that the request for downloading client is effectively, then corresponding file to be sent to downloading client;And if lower carrying
Family end is to get URL by way of stealing chain, does not access the corresponding downloading page, then it is sent to first service
Cookie information may not be carried in the HTTP request of device, or in the cookie information carried and is not included in the URL
Cookie value, in this case, first server assert that the downloading client is that downloading file is requested by way of stealing chain, then
The request of refusal downloading client, thus achievees the purpose that door chain.
As an embodiment of the present invention, when the check information in URL further includes the validity period of file, in S403
In, when verify out the cookie information comprising the cookie value is carried in the HTTP request after, first server also needs
Judging whether the file has exceeded according to the validity period of the file can download the time limit, when the file without departing from it is described can
When downloading the time limit, the file is sent to the downloading client again by first server.
For example, the validity period of file ends to 24:00 on June 10th, 2013, if downloading client was on June 11st, 2013
1:00 has sent the HTTP request of downloading this document to first server, then first server is sentenced by the check information in URL
Disconnected current time out has had exceeded downloading the time limit for this document, and carrying family end does not provide this document to first server still further below
Download service.
As an embodiment of the present invention, when first server and second server appoint Encryption Algorithm, and in URL
Check information encrypted according to the preset Encryption Algorithm after, after S401, before S402, as shown in figure 5, also wrapping
It includes:
S501 is decrypted the check information according to the preset Encryption Algorithm.
In S502, the cookie value is extracted from the check information after decryption.
In the present embodiment, the key and algorithm for decrypting check information be by first server and second server it
Between appoint, third party can not learn, URL is thus prevented to be cracked or steal in transmittance process, improve network number
According to safety.
Fig. 6 shows the interaction diagrams of the method for down loading of file provided in an embodiment of the present invention, and details are as follows:
1, browser client (being equivalent to above-mentioned downloading client) (is equivalent to above-mentioned first service to download server
Device) main web site (being equivalent to above-mentioned second server) send file download linking request.
2, main web site receives the file download linking request that browser client is sent.
3, main web site generates the cookie of file download link and user according to preset encryption rule.
4, main web site returns to the cookie of file download link and user to browser client.
5, the cookie for the file download link and user that browser client is returned to download server forwarding main web site.
6, download server receives the cookie of file download link and user that browser client is sent.
7, download server verifies the cookie of file download link and user using the corresponding decryption rule of encryption rule.
8, if check results correctly if download server to the browser client provide file download service.
9, browser client receives the file download service that the download server provides.
Fig. 7 shows the interactive process of the method for down loading of another file provided in an embodiment of the present invention, and details are as follows:
1, the downloading page of downloading client access file.
2, second server carries downwards client and returns to cookie information corresponding with the downloading page.
3, downloading client sends the downloading request of file to second server.
4, second server requests to generate the URL of this document according to the downloading, and the verification letter of this document is carried in the URL
Breath, including the cookie value in the cookie information.
5, URL is sent to downloading client by second server.
6, URL and cookie information carrying are sent to first server by downloading client in HTTP request.
7, the cookie information comprising the cookie value whether is carried in first server verification HTTP request.
8, when verify out the cookie information comprising the cookie value is carried in HTTP request after, first server will
The file is sent to the downloading client.
In embodiments of the present invention, website is provided as the resource of file, by downloading client access downloading page institute energy
The cookie value got is as check information, so that the URL of file is dynamically generated, so that the Resource Server of the website
Whether the downloading request that downloading client can be verified out according to the URL is to be initiated by normally downloading channel, thus effectively
Ground prevents downloading client from downloading file by stealing chain mode, improves the safety of network data.
Fig. 7 shows the structural block diagram of the download apparatus of file provided in an embodiment of the present invention, which can distinguish position
In first server shown in FIG. 1 and second server, for running file described in Fig. 2 of the present invention to Fig. 5 embodiment
Method for down loading.For ease of description, only the parts related to this embodiment are shown.
Referring to Fig. 7, in second server, which includes:
Cookie information return unit 71, when detect downloading client access text described in the source web of the file
When the downloading page of part, cookie information corresponding with the downloading page is returned to the downloading client.
Request reception unit 72 is downloaded, downloading client is received and the downloading of the file is requested.
URL generation unit 73 generates the URL of the file according to the downloading request, carries the text in the URL
The check information of part, the check information include the cookie value in the cookie information.
The URL is sent to the downloading client by URL transmission unit 74, so that the downloading client will be described
URL and the cookie information carry the first server that the website is sent in HTTP request, and make described first
The cookie in the URL is contained in the cookie information that server carries in verifying out the HTTP request
After value, the file is sent to the downloading client.
Optionally, the check information further includes the validity period of the file.
Optionally, the URL generation unit 73 includes:
Encryption sub-unit operable encrypts the check information according to preset Encryption Algorithm.
Subelement is generated, the path of the first server and the check information of encryption are stored according to the file
Generate the URL of the file.
Optionally, the check information includes one or more cookie value in the cookie information,
Described device further include:
Cookie value determination unit determines one or more of cookie values at random in the cookie information.
In first server, which includes:
HTTP request receiving unit 75 receives the HTTP request that downloading client is sent, carries in the HTTP request
The URL of the file, the URL are generated by the second server of the file affiliated web site, include the verification of the file
Information, the check information include the cookie in cookie information corresponding with the downloading page of file described in the website
Value.
Verification unit 76 verifies and whether carries the cookie information comprising the cookie value in the HTTP request.
File transmission unit 77 carries the cookie letter comprising the cookie value when verifying out in the HTTP request
After breath, the file is sent to the downloading client.
Optionally, the check information further includes the validity period of the file,
The file transmission unit 77 includes:
Judgment sub-unit carries the cookie information comprising the cookie value when verifying out in the HTTP request
Afterwards, judging whether the file has exceeded according to the validity period of the file can download the time limit.
Transmission sub-unit, when the file without departing from it is described download the time limit when, the file is sent to the downloading
Client.
Optionally, the check information is encrypted according to preset Encryption Algorithm,
Described device further include:
Decryption unit is decrypted the check information according to the preset Encryption Algorithm.
Extraction unit extracts the cookie value from the check information after decryption.
In embodiments of the present invention, website is provided as the resource of file, by downloading client access downloading page institute energy
The cookie value got is as check information, so that the URL of file is dynamically generated, so that the Resource Server of the website
Whether the downloading request that downloading client can be verified out according to the URL is to be initiated by normally downloading channel, thus effectively
Ground prevents downloading client from downloading file by stealing chain mode, improves the safety of network data.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (14)
1. a kind of method for down loading of file characterized by comprising
When detecting that downloading client accesses the downloading page of file described in the source web of the file, to the downloading
Client returns to cookie information corresponding with the downloading page;
Downloading client is received to request the downloading of the file;
The uniform resource position mark URL of the file is generated according to the downloading request, carries the file in the URL
Check information, the check information include the cookie value in the cookie information;
The URL is sent to the downloading client, so that the downloading client is by the URL and the cookie information
The first server for being sent to the website in HTTP request is carried, and makes the first server
After containing the cookie value in the URL in the cookie information carried in verifying out the HTTP request,
The file is sent to the downloading client.
2. the method as described in claim 1, which is characterized in that the check information further includes the validity period of the file.
3. the method as described in claim 1, which is characterized in that the URL for generating the file according to the downloading request
Include:
The check information is encrypted according to preset Encryption Algorithm;
The path of the first server is stored according to the file and the check information of encryption generates the file
URL。
4. method as claimed in any one of claims 1 to 3, which is characterized in that the check information includes the cookie letter
One or more cookie value in breath,
It is described according to downloading request generation after the reception downloading client is to the downloading request of the file
Before the URL of file, further includes:
Determine one or more of cookie values at random in the cookie information.
5. a kind of method for down loading of file characterized by comprising
The HTTP request that downloading client is sent is received, carries the file in the HTTP request
Uniform resource position mark URL, the URL are generated by the second server of the file affiliated web site, include the file
Check information, the check information include in cookie information corresponding with the downloading page of file described in the website
Cookie value;
It verifies and whether carries the cookie information comprising the cookie value in the HTTP request;
When verify out the cookie information comprising the cookie value is carried in the HTTP request after, the file is sent
To the downloading client.
6. method as claimed in claim 5, which is characterized in that the check information further includes the validity period of the file,
It is described when verify out the cookie information comprising the cookie value is carried in the HTTP request after, by the file
Being sent to the downloading client includes:
When verify out the cookie information comprising the cookie value is carried in the HTTP request after, according to the file
Validity period, which judges whether the file has exceeded, to download the time limit;
When the file without departing from it is described download the time limit when, the file is sent to the downloading client.
7. such as method described in claim 5 or 6, which is characterized in that the check information is carried out according to preset Encryption Algorithm
Encryption,
After the HTTP request for receiving downloading client transmission, packet whether is carried in the verification HTTP request
Before cookie information containing the cookie value, further includes:
According to the preset Encryption Algorithm, the check information is decrypted;
The cookie value is extracted from the check information after decryption.
8. a kind of download apparatus of file characterized by comprising
Cookie information return unit detects that downloading client accesses file described in the source web of the file for working as
The downloading page when, return to corresponding with downloading page cookie information to the downloading client;
Request reception unit is downloaded, the downloading of the file is requested for receiving downloading client;
URL generation unit, for generating the uniform resource position mark URL of the file according to the downloading request, in the URL
The check information of the file is carried, the check information includes the cookie value in the cookie information;
URL transmission unit, for the URL to be sent to the downloading client, so that the downloading client is by the URL
The first server for being sent to the website in HTTP request is carried with the cookie information, and is made
It obtains and is contained in the URL in the cookie information that the first server carries in verifying out the HTTP request
After the cookie value, the file is sent to the downloading client.
9. device as claimed in claim 8, which is characterized in that the check information further includes the validity period of the file.
10. device as claimed in claim 8, which is characterized in that the URL generation unit includes:
Encryption sub-unit operable, for being encrypted according to preset Encryption Algorithm to the check information;
Subelement is generated, for being stored in the path of the first server and the check information of encryption according to the file
Generate the URL of the file.
11. such as the described in any item devices of claim 8~10, which is characterized in that the check information includes the cookie
One or more cookie value in information,
Described device further include:
Cookie value determination unit, for determining one or more of cookie values at random in the cookie information.
12. a kind of download apparatus of file characterized by comprising
HTTP request receiving unit, the HTTP request sent for receiving downloading client, the HTTP
Carry the uniform resource position mark URL of the file in request, the URL by the file affiliated web site second server
It generates, includes the check information of the file, the check information includes the downloading page with file described in the website
Cookie value in corresponding cookie information;
Whether verification unit carries the cookie information comprising the cookie value for verifying in the HTTP request;
File transmission unit carries the cookie information comprising the cookie value for working as to verify out in the HTTP request
Afterwards, the file is sent to the downloading client.
13. device as claimed in claim 12, which is characterized in that the check information further includes the validity period of the file,
The transmission unit includes:
Judgment sub-unit carries the cookie information comprising the cookie value for working as to verify out in the HTTP request
Afterwards, judging whether the file has exceeded according to the validity period of the file can download the time limit;
Transmission sub-unit, for when the file without departing from it is described download the time limit when, the file is sent to the downloading
Client.
14. device as described in claim 12 or 13, which is characterized in that the check information according to preset Encryption Algorithm into
Row encryption,
Described device further include:
Decryption unit, for according to the preset Encryption Algorithm, the check information to be decrypted;
Extraction unit, for extracting the cookie value from the check information after decryption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310272313.8A CN104283903B (en) | 2013-07-01 | 2013-07-01 | The method for down loading and device of file |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310272313.8A CN104283903B (en) | 2013-07-01 | 2013-07-01 | The method for down loading and device of file |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104283903A CN104283903A (en) | 2015-01-14 |
CN104283903B true CN104283903B (en) | 2019-04-12 |
Family
ID=52258385
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310272313.8A Active CN104283903B (en) | 2013-07-01 | 2013-07-01 | The method for down loading and device of file |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104283903B (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104680063B (en) * | 2015-03-02 | 2019-03-15 | 魅族科技(中国)有限公司 | A kind of information intercepting method and terminal |
CN104994445B (en) * | 2015-06-30 | 2018-09-11 | 广东欧珀移动通信有限公司 | The playback method and device of multimedia file |
CN106453448A (en) * | 2015-08-06 | 2017-02-22 | 北京奇虎科技有限公司 | Method for downloading target file and device thereof |
CN106549909B (en) * | 2015-09-17 | 2020-04-24 | 阿里巴巴集团控股有限公司 | Authorization verification method and device |
CN107528865B (en) * | 2016-06-21 | 2020-07-28 | 平安科技(深圳)有限公司 | File downloading method and system |
CN107579903B (en) * | 2017-07-11 | 2020-10-16 | 深圳市中易通安全芯科技有限公司 | Picture message secure transmission method and system based on mobile device |
CN107517252A (en) * | 2017-08-22 | 2017-12-26 | 福建中金在线信息科技有限公司 | A kind of file download control method, apparatus and system |
CN111314403B (en) * | 2018-12-12 | 2022-09-02 | 阿里巴巴集团控股有限公司 | Method and device for checking resource consistency |
CN112118466A (en) * | 2020-09-21 | 2020-12-22 | 北京字节跳动网络技术有限公司 | Copyright protection method, device, system, equipment and medium for multimedia information |
CN113283227A (en) * | 2021-05-31 | 2021-08-20 | 山东浪潮通软信息科技有限公司 | File export method and device and computer readable medium |
CN113612678B (en) * | 2021-07-15 | 2023-03-31 | 中标软件有限公司 | Safety protection method for downloading and using mail attachment |
CN113709530B (en) * | 2021-09-01 | 2023-03-07 | 北京奇艺世纪科技有限公司 | Resource downloading method, system, electronic equipment and storage medium |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4980879B2 (en) * | 2004-03-12 | 2012-07-18 | トムソン ライセンシング | Automatic remote site download on geographic drive |
CN100562016C (en) * | 2006-01-16 | 2009-11-18 | 北京北方烽火科技有限公司 | A kind of WEB service anti-stealing link method |
CN101815060B (en) * | 2009-02-23 | 2015-01-07 | 传线网络科技(上海)有限公司 | Anti-stealing link method of internet content delivery network |
CN102025749B (en) * | 2011-01-18 | 2013-12-11 | 中国联合网络通信集团有限公司 | Anti-theft method of mobile streaming media service |
CN103117897B (en) * | 2013-01-25 | 2015-11-25 | 北京星网锐捷网络技术有限公司 | A kind of detection comprises method and the relevant apparatus of the message of cookie information |
-
2013
- 2013-07-01 CN CN201310272313.8A patent/CN104283903B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN104283903A (en) | 2015-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104283903B (en) | The method for down loading and device of file | |
CN105025041B (en) | The methods, devices and systems that file uploads | |
US9900161B2 (en) | Method for certifying android client application by local service unit | |
Buchanan et al. | Analysis of the adoption of security headers in HTTP | |
CN112333198A (en) | Secure cross-domain login method, system and server | |
CN104113552A (en) | Platform authorization method, platform server side, application client side and system | |
CN104378379B (en) | A kind of digital content encrypted transmission method, equipment and system | |
CN107016074B (en) | Webpage loading method and device | |
CN103634399B (en) | Method and device for realizing cross-domain data transmission | |
CN105657474A (en) | Anti-stealing link method and system using identity-based signature in video application | |
US20220166780A1 (en) | Securing browser cookies | |
Yoshihama et al. | Web-Based Data Leakage Prevention. | |
Carman et al. | Tinder me softly–How safe are you really on tinder? | |
CN107026828A (en) | A kind of anti-stealing link method cached based on internet and internet caching | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
US20220321356A1 (en) | Protecting the integrity of communications from client devices | |
CN106888200B (en) | Identification association method, information sending method and device | |
Wang et al. | A framework for formal analysis of privacy on SSO protocols | |
CN106470186A (en) | A kind of to redirect the method that mode accesses third party's resource | |
CN104104686A (en) | Mobile Internet based network packet analysis and discovery method | |
Knockel et al. | Baidu’s and don’ts: privacy and security issues in Baidu browser | |
Zhao et al. | I know where you all are! exploiting mobile social apps for large-scale location privacy probing | |
Carballude González | Fingerprinting tor | |
Bernardo et al. | Web-based fingerprinting techniques | |
CN105227519A (en) | A kind of method, client and server of secure access webpage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |