CN105701198A - Page validation method and device - Google Patents
Page validation method and device Download PDFInfo
- Publication number
- CN105701198A CN105701198A CN201610016247.1A CN201610016247A CN105701198A CN 105701198 A CN105701198 A CN 105701198A CN 201610016247 A CN201610016247 A CN 201610016247A CN 105701198 A CN105701198 A CN 105701198A
- Authority
- CN
- China
- Prior art keywords
- pages
- content
- page
- predetermined
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
- G06F16/9566—URL specific, e.g. using aliases, detecting broken or misspelled links
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a page validation method and device. A specific implementation manner of the method comprises the following steps: receiving a webpage browsing request input by a client and sending the webpage browsing request to a third-party server, wherein the webpage browsing request comprises a website; receiving HTTP response information, in allusion to the webpage browsing request, returned by the third-party server, wherein the response information comprises an HTTP header and a page content; extracting page version information from the HTTP header; and validating the page version information and the page content on the basis of predetermined page version information and a predetermined page content so as to determine whether the page content provided by the third-party server has risks. Through the implementation manner, the security problem of applying the quoted third-party pages by the clients is solved.
Description
Technical field
The application relates to field of computer technology, is specifically related to Internet technical field, particularly relates to page verification method and device。
Background technology
Existing network application, due to service needed, often quotes third party's page of cooperation。Present stage provides the backstage web page server supported to be safeguarded by third party oneself due to third party's page that network application is shown, so there is very big potential safety hazard, such as: third party have modified the page and the function of agreement without authorization, or third-party backstage web page server has been distorted content of pages by after hacker attacks, all it is likely to network application is caused have a strong impact on。
Summary of the invention
The purpose of the application is in that to propose the page verification method of a kind of improvement and device, solves the technical problem that background section above is mentioned。
First aspect, this application provides a kind of page verification method, and described method includes: receive the web page browsing request of client input, and described web page browsing request is sent to third-party server, and wherein, described web page browsing request includes network address;Receiving the http response information that described third-party server asks to beam back for described web page browsing, described response message includes HTTP header field and content of pages;Page versions information is extracted from described HTTP header field;Based on predetermined page version information and predetermined content of pages, described page versions information and described content of pages are verified, it is determined that whether the content of pages that described third-party server provides exists risk。
In certain embodiments, whether the described content of pages determining that described third-party server provides exists risk, including: if described page versions information and described predetermined page version information differ, it is determined that the content of pages that described third-party server provides exists risk;If described page versions information is identical with described predetermined page version information, calculate the eap-message digest of described content of pages further, the predetermined message summary of described eap-message digest with described predetermined content of pages is contrasted, if inconsistent, it is determined that there is risk in described content of pages;If consistent, it is determined that described content of pages is absent from risk, wherein, described predetermined message summary is by described predetermined content of pages is calculated, and computational methods are identical with the computational methods of described eap-message digest。
In certain embodiments, the eap-message digest of the described described content of pages of further calculating, including: adopt Message Digest Algorithm 5 to calculate the eap-message digest of described content of pages。
In certain embodiments, after determining whether the content of pages that described third-party server provides exists risk, described method also includes: if described content of pages is absent from risk, then to content of pages described in described client push;If there is risk in described content of pages, then to described client push indicating risk information or preassigned content of pages。
Second aspect, this application provides a kind of page checking device, and described device includes: first receives unit, configuration is for receiving the web page browsing request of client input, and described web page browsing request is sent to third-party server, wherein, described web page browsing request includes network address;Second receives unit, and the http response information that configuration is beamed back for receiving described third-party server to ask for described web page browsing, described response message includes HTTP header field and content of pages;Extraction unit, configuration for extracting page versions information from described HTTP header field;Authentication unit, configuration is for being verified described page versions information and described content of pages based on predetermined page version information and predetermined content of pages, it is determined that whether the content of pages that described third-party server provides exists risk。
In certain embodiments, described authentication unit includes: first determines subelement: if configuration differs for described page versions information and described predetermined page version information, it is determined that the content of pages that described third-party server provides exists risk;Second determines subelement, if configuration is identical with described predetermined page version information for described page versions information, calculate the eap-message digest of described content of pages further, the predetermined message summary of described eap-message digest with described predetermined content of pages is contrasted, if it is inconsistent, it is determined that described content of pages exists risk;If consistent, it is determined that described content of pages is absent from risk, wherein, described predetermined message summary is by described predetermined content of pages is calculated, and computational methods are identical with the computational methods of described eap-message digest。
In certain embodiments, described second determines that subelement configures further for adopting Message Digest Algorithm 5 to calculate the eap-message digest of described content of pages。
In certain embodiments, described device also includes: push unit, if configuration is absent from risk for described content of pages, then to content of pages described in described client push;Tip element, if there is risk for described content of pages in configuration, then to described client push indicating risk information or preassigned content of pages。
The page verification method of the application offer and device, it is verified by the page versions information in http response information that the third-party server of reception is beamed back and content of pages, so that it is determined that whether the content of pages that third-party server provides exists risk, effectively solve the safety issue quoting third party's page in network application。
Accompanying drawing explanation
By reading the detailed description that non-limiting example is made made with reference to the following drawings, other features, purpose and advantage will become more apparent upon:
Fig. 1 is that the application can apply to exemplary system architecture figure therein;
Fig. 2 is the flow chart of an embodiment of the page verification method according to the application;
Fig. 3 is the schematic diagram of an application scenarios of the page verification method according to the application;
Fig. 4 is the flow chart of another embodiment of the page verification method according to the application;
Fig. 5 is the structural representation of an embodiment of the page checking device according to the application;
Fig. 6 is adapted for the structural representation of the computer system for the terminal unit or server realizing the embodiment of the present application。
Detailed description of the invention
Below in conjunction with drawings and Examples, the application is described in further detail。It is understood that specific embodiment described herein is used only for explaining related invention, but not the restriction to this invention。It also should be noted that, for the ease of describing, accompanying drawing illustrate only the part relevant to about invention。
It should be noted that when not conflicting, the embodiment in the application and the feature in embodiment can be mutually combined。Describe the application below with reference to the accompanying drawings and in conjunction with the embodiments in detail。
Fig. 1 illustrates the exemplary system architecture 100 of the embodiment of the page verification method that can apply the application or page checking device。
As it is shown in figure 1, system architecture 100 can include terminal unit 101,102,103, network 104,106, server 105 and third-party server 107,108,109。Network 104 in order to provide the medium of communication link between terminal unit 101,102,103 and server 105, and network 106 in order to provide the medium of communication link between server 105 and third-party server 107,108,109。Network 104,106 can include various connection type, for instance wired, wireless communication link or fiber optic cables etc.。
User can use terminal unit 101,102,103 mutual with server 105 by network 104, to receive or to send message etc.。Terminal unit 101,102,103 can be provided with telecommunication customer end application, and install telecommunication customer end application can quote predetermined third party's page, the application of above-mentioned telecommunication customer end can be the application of various telecommunication customer end, for instance web browser applications, shopping class application, searching class application, JICQ, mailbox client, social platform software etc.。
Terminal unit 101,102,103 can be have a display screen and various electronic equipments that supported web page browses, include but not limited to smart mobile phone, panel computer, E-book reader, MP3 player (MovingPictureExpertsGroupAudioLayerIII, dynamic image expert's compression standard audio frequency aspect 3), MP4 (MovingPictureExpertsGroupAudioLayerIV, dynamic image expert's compression standard audio frequency aspect 4) player, pocket computer on knee and desk computer etc.。
Server 105 can be to provide the server of various service, such as provide, to the webpage of display on terminal unit 101,102,103, the backstage web page server supported, third party's page versions management server that the page such as third-party server 107,108,109 provided again is managed, the information that third-party server 107,108,109 sends can be verified by third party's page versions management server, and according to the result to terminal unit 101,102,103 feedback information。
It should be noted that the page verification method that the embodiment of the present application provides generally is performed by server 105, correspondingly, page checking device is generally positioned in server 105。
It should be understood that the number of terminal unit in Fig. 1, network, server and third-party server is merely schematic。According to realizing needs, it is possible to have any number of terminal unit, network, server and third-party server。
With continued reference to Fig. 2, it is shown that the flow process 200 according to an embodiment of the page verification method of the application。Described page verification method, comprises the following steps:
Step 201, receives the web page browsing request of client input, and described web page browsing request is sent to third-party server。
In the present embodiment, page verification method runs on electronic equipment thereon (such as the server 105 shown in Fig. 1) and it can be utilized by wired connection mode or radio connection to carry out the reception web page browsing request of the client of web page browsing from user, and the above-mentioned web page browsing received request is sent to third-party server by wired connection mode or radio connection, wherein, above-mentioned web page browsing request is the web page browsing request of third party's page that user quotes for the webpage that local client is applied。Above-mentioned web page browsing request includes the address of third party's page that user's expectation browses, i.e. network address。In practice, network address is generally represented by URL (UniformResourceLocator, URL)。It is pointed out that above-mentioned radio connection can include but not limited to that 3G/4G connects, WiFi connects, bluetooth connects, WiMAX connects, Zigbee connects, UWB (ultrawideband) connects and other currently known or exploitation in the future radio connection。
Generally, user utilizes the client application installed in terminal to browse webpage, at this moment, user can pass through to directly input network address or click linking in the webpage presented in client application to initiate the web page browsing request of the third party's page quoted for above-mentioned client application。
Step 202, receives the http response information that third-party server asks to beam back for web page browsing, and response message includes HTTP header field and content of pages。
In the present embodiment, above-mentioned electronic equipment can receive HTTP (HyperTextTransferProtocol, the HTML (Hypertext Markup Language)) response message beamed back that third-party server is asked for above-mentioned web page browsing。Wherein, above-mentioned response message includes HTTP header field (Header) and content of pages。In practice, HTTP header field generally comprises general head, request header, head response and entity head。
Step 203, extracts page versions information from HTTP header field。
In the present embodiment, based on the response message obtained in step 202, above-mentioned electronic equipment can extract page versions information from the HTTP header field of response message, wherein, can include the predefined version field for representation page version in the head response of HTTP header field。Such as, above-mentioned electronic equipment can obtain the version field in head response, and using the version field that obtains as page versions information。
Step 204, is verified page versions information and content of pages based on predetermined page version information and predetermined content of pages, it is determined that whether the content of pages that third-party server provides exists risk。
In the present embodiment, above-mentioned electronic equipment can arrange the predetermined page version information of the page that above-mentioned third-party server provides and predetermined content of pages in advance with above-mentioned third-party server, and predetermined page version information and the predetermined content of pages of agreement is stored。
In the present embodiment, above-mentioned electronic equipment is verified based on the content of pages beamed back of above-mentioned 3rd server received in page versions information to extracting in step 203 of the predetermined page version information of storage and predetermined content of pages and step 202, and determines whether the content of pages that above-mentioned third-party server provides exists risk according to the result。
In some optional implementations of the present embodiment, above-mentioned electronic equipment is after determining whether the content of pages that above-mentioned third-party server provides exists risk, different operations can be performed according to the result determined, if above-mentioned content of pages is absent from risk, then to the above-mentioned content of pages of above-mentioned client push, above-mentioned client display after loading;If there is risk in above-mentioned content of pages, then to above-mentioned client push indicating risk information or preassigned content of pages, such as, above-mentioned electronic equipment can to client push prompting frame information, and client asks the page accessed to there is risk by ejecting the form prompting user of prompting frame。
It it is a schematic diagram of the application scenarios of page verification method according to the present embodiment with continued reference to Fig. 3, Fig. 3。In the application scenarios of Fig. 3, web page interlinkage one web page browsing for third party's page of initiation that user first passes through on the page clicking local client application display is asked, this web page browsing request is sent to the third party's page versions management server for third party's page is managed by the application of above-mentioned local client, and is sent to, by third party's page versions management server, the third-party server providing this third party's page;Afterwards, third party's page versions management server accepts the http response information that third-party server asks to beam back for this web page browsing;Then, third party's page versions management server extracts the page versions information of third party's page from http response information;Finally, page versions information and the content of pages of third party's page are verified by third party's page versions management server, if the verification passes, then by this third party's page push to client, client display;If checking is not passed through, then to client push indicating risk information (as shown in Figure 3) or preassigned content of pages。
The method that above-described embodiment of the application provides is verified by the response message beamed back by third-party server, thus solving the safety issue of third party's page that client application is quoted。
With further reference to Fig. 4, it illustrates the flow process 400 of another embodiment of page verification method。The flow process 400 of this page verification method, comprises the following steps:
Step 401, receives the web page browsing request of client input, and web page browsing request is sent to third-party server。
In the present embodiment, page verification method runs on electronic equipment thereon (such as the server 105 shown in Fig. 1) and it can be utilized by wired connection mode or radio connection to carry out the reception web page browsing request of the client of web page browsing from user, and the above-mentioned web page browsing received request is sent to third-party server by wired connection mode or radio connection, wherein, above-mentioned web page browsing request is the web page browsing request of third party's page that user quotes for the webpage that local client is applied。Above-mentioned web page browsing request includes the address of third party's page that user's expectation browses, i.e. network address。
Step 402, receives the http response information that third-party server asks to beam back for web page browsing, and response message includes HTTP header field and content of pages。
In the present embodiment, above-mentioned electronic equipment can receive the http response information beamed back that third-party server is asked for above-mentioned web page browsing。Wherein, above-mentioned response message includes HTTP header field and content of pages。
Step 403, extracts page versions information from HTTP header field。
In the present embodiment, based on the response message obtained in step 402, above-mentioned electronic equipment can extract page versions information from the HTTP header field of response message, wherein, can include the predefined version field for representation page version in the head response of HTTP header field。
Step 404, is verified described page versions information and described content of pages based on predetermined page version information and predetermined content of pages。
In the present embodiment, the content of pages that above-mentioned electronic equipment is beamed back based on above-mentioned 3rd server received in page versions information to extracting in step 403 of predetermined page version information and predetermined content of pages and step 402 is verified。
Step 405, if page versions information and predetermined page version information differ, it is determined that the content of pages that third-party server provides exists risk。
In the present embodiment, the page versions information extracted in step 403 and predetermined page version information can be contrasted by above-mentioned electronic equipment, if it is not the same, then may determine that the content of pages that above-mentioned third-party server provides exists risk。
Step 406, if page versions information is identical with predetermined page version information, calculates the eap-message digest of content of pages further, is contrasted by the predetermined message summary of eap-message digest with predetermined content of pages, if inconsistent, it is determined that there is risk in content of pages;If it is consistent, it is determined that content of pages is absent from risk。
In the present embodiment, if the page versions information extracted in step 403 is identical with predetermined page version information, then above-mentioned electronic equipment calculates the eap-message digest of above-mentioned content of pages further, and the predetermined message summary of calculated eap-message digest with predetermined content of pages is contrasted, if above-mentioned eap-message digest is inconsistent with above-mentioned predetermined message summary, it is determined that above-mentioned content of pages exists risk;If above-mentioned eap-message digest is consistent with above-mentioned predetermined message summary, it is determined that above-mentioned content of pages is absent from risk。Wherein, above-mentioned predetermined message summary can be through above-mentioned predetermined content of pages and precalculates and obtain, and computational methods are identical with the computational methods of above-mentioned eap-message digest。
In some optional implementations of the present embodiment, above-mentioned electronic equipment can adopt Message Digest Algorithm 5 (MessageDigestAlgorithmMD5) to calculate the eap-message digest of above-mentioned content of pages。
As can be seen from Figure 4, compared with the embodiment that Fig. 2 is corresponding, the flow process 400 of the page verification method in the present embodiment highlights the checking of page versions information and predetermined page version information, and the contrast that the eap-message digest of content of pages is made a summary with predetermined message, when page versions information and predetermined page version information are inconsistent, need not verify that the eap-message digest of content of pages is assured that content of pages exists risk again, thus more convenient, effectively solve the safety issue of third party's page。
With further reference to Fig. 5, as the realization to method shown in above-mentioned each figure, this application provides an embodiment of a kind of page checking device, this device embodiment is corresponding with the embodiment of the method shown in Fig. 2, and this device specifically can apply in various electronic equipment。
As it is shown in figure 5, the page checking device 500 described in the present embodiment includes: first receives unit 501, second receives unit 502, extraction unit 503 and authentication unit 504。Wherein, first receives unit 501 configuration for receiving the web page browsing request of client input, and above-mentioned web page browsing request is sent to third-party server, and wherein, above-mentioned web page browsing request includes network address;Second receives the http response information that unit 502 configuration is beamed back for receiving above-mentioned third-party server to ask for above-mentioned web page browsing, and above-mentioned response message includes HTTP header field and content of pages;Extraction unit 503 configuration for extracting page versions information from above-mentioned HTTP header field;Authentication unit 504 configuration is for being verified above-mentioned page versions information and above-mentioned content of pages based on predetermined page version information and predetermined content of pages, it is determined that whether the content of pages that above-mentioned third-party server provides exists risk。
In the present embodiment, the first of page checking device 500 receives unit 501 and it can be utilized by wired connection mode or radio connection to carry out the reception web page browsing request of the client of web page browsing from user, and the above-mentioned web page browsing received request is sent to third-party server by wired connection mode or radio connection, wherein, above-mentioned web page browsing request is the web page browsing request of third party's page that user quotes for the webpage that local client is applied。Above-mentioned web page browsing request includes the address of third party's page that user's expectation browses, i.e. network address。
In the present embodiment, above-mentioned second reception unit 502 can receive the http response information beamed back that third-party server is asked for above-mentioned web page browsing。Wherein, above-mentioned response message includes HTTP header field (Header) and content of pages。
In the present embodiment, receiving, based on above-mentioned second, the response message that unit 502 receives, said extracted unit 503 can extract page versions information from the HTTP header field of response message。
In the present embodiment, the page versions information and above-mentioned second that said extracted unit 503 is extracted based on predetermined page version information and predetermined content of pages by above-mentioned authentication unit 504 receives the content of pages that above-mentioned 3rd server that unit 502 receives beams back and is verified, so that it is determined that whether the content of pages that above-mentioned third-party server provides exists risk。
It will be understood by those skilled in the art that above-mentioned page checking device 500 also includes some other known features, for instance processor, memorizer etc., embodiment of the disclosure in order to unnecessarily fuzzy, these known structures are not shown in Figure 5。
Below with reference to Fig. 6, it illustrates the structural representation of the computer system 600 being suitable to terminal unit or server for realizing the embodiment of the present application。
As shown in Figure 6, computer system 600 includes CPU (CPU) 601, its can according to the program being stored in read only memory (ROM) 602 or from storage part 608 be loaded into the program random access storage device (RAM) 603 and perform various suitable action and process。In RAM603, also storage has system 600 to operate required various programs and data。CPU601, ROM602 and RAM603 are connected with each other by bus 604。Input/output (I/O) interface 605 is also connected to bus 604。
It is connected to I/O interface 605: include the importation 606 of keyboard, mouse etc. with lower component;Output part 607 including such as cathode ray tube (CRT), liquid crystal display (LCD) etc. and speaker etc.;Storage part 608 including hard disk etc.;And include the communications portion 609 of the NIC of such as LAN card, modem etc.。Communications portion 609 performs communication process via the network of such as the Internet。Driver 610 is connected to I/O interface 605 also according to needs。Detachable media 611, such as disk, CD, magneto-optic disk, semiconductor memory etc., be arranged in driver 610 as required, in order to the computer program read from it is mounted into storage part 608 as required。
Especially, according to embodiment of the disclosure, the process described above with reference to flow chart may be implemented as computer software programs。Such as, embodiment of the disclosure and include a kind of computer program, it includes the computer program being tangibly embodied on machine readable media, and described computer program comprises the program code for performing the method shown in flow chart。In such embodiments, this computer program can pass through communications portion 609 and be downloaded and installed from network, and/or is mounted from detachable media 611。
Flow chart in accompanying drawing and block diagram, it is illustrated that according to the system of the various embodiment of the application, the architectural framework in the cards of method and computer program product, function and operation。In this, flow chart or each square frame in block diagram can represent a part for a module, program segment or code, and a part for described module, program segment or code comprises the executable instruction of one or more logic function for realizing regulation。It should also be noted that at some as in the realization replaced, the function marked in square frame can also to be different from the order generation marked in accompanying drawing。Such as, two square frames succeedingly represented can essentially perform substantially in parallel, and they can also perform sometimes in the opposite order, and this determines according to involved function。It will also be noted that, the combination of the square frame in each square frame in block diagram and/or flow chart and block diagram and/or flow chart, can realize by the special hardware based system of the function or operation that perform regulation, or can realize with the combination of specialized hardware Yu computer instruction。
It is described in unit involved in the embodiment of the present application to be realized by the mode of software, it is also possible to realized by the mode of hardware。Described unit can also be arranged within a processor, for instance, it is possible to it is described as: a kind of processor includes the first reception unit, the second reception unit, extraction unit and authentication unit。Wherein, the title of these unit is not intended that the restriction to this unit itself under certain conditions, such as, the first reception unit is also described as " receive the web page browsing request of client input, and described web page browsing request is sent to the unit of third-party server "。
As on the other hand, present invention also provides a kind of nonvolatile computer storage media, this nonvolatile computer storage media can be the nonvolatile computer storage media comprised in device described in above-described embodiment;Can also be individualism, be unkitted the nonvolatile computer storage media allocating in terminal。Above-mentioned nonvolatile computer storage media storage has one or more program, when one or multiple program are performed by an equipment, make described equipment: receive the web page browsing request of client input, and described web page browsing request is sent to third-party server, wherein, described web page browsing request includes network address;Receiving the http response information that described third-party server asks to beam back for described web page browsing, described response message includes HTTP header field and content of pages;Page versions information is extracted from described HTTP header field;Based on predetermined page version information and predetermined content of pages, described page versions information and described content of pages are verified, it is determined that whether the content of pages that described third-party server provides exists risk。
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle。Skilled artisan would appreciate that, invention scope involved in the application, it is not limited to the technical scheme of the particular combination of above-mentioned technical characteristic, when also should be encompassed in without departing from described inventive concept simultaneously, other technical scheme being carried out combination in any by above-mentioned technical characteristic or its equivalent feature and being formed。Such as features described above and (but not limited to) disclosed herein have the technical characteristic of similar functions and replace mutually and the technical scheme that formed。
Claims (8)
1. a page verification method, it is characterised in that described method includes:
Receiving the web page browsing request of client input, and described web page browsing request is sent to third-party server, wherein, described web page browsing request includes network address;
Receiving the http response information that described third-party server asks to beam back for described web page browsing, described response message includes HTTP header field and content of pages;
Page versions information is extracted from described HTTP header field;
Based on predetermined page version information and predetermined content of pages, described page versions information and described content of pages are verified, it is determined that whether the content of pages that described third-party server provides exists risk。
2. method according to claim 1, it is characterised in that whether the described content of pages determining that described third-party server provides exists risk, including:
If described page versions information and described predetermined page version information differ, it is determined that the content of pages that described third-party server provides exists risk;
If described page versions information is identical with described predetermined page version information, calculate the eap-message digest of described content of pages further, the predetermined message summary of described eap-message digest with described predetermined content of pages is contrasted, if inconsistent, it is determined that there is risk in described content of pages;If consistent, it is determined that described content of pages is absent from risk, wherein, described predetermined message summary is by described predetermined content of pages is calculated, and computational methods are identical with the computational methods of described eap-message digest。
3. method according to claim 2, it is characterised in that the eap-message digest of the described described content of pages of further calculating, including:
Message Digest Algorithm 5 is adopted to calculate the eap-message digest of described content of pages。
4. method according to claim 1, it is characterised in that after determining whether the content of pages that described third-party server provides exists risk, described method also includes:
If described content of pages is absent from risk, then to content of pages described in described client push;
If there is risk in described content of pages, then to described client push indicating risk information or preassigned content of pages。
5. a page checking device, it is characterised in that described device includes:
First receives unit, and configuration is for receiving the web page browsing request of client input, and described web page browsing request is sent to third-party server, and wherein, described web page browsing request includes network address;
Second receives unit, and the http response information that configuration is beamed back for receiving described third-party server to ask for described web page browsing, described response message includes HTTP header field and content of pages;
Extraction unit, configuration for extracting page versions information from described HTTP header field;
Authentication unit, configuration is for being verified described page versions information and described content of pages based on predetermined page version information and predetermined content of pages, it is determined that whether the content of pages that described third-party server provides exists risk。
6. device according to claim 5, it is characterised in that described authentication unit includes:
First determines subelement: if configuration differs for described page versions information and described predetermined page version information, it is determined that the content of pages that described third-party server provides exists risk;
Second determines subelement, if configuration is identical with described predetermined page version information for described page versions information, calculate the eap-message digest of described content of pages further, the predetermined message summary of described eap-message digest with described predetermined content of pages is contrasted, if it is inconsistent, it is determined that described content of pages exists risk;If consistent, it is determined that described content of pages is absent from risk, wherein, described predetermined message summary is by described predetermined content of pages is calculated, and computational methods are identical with the computational methods of described eap-message digest。
7. device according to claim 6, it is characterised in that described second determines that subelement configures further for adopting Message Digest Algorithm 5 to calculate the eap-message digest of described content of pages。
8. device according to claim 5, it is characterised in that described device also includes:
Push unit, if configuration is absent from risk for described content of pages, then to content of pages described in described client push;
Tip element, if there is risk for described content of pages in configuration, then to described client push indicating risk information or preassigned content of pages。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610016247.1A CN105701198B (en) | 2016-01-11 | 2016-01-11 | Page verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610016247.1A CN105701198B (en) | 2016-01-11 | 2016-01-11 | Page verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105701198A true CN105701198A (en) | 2016-06-22 |
| CN105701198B CN105701198B (en) | 2019-09-20 |
Family
ID=56227161
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610016247.1A Active CN105701198B (en) | 2016-01-11 | 2016-01-11 | Page verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105701198B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106650504A (en) * | 2016-12-28 | 2017-05-10 | 中国科学院计算技术研究所 | Abstract extraction method and detection method aiming at Web webpage data |
| CN106789980A (en) * | 2016-12-07 | 2017-05-31 | 北京亚鸿世纪科技发展有限公司 | A kind of monitoring administration method and device of website legitimacy |
| CN109254921A (en) * | 2018-09-18 | 2019-01-22 | 平安科技(深圳)有限公司 | Application version verification method, device, computer equipment and storage medium |
| CN110557353A (en) * | 2018-05-31 | 2019-12-10 | 北京京东尚科信息技术有限公司 | Terminal data verification method, device, medium and electronic equipment |
| CN112307392A (en) * | 2019-08-01 | 2021-02-02 | 中移互联网有限公司 | Page detection method, device and equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090092247A1 (en) * | 2007-10-05 | 2009-04-09 | Globalsign K.K. | Server Certificate Issuing System |
| CN101626368A (en) * | 2008-07-11 | 2010-01-13 | 中联绿盟信息技术(北京)有限公司 | Device, method and system for preventing web page from being distorted |
| CN102340529A (en) * | 2010-07-21 | 2012-02-01 | 中国移动通信集团福建有限公司 | Page generating system and page generating method based on WAP (Wireless Application Protocol) platform |
| CN103873430A (en) * | 2012-12-10 | 2014-06-18 | 腾讯科技(深圳)有限公司 | Method, client and system for page information verification |
| CN104283841A (en) * | 2013-07-02 | 2015-01-14 | 阿里巴巴集团控股有限公司 | Method, device and system for carrying out service access control on third-party application |
| CN105095729A (en) * | 2015-06-19 | 2015-11-25 | 赛肯(北京)科技有限公司 | Two-dimensional code login method, server and system |
| US20150372888A1 (en) * | 2010-11-03 | 2015-12-24 | Google Inc. | Data delivery |
-
2016
- 2016-01-11 CN CN201610016247.1A patent/CN105701198B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090092247A1 (en) * | 2007-10-05 | 2009-04-09 | Globalsign K.K. | Server Certificate Issuing System |
| CN101626368A (en) * | 2008-07-11 | 2010-01-13 | 中联绿盟信息技术(北京)有限公司 | Device, method and system for preventing web page from being distorted |
| CN102340529A (en) * | 2010-07-21 | 2012-02-01 | 中国移动通信集团福建有限公司 | Page generating system and page generating method based on WAP (Wireless Application Protocol) platform |
| US20150372888A1 (en) * | 2010-11-03 | 2015-12-24 | Google Inc. | Data delivery |
| CN103873430A (en) * | 2012-12-10 | 2014-06-18 | 腾讯科技(深圳)有限公司 | Method, client and system for page information verification |
| CN104283841A (en) * | 2013-07-02 | 2015-01-14 | 阿里巴巴集团控股有限公司 | Method, device and system for carrying out service access control on third-party application |
| CN105095729A (en) * | 2015-06-19 | 2015-11-25 | 赛肯(北京)科技有限公司 | Two-dimensional code login method, server and system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789980A (en) * | 2016-12-07 | 2017-05-31 | 北京亚鸿世纪科技发展有限公司 | A kind of monitoring administration method and device of website legitimacy |
| CN106650504A (en) * | 2016-12-28 | 2017-05-10 | 中国科学院计算技术研究所 | Abstract extraction method and detection method aiming at Web webpage data |
| CN106650504B (en) * | 2016-12-28 | 2019-04-02 | 中国科学院计算技术研究所 | A kind of abstract extraction method and detection method for Web page face data |
| CN110557353A (en) * | 2018-05-31 | 2019-12-10 | 北京京东尚科信息技术有限公司 | Terminal data verification method, device, medium and electronic equipment |
| CN110557353B (en) * | 2018-05-31 | 2023-08-08 | 北京京东尚科信息技术有限公司 | Terminal data verification method and device, medium and electronic equipment |
| CN109254921A (en) * | 2018-09-18 | 2019-01-22 | 平安科技(深圳)有限公司 | Application version verification method, device, computer equipment and storage medium |
| CN112307392A (en) * | 2019-08-01 | 2021-02-02 | 中移互联网有限公司 | Page detection method, device and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105701198B (en) | 2019-09-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11340961B2 (en) | Dynamically integrating a client application with third-party services | |
| CN105701198A (en) | Page validation method and device | |
| CN105447204A (en) | Website recognition method and apparatus | |
| US20160350755A1 (en) | Mobile payment method, system and device using home shopping | |
| US20150310227A1 (en) | Information processing system and information processing method | |
| CN109257321B (en) | Secure login method and device | |
| CN105051685A (en) | System and method to enable web property access to a native application | |
| CN107852412A (en) | For phishing and the system and method for brand protection | |
| CN107168960A (en) | A kind of business performs method and device | |
| CN105488205A (en) | Page generation method and page generation apparatus | |
| CN105786207A (en) | Information input method and device | |
| CN104601712A (en) | Resource push method and system | |
| CN105825101A (en) | Account number management method and device for smart home platform | |
| CN107391277A (en) | Information processing method and device | |
| CN107203576B (en) | Information synchronization method and device | |
| CN106126683B (en) | Page display method and terminal equipment | |
| CN107305528B (en) | Application testing method and device | |
| CN105141632A (en) | Method and device used for checking pages | |
| CN107656910A (en) | Method and apparatus for generating list | |
| CN104158789A (en) | Method and device for detecting security of payment type website | |
| US20220114336A1 (en) | Systems and methods for detecting locations of webpage elements | |
| CN106686151A (en) | IP address obtaining method and device | |
| CN108880923A (en) | The method and apparatus that policer operation applied to application server is requested | |
| CN105959383A (en) | Content subscription method and device | |
| CN105139217A (en) | Method, apparatus and system used for acquiring user information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |