CN105939370A - Method and device for updating URL library - Google Patents
Method and device for updating URL library Download PDFInfo
- Publication number
- CN105939370A CN105939370A CN201510585840.3A CN201510585840A CN105939370A CN 105939370 A CN105939370 A CN 105939370A CN 201510585840 A CN201510585840 A CN 201510585840A CN 105939370 A CN105939370 A CN 105939370A
- Authority
- CN
- China
- Prior art keywords
- url
- address
- visited
- page
- url address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a method and a device for updating a URL library. The method is applied to a safety device, and comprises the steps of receiving an HTTP request message sent by a user terminal to a remote server, wherein the HTTP request message comprises the URL address of a webpage to be visited; finding a URL address matched with the URL address of the webpage to be visited from the URL library; if the matched URL address is not found, leading the user terminal to visit a URL collection page located on a specified management device, and thus submitting the URL address of the webpage to be visited by the user terminal via the URL collection webpage for examination; and updating the URL library according to an examination result of the URL address of the webpage to be visited returned by the management device. Therefore, with the application of the method and device provided by the embodiment of the invention, the URL library can be updated according to the visit requirement of the user terminal, thus meeting the individual needs of enterprises.
Description
Technical field
The application relates to network communication technology field, particularly relates to a kind of URL storehouse update method and device.
Background technology
Along with developing rapidly of the Internet, the visit capacity of webpage is steeply risen every day by people, but in part
Internet access has the application scenario (such as military school etc.) of strict restriction, and can limit internal staff can only access
The safe and reliable Internet resources of part, the webpage being now accomplished by accessing internal staff screens.
Prior art is mainly by configuring URL (Uniform Resource Locator, system in safety equipment
One URLs) storehouse realizes, and in described URL storehouse, storage has the URL that internal staff can access
Address and the URL address that cannot access.Safety equipment are by the URL of webpage to be visited to internal staff
Address is mated with the URL address in described URL storehouse, and decides whether to allow according to matching result
Internal staff accesses this web page resources, thus realizes the filtration of the URL address to webpage to be visited.But it is existing
There are the various update mechanisms in URL storehouse under technology cannot adapt to quickly this realistic problem of growth of webpage, lead
Cause the URL address insufficient in safety equipment URL storehouse, therefore cannot meet the requirements for access of internal staff.
Summary of the invention
In view of this, the application provides a kind of URL storehouse update method and device, to solve under prior art
The various update mechanisms in URL storehouse cannot adapt to quickly this realistic problem of growth of webpage.
Specifically, the application is achieved by the following technical solution:
The application provides a kind of URL storehouse update method, and described method is applied on safety equipment, described
Method includes:
Receive the HTTP request message that user terminal sends, described HTTP request report to far-end server
Literary composition comprises the URL address of webpage to be visited;
The URL address mated with the URL address of described webpage to be visited is searched in URL storehouse;
If not finding the URL address of coupling, then guide this user terminal access to be positioned at appointment management and set
Standby upper URL gathers the page, in order to user terminal gathers the page by webpage to be visited by this URL
URL address is submitted to and is examined;
The examination result of the URL address of the page to be visited according to management equipment return updates URL storehouse.
Optionally, described URL storehouse includes that URL white list and URL white list add URL blacklist,
The described URL address mated in the URL address of URL library lookup with described webpage to be visited specifically includes:
Whether lookup URL white list and URL white list add has in URL blacklist and described net to be visited
The URL address of the URL addresses match of page;
If finding the URL address of coupling in URL white list, then this HTTP request report of letting pass
Literary composition;If finding the URL address of coupling in URL blacklist, then forbid this HTTP request report
Literary composition passes through, and sends HTTP redirection message to user terminal, and this HTTP redirection message carries
Point to the URL address forbidding accessing the prompting page.
Optionally, this user terminal access of described guiding is positioned at and specifies the URL on management equipment to gather page
Mask body is:
Sending HTTP redirection message to this user terminal, this HTTP redirection message carries sensing
This URL gathers the URL address of the page.
Optionally, when described examination result be by time, the URL address of the described page to be visited is added
It is added in the URL white list in URL storehouse;
When described examination result is not pass through, if URL storehouse does not has URL blacklist, then forbid
The URL address of described webpage to be visited is passed through;If URL storehouse has URL blacklist, then will wait to visit
Ask that the URL address of webpage is added in URL blacklist.
Optionally, the described URL collection page includes priority input field and/or process limited input field
Position.
The application also provides for a kind of URL storehouse updating device, and described device is applied on safety equipment, described
Device includes:
Receive unit, for receiving the HTTP request message that user terminal sends, institute to far-end server
State the URL address comprising webpage to be visited in HTTP request message;
Search unit, mate with the URL address of described webpage to be visited for lookup in URL storehouse
URL address;
Indicating member, for when not finding the URL address of coupling, guides this user terminal access
It is positioned at and specifies the URL on management equipment to gather the page, in order to user terminal gathers the page by this URL
The URL address of webpage to be visited is submitted to and examines;
Performance element, the examination for the URL address of the page to be visited returned according to management equipment is tied
Fruit updates URL storehouse.
Optionally, the URL storehouse in described lookup unit includes that URL white list and URL white list add
URL blacklist, described lookup unit is in the URL address of URL library lookup Yu described webpage to be visited
The URL address joined specifically includes:
Whether lookup URL white list and URL white list add has in URL blacklist and described net to be visited
The URL address of the URL addresses match of page;
If finding the URL address of coupling in URL white list, then this HTTP request report of letting pass
Literary composition;If finding the URL address of coupling in URL blacklist, then forbid this HTTP request report
Literary composition passes through, and sends HTTP redirection message to user terminal, and this HTTP redirection message carries
Point to the URL address forbidding accessing the prompting page.
Optionally, described indicating member guides this user terminal access to be positioned at the URL specified on management equipment
Gather the page process particularly as follows:
Sending HTTP redirection message to this user terminal, this HTTP redirection message carries sensing
This URL gathers the URL address of the page.
Optionally, described performance element specifically for:
When described examination result be by time, add the URL address of the described page to be visited to URL
In the URL white list in storehouse;
When described examination result is not pass through, if URL storehouse does not has URL blacklist, then forbid
The URL address of described webpage to be visited is passed through;If URL storehouse has URL blacklist, then will wait to visit
Ask that the URL address of webpage is added in URL blacklist.
Optionally, the collection of the URL in the described indicating member page includes priority input field and/or place
Reason time limit input field.
Application the embodiment of the present application, safety equipment are redirected by URL address, guide user terminal access
Specify the URL on management equipment to gather the page, and gather the page by described net to be visited according to this URL
The URL address of page is submitted to and is examined, thus the webpage to be visited that safety equipment return according to management equipment
The examination result of URL address update URL storehouse, to realize updating according to the requirements for access of user terminal
URL storehouse, thus meet the individual demand of enterprise self.
Accompanying drawing explanation
Fig. 1 is the application scenarios schematic diagram that application the application updates URL storehouse;
Fig. 2 is an embodiment flow chart of a kind of URL of the application storehouse update method;
Fig. 3 is the embodiment block diagram of a kind of URL of the application storehouse update method;
Fig. 4 is a hardware structure diagram of updating device place, a kind of URL of the application storehouse equipment;
Fig. 5 is an embodiment block diagram of a kind of URL of the application storehouse updating device.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Following retouches
Stating when relating to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.
Embodiment described in following exemplary embodiment does not represent all embodiment party consistent with the application
Formula.On the contrary, they only with describe in detail in appended claims, the application some in terms of mutually one
The example of the apparatus and method caused.
It is only merely for describing the purpose of specific embodiment at term used in this application, and is not intended to be limiting this
Application." a kind of ", " described " and " being somebody's turn to do " of singulative used in the application and appended claims
It is also intended to include most form, unless context clearly shows that other implications.It is also understood that herein
Any or all possibility that the term "and/or" used refers to and comprises one or more project of listing being associated
Combination.
Although should be appreciated that may use term first, second, third, etc. to describe various letter in the application
Breath, but these information should not necessarily be limited by these terms.These terms are only used for same type of information district each other
Separately.Such as, in the case of without departing from the application scope, the first information can also be referred to as the second information,
Similarly, the second information can also be referred to as the first information.Depend on linguistic context, word as used in this " as
Really " can be construed to " ... time " or " when ... " or " in response to determining ".
Seeing Fig. 1, it is the application scenarios schematic diagram that application the embodiment of the present application updates URL storehouse.
Fig. 1 shows the group-network construction of typical commercial network (such as enterprise network).Wherein, user is eventually
End is connected by safety equipment between outer net far-end server, and described safety equipment can be fire wall etc.
Network Security Device, it addition, except PC (Personal Computer, individual as user terminal example
Computer) outward, user terminal can also include that mobile phone, panel computer etc. have the equipment of network access functions.
Safety equipment can carry out specification to the internet behavior of user terminal, and the most typical internet behavior is exactly
Web access, this is the main business that major part safety equipment need to carry out safety service process.Safety equipment
Maintain the URL storehouse of self, this URL storehouse is that safety equipment carry out the master of safe handling for web access
Will foundation.In general URL storehouse can include URL white list, naturally it is also possible to include that URL is white simultaneously
List and URL blacklist.URL white list represents that Web page pointed by which URL address is permissible
Accessing, URL blacklist then represents that Web page pointed by which URL address is prohibited from access.
Owing to conventional safety apparatus URL storehouse often relies on the storehouse of third part purchase, it can only meet some and lead to
Demand, but there is self individual demand in major part enterprise, it cannot meet in time.Namely
Saying, for enterprise, URL storehouse renewal rate on individual demand is slowly, it is impossible to adapt to net
The quick growth of number of pages, causes the URL address insufficient of storage in safety equipment URL storehouse, to such an extent as to works as
Also can be blocked during the believable webpage of user terminal access Partial security.
For solving prior art problem, the application provides a kind of method updating URL storehouse and the device of correspondence.
With reference to shown in Fig. 1, the method is applied on a security device.Safety equipment are mating less than webpage to be visited
In the case of URL address, redirected by URL address and guide user terminal to submit described webpage to be visited to
URL address is to management equipment, the method being carried out by artificial or Automatic Program auditing, thus is set by safety
The standby examination result according to the URL address of the webpage to be visited of management equipment return updates URL storehouse.Typically
For, management equipment is positioned in Intranet, and during such user terminal access management equipment, it accesses and is typically not
Affined, such as the access for Intranet can be without safety equipment, even if in other words through also can
Because being positioned at, URL white list is cleared.Certainly management equipment is likely to be positioned on the Internet, now may be used
Management equipment to be added to website trusty, such as the URL of Web service will be provided on management equipment
Address joins in safety equipment URL white list.
A kind of URL storehouse update method and the device that there is provided the application below in conjunction with the accompanying drawings illustrate.
See Fig. 2, for an embodiment flow chart of a kind of URL of the application storehouse update method, this embodiment
It is described from safety equipment side, comprises the following steps:
Step 201: receive the HTTP request message that user terminal sends, described HTTP to far-end server
Request message comprises the URL address of webpage to be visited.
Concrete, when Web page (also can be called for short " webpage ") on one the Internet of user terminal access,
Can to provide this Web service far-end server send HTTP (Hypertext Transfer Protocol,
HTTP) request message.Before described HTTP request message arrives far-end server, can be first
Arrive safety equipment, and these safety equipment are usually located at the exit of enterprise network.Described HTTP request report
With the URL address of user terminal webpage to be visited in literary composition.In general, HTTP request message is by asking
Row, request header, null and request data 4 part composition, wherein, the URL of described webpage to be visited
Address is present in the request row of HTTP request message.
Step 202: search the URL ground mated with the URL address of described webpage to be visited in URL storehouse
Location.
Concrete, the URL storehouse of described safety equipment is configured with URL white list or URL white list adds
URL blacklist, in described URL white list, storage has the URL address allowing user terminal access, and institute
Stating operation corresponding after the URL address of webpage to be visited matches the URL address in this URL white list is
Allowing to let pass, in described URL blacklist, storage has the URL address forbidding user terminal access, and described
The URL address of webpage to be visited matches operation corresponding behind the URL address in this URL blacklist for prohibiting
Stop-pass mistake.The HTTP request message of the described URL address with described webpage to be visited arrives safety equipment
After, safety equipment search in this URL storehouse the URL ground mated the URL address with described webpage to be visited
Location, if finding the URL address of coupling in URL white list, the most described HTTP request message is put
Walk to far-end server;If finding the URL address of coupling in URL blacklist, then forbid this HTTP
Request message passes through, to block the user terminal access to described webpage to be visited.
Step 203: if not finding the URL address of coupling, then guide this user terminal access to be positioned at appointment
URL on management equipment gathers the page, in order to user terminal gathers the page by net to be visited by this URL
The URL address of page is submitted to and is examined.
Concrete, one of them example, when the situation only having URL white list in the URL storehouse of safety equipment
Under, and URL white list is searched less than the URL address mated with the URL address of described webpage to be visited,
Then determine the URL address not finding coupling.In another example, when in the URL storehouse of safety equipment both
In the case of having URL white list to have again URL blacklist, and in URL white list and URL blacklist all
When searching less than the URL address mated with the URL address of described webpage to be visited, the most just can determine whether not look into
Find the URL address of coupling.Either which example, when not finding the URL address of coupling, institute
The WEB page of the URL address sensing stating webpage to be visited is temporarily considered dangerous incredible webpage,
Therefore user terminal cannot immediately access this URL address.
In this case, the safety equipment of the application are by returning one HTTP redirection report of user terminal
Literary composition, guides user terminal access to be positioned at and specifies the URL on management equipment to gather the page, and described HTTP resets
The URL address of the page is gathered with this URL of sensing, so that user terminal is assisted according to HTTP in message
The redirection mechanism of view automatically accesses this URL and gathers the page, and user can be manually by described webpage to be visited
URL address is committed to manage equipment side by this URL collection page and examines.Step 204: according to pipe
The examination result of the URL address of the page to be visited that reason equipment returns updates URL storehouse.
Concrete, if the examination result of management equipment side is for passing through, safety equipment then add described net to be visited
The URL address of page is to URL white list;If the examination result of management equipment side is not for pass through, if URL
Storehouse does not has URL blacklist, then forbids that the URL address of described webpage to be visited is passed through;If URL storehouse
In have URL blacklist, then the URL address of webpage to be visited is added in URL blacklist by safety equipment,
Thus realize the renewal to described URL storehouse.
Application above-described embodiment, safety equipment do not find and the URL of described webpage to be visited in URL storehouse
During the URL address that address is mated, by the redirection mechanism of http protocol, user terminal access is guided to refer to
URL on fixed tube reason equipment gathers the page, and gathers the page by described webpage to be visited according to this URL
URL address is submitted to and is examined, thus safety equipment are according to the URL of the webpage to be visited of management equipment return
The examination result of address updates URL storehouse, updates URL storehouse with the requirements for access realized according to user terminal,
Thus meet the individual demand of enterprise self.
One idiographic flow block diagram of the embodiment of the present application is as shown in Figure 3:
Step 301: during user terminal access webpage, can be able to send with webpage to be visited to far-end server
The HTTP request message of URL address, wherein, before described HTTP request message arrives far-end server
Safety equipment can be first passed through.
Step 302: mate with the URL address of described webpage to be visited in safety equipment lookup URL storehouse
URL address.
Concrete, general enterprises is joined in the consideration of secure context, generally the URL storehouse in safety equipment
Putting URL white list, URL white list represents that Web page pointed by which URL address can access.
In another preferred scheme, URL white list and URL blacklist, wherein, URL can be configured simultaneously
Blacklist then represents that Web page pointed by which URL address is prohibited from access, so that safety equipment are more
Perfect.
In described URL white list, storage has the URL address allowing user terminal access, and matches and treat
Action type corresponding after accessing the URL address of webpage, the action type in URL white list is clearance;
Wherein, URL white list can be stored in URL storehouse by the way of list item, as shown in table 1, and URL
The list item example of white list is as follows:
Table 1 URL white list
Same, in described URL blacklist, storage has the URL address forbidding user terminal access, and
Operation corresponding after matching the URL address of webpage to be visited, the action type in URL blacklist is resistance
Disconnected, described URL blacklist can also be stored in URL storehouse by the way of list item, as shown in table 2,
The list item example of URL blacklist is as follows:
Table 2 URL blacklist
In a preferred example, except forbidding that this HTTP request message passes through, safety equipment are all right
Sending HTTP redirection message to user terminal, this HTTP redirection message carries sensing to be forbidden simultaneously
Access the URL address of the prompting page.Browser on user terminal can be certainly after receiving HTTP redirection message
Dynamic redirecting access this forbids accessing the prompting page, user can obtain one from this content of pages and prohibit clearly
Only access and in prompting, such as this page, may have the forbidden reason of access.In another preferred example,
This forbids including on the access prompting page that the URL address of the URL collection page (is equivalent to a Shen
Tell link), user clicks on this link, can enter into URL and gather the page.URL gathers the effect of the page
Follow-up further describe.
Step 303: if safety equipment do not find the URL address of coupling, then generate HTTP redirection report
Literary composition, wherein, gathers the URL address of the page with URL in described HTTP redirection message.
Concrete, described HTTP redirection message belongs to http response message, by responsive trip, response
Head and response body three part composition, wherein, described response head includes location field, described
In location field, storage has URL to gather the URL address of the page.
Step 304: safety equipment transmission HTTP redirection message is to user terminal, and described HTTP is heavy
Orientation message gathers the URL address of the page with URL.
Step 305: user terminal, according to the URL address in HTTP redirection message, generates with this
The HTTP request message of URL address.
Step 306: user terminal sends with this URL address HTTP request message to the management specified
Equipment.
Step 307: management equipment gathers the page money of the page according to URL described in this URL address acquisition
Source.
After user terminal receives described HTTP redirection message, according to the described URL wherein carried
Gather the URL address of the page, generate the HTTP request message with this URL address, wherein, institute
The web page resources stating the URL collection page is present in the management equipment specified, and management equipment obtains page resource
By http response, this page resource is sent to user terminal afterwards, can be certainly on user terminal browser
Dynamic this URL that assembles gathers the page, thus realizes automatically having access to URL and gather the target of the page.
An enterprises, major part employee may come to visit because of the business demand that department is unique
Ask various webpage, have the URL address of quite a few webpage (especially increasing webpage newly) not to be recorded
In URL storehouse, now whether this webpage meets enterprise security standard is unknown.For a user, its
Do not let pass the most without reason the when of accessing these URL, caused potential potential safety hazard;The most it is not blocked
And have influence on the experience of user.Now this access is not cleared, but is directed to the URL that management equipment provides
Gather to come on the page, not only ensure that safety but also taken into account the experience of user.For another one angle,
In traditional approach, user it may also be desirable to pick up the telephone or initiate from other positions an approval process and joins
It is manager, the inconvenience brought to user.After using the scheme of the application, user can pass through safety
The guiding of equipment is automatically related to manage equipment side and is realized the examination of the URL address to webpage to be visited.
Step 308: user terminal gathers the page according to this URL and submits the URL with described webpage to be visited to
The access request of address is to manager.
Concrete, after user terminal access gathers the page to the URL specified on management equipment, according to this URL
Gather the information of the page, submit the access request of the URL address with user terminal webpage to be visited to,
So that manager examines the URL address of described webpage to be visited.In a preferred example, URL gathers
The page can include URL address input field position, it is allowed to user inputs the URL address of the above-mentioned page to be visited,
In addition URL gathers and can also include that priority, process limited, contact method etc. are one or more auxiliary on the page
Help input field.These auxiliary input fields can help to manage equipment side and enter URL address timely and effectively
Row examines.Assuming to use manual review, priority and process limited can allow manager to solve as soon as possible
Those urgent web page access demands, it is possible in time examination result is informed by Email or other modes
To user terminal.
Step 309: management equipment side examines the URL address of described webpage to be visited.
In the example of a manual review, manager can check described webpage to be visited by management equipment
The web page contents of URL address, and evaluate whether this webpage is secure and trusted according to the web page contents of this webpage
Webpage, the most then this webpage is the webpage that user terminal can access;If it is not, then this webpage is for using
The webpage that family terminal cannot access, thus obtain examination result.In other examples, can use automatically
The mode examined.
Step 310: management equipment returns the examination result of the URL address of described webpage to be visited and sets to safety
Standby.
Step 311: safety equipment update URL according to the examination result of the URL address of described webpage to be visited
Storehouse.
Concrete, when examination result be by time, the URL address of the safety equipment described webpage to be visited of interpolation
To URL white list;When examination result is obstructed out-of-date, and safety equipment then add described webpage to be visited
URL address is to URL blacklist, thus realizes updating URL storehouse.
There is above-described embodiment visible, when safety equipment do not find the URL of webpage to be visited with user terminal
During the URL address of address coupling, be not the access directly blocking described user terminal, but generate with
URL gathers the HTTP redirection message of the URL address of the page, so that user terminal is according to this URL ground
Location accesses specifies the URL in management equipment to gather the page, submits the URL address with webpage to be visited to
Access request to managing equipment side, the webpage described to be visited that therefore safety equipment then return according to manager
The examination result of URL address updates URL storehouse, thus realizes the individual demand according to enterprise and update URL
Storehouse.
Corresponding with the embodiment of the method in above-mentioned renewal URL storehouse, present invention also provides renewal URL storehouse dress
The embodiment put.
The embodiment of the application message transmitting device can be applied respectively on user terminal and management equipment.Dress
Put embodiment to be realized by software, it is also possible to realize by the way of hardware or software and hardware combining.With
As a example by software realizes, as the device in a meaning, it is that the processor by its place equipment is by non-volatile
Property memorizer in corresponding computer program instructions read internal memory runs and formed.For hardware view,
As shown in Figure 4, a kind of hardware structure diagram of device place, URL storehouse equipment is updated for the application, except Fig. 4
Outside shown processor, network interface, internal memory and nonvolatile memory, device place in embodiment
Equipment generally can also include other hardware, such as the forwarding chip etc. of responsible process message;Tie from hardware
This equipment from the point of view of on structure, it is also possible that distributed equipment, potentially includes multiple interface card, in order at hardware layer
Face carries out the extension of Message processing.
Seeing Fig. 5, be an embodiment block diagram of a kind of URL of the application storehouse updating device, described device should
Being used in the safety equipment for updating URL storehouse, described device includes: receives unit 510, search unit
520, indicating member 530 and performance element 540.
Wherein, receive unit 510, for receiving the HTTP request report that user terminal sends to far-end server
Literary composition, comprises the URL address of webpage to be visited in described HTTP request message;
Search unit 520, mate with the URL address of described webpage to be visited for lookup in URL storehouse
URL address;
Indicating member 530, if for the URL address not finding coupling, then guiding this user terminal access
It is positioned at and specifies the URL on management equipment to gather the page, in order to user terminal gathers the page by this URL will
The URL address of webpage to be visited is submitted to and is examined;
Performance element 540, the examination for the URL address of the page to be visited returned according to management equipment is tied
Fruit updates URL storehouse.
In above-mentioned implementation embodiment, the URL storehouse in described lookup unit includes URL white list
Adding URL blacklist with URL white list, described lookup unit is at URL library lookup and described net to be visited
The URL address of the URL address coupling of page specifically includes:
Whether lookup URL white list and URL white list add has in URL blacklist and described net to be visited
The URL address of the URL addresses match of page;
If finding the URL address of coupling in URL white list, then this HTTP request report of letting pass
Literary composition;If finding the URL address of coupling in URL blacklist, then forbid this HTTP request report
Literary composition passes through, and sends HTTP redirection message to user terminal, and this HTTP redirection message carries
Point to the URL address forbidding accessing the prompting page.
Described indicating member guides this user terminal access to be positioned at the URL collection page specified on management equipment
The process in face particularly as follows:
Sending HTTP redirection message to this user terminal, this HTTP redirection message carries sensing
This URL gathers the URL address of the page.
Described performance element specifically for:
When described examination result be by time, add the URL address of the described page to be visited to URL
In the URL white list in storehouse;
When described examination result is not pass through, if URL storehouse does not has URL blacklist, then forbid
The URL address of described webpage to be visited is passed through;If URL storehouse has URL blacklist, then will wait to visit
Ask that the URL address of webpage is added in URL blacklist.
URL in described indicating member gathers the page and includes that priority input field and/or process limited are defeated
Enter field.
As seen from the above-described embodiment, safety equipment are in the case of searching the URL address less than coupling, sharp
Redirect with URL address and make user terminal access specify the URL on management equipment to gather the page, and
The access request of URL address of page submission webpage to be visited is gathered to managing equipment according to described URL
Side, the examination result of the URL address of the webpage described to be visited that safety equipment then return according to management equipment
Update URL storehouse.
In said apparatus, the function of unit and the process that realizes of effect specifically refer to corresponding step in said method
Rapid realizes process, does not repeats them here.
For device embodiment, owing to it corresponds essentially to embodiment of the method, so relevant part sees
The part of embodiment of the method illustrates.Device embodiment described above is only schematically, wherein
The described unit illustrated as separating component can be or may not be physically separate, as unit
The parts of display can be or may not be physical location, i.e. may be located at a place, or also may be used
To be distributed on multiple NE.Some or all of module therein can be selected according to the actual needs
Realize the purpose of the application scheme.Those of ordinary skill in the art in the case of not paying creative work,
I.e. it is appreciated that and implements.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all in this Shen
Within spirit please and principle, any modification, equivalent substitution and improvement etc. done, should be included in this Shen
Within the scope of please protecting.
Claims (10)
1. a URL storehouse update method, it is characterised in that described method is applied on safety equipment, bag
Include:
Receive the HTTP request message that user terminal sends, described HTTP request report to far-end server
Literary composition comprises the URL address of webpage to be visited;
The URL address mated with the URL address of described webpage to be visited is searched in URL storehouse;
If not finding the URL address of coupling, then guide this user terminal access to be positioned at appointment management and set
Standby upper URL gathers the page, in order to user terminal gathers the page by webpage to be visited by this URL
URL address is submitted to and is examined;
The examination result of the URL address of the page to be visited according to management equipment return updates URL storehouse.
Method the most according to claim 1, it is characterised in that described URL storehouse includes that URL is white
List or URL white list add URL blacklist, described at URL library lookup and described webpage to be visited
The URL address of URL address coupling specifically includes:
Whether lookup URL white list or URL white list add has in URL blacklist and described net to be visited
The URL address of the URL addresses match of page;
If finding the URL address of coupling in URL white list, then this HTTP request report of letting pass
Literary composition;If finding the URL address of coupling in URL blacklist, then forbid this HTTP request report
Literary composition passes through, and sends HTTP redirection message to user terminal, and this HTTP redirection message carries
Point to the URL address forbidding accessing the prompting page.
Method the most according to claim 1, it is characterised in that this user terminal access of described guiding
Be positioned at specify the URL on management equipment to gather the page particularly as follows:
Sending HTTP redirection message to this user terminal, this HTTP redirection message carries sensing
This URL gathers the URL address of the page.
Method the most according to claim 2, it is characterised in that when described examination result be by time,
The URL address of the described page to be visited is added in the URL white list in URL storehouse;
When described examination result is not pass through, if URL storehouse does not has URL blacklist, then forbid
The URL address of described webpage to be visited is passed through;If URL storehouse has URL blacklist, then will wait to visit
Ask that the URL address of webpage is added in URL blacklist.
Method the most according to claim 1, it is characterised in that described URL gathers the page and includes
Priority input field and/or process limited input field.
6. a URL storehouse updating device, it is characterised in that described method is applied on safety equipment, bag
Include:
Receive unit, for receiving the HTTP request message that user terminal sends, institute to far-end server
State the URL address comprising webpage to be visited in HTTP request message;
Search unit, mate with the URL address of described webpage to be visited for lookup in URL storehouse
URL address;
Indicating member, for when not finding the URL address of coupling, guides this user terminal access
It is positioned at and specifies the URL on management equipment to gather the page, in order to user terminal gathers the page by this URL
The URL address of webpage to be visited is submitted to and examines;
Performance element, the examination for the URL address of the page to be visited returned according to management equipment is tied
Fruit updates URL storehouse.
Device the most according to claim 6, it is characterised in that the URL storehouse in described lookup unit
Adding URL blacklist including URL white list or URL white list, described lookup unit is looked in URL storehouse
The URL address looking for the URL address with described webpage to be visited to mate specifically includes:
Whether lookup URL white list or URL white list add has in URL blacklist and described net to be visited
The URL address of the URL addresses match of page;
If finding the URL address of coupling in URL white list, then this HTTP request report of letting pass
Literary composition;If finding the URL address of coupling in URL blacklist, then forbid this HTTP request report
Literary composition passes through, and sends HTTP redirection message to user terminal, and this HTTP redirection message carries
Point to the URL address forbidding accessing the prompting page.
Device the most according to claim 6, described indicating member guides this user terminal access to be positioned at
Specify the URL on management equipment gather the page process particularly as follows:
Sending HTTP redirection message to this user terminal, this HTTP redirection message carries sensing
This URL gathers the URL address of the page.
Device the most according to claim 7, it is characterised in that described performance element specifically for:
When described examination result be by time, add the URL address of the described page to be visited to URL
In the URL white list in storehouse;
When described examination result is not pass through, if URL storehouse does not has URL blacklist, then forbid
The URL address of described webpage to be visited is passed through;If URL storehouse has URL blacklist, then will wait to visit
Ask that the URL address of webpage is added in URL blacklist.
Device the most according to claim 6, it is characterised in that the URL in described indicating member
Gather the page and include priority input field and/or process limited input field.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510585840.3A CN105939370A (en) | 2015-09-15 | 2015-09-15 | Method and device for updating URL library |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510585840.3A CN105939370A (en) | 2015-09-15 | 2015-09-15 | Method and device for updating URL library |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105939370A true CN105939370A (en) | 2016-09-14 |
Family
ID=57152746
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510585840.3A Pending CN105939370A (en) | 2015-09-15 | 2015-09-15 | Method and device for updating URL library |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105939370A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106570092A (en) * | 2016-10-21 | 2017-04-19 | 乐视控股(北京)有限公司 | Management method and device of URL (Uniform Resource Locator) address |
CN108664493A (en) * | 2017-03-29 | 2018-10-16 | 北京京东尚科信息技术有限公司 | Count the whether effective method, apparatus of URL, electronic equipment and storage medium |
CN109525586A (en) * | 2018-11-29 | 2019-03-26 | 杭州迪普科技股份有限公司 | Security policy configuration method and device based on URL |
CN110071840A (en) * | 2019-04-29 | 2019-07-30 | 厦门美图之家科技有限公司 | Upgrade method, device and client |
CN111460337A (en) * | 2020-03-23 | 2020-07-28 | 武汉思普崚技术有限公司 | UR L recognition rate analysis method and device |
CN111585982A (en) * | 2020-04-24 | 2020-08-25 | 云南电网有限责任公司信息中心 | Restful information exchange system and method for different-level secure networks |
CN112286592A (en) * | 2020-10-29 | 2021-01-29 | 平安普惠企业管理有限公司 | Resource data loading method and device, storage medium and computer equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102299918A (en) * | 2011-07-08 | 2011-12-28 | 盛大计算机(上海)有限公司 | Network transaction safety system and method thereof |
CN102710645A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for detecting phishing website |
CN102724186A (en) * | 2012-06-06 | 2012-10-10 | 珠海市君天电子科技有限公司 | System and method for detecting phishing websites |
CN103532917A (en) * | 2012-07-06 | 2014-01-22 | 天讯天网(福建)网络科技有限公司 | Website-filtering method based on mobile Internet and cloud computing |
-
2015
- 2015-09-15 CN CN201510585840.3A patent/CN105939370A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102299918A (en) * | 2011-07-08 | 2011-12-28 | 盛大计算机(上海)有限公司 | Network transaction safety system and method thereof |
CN102710645A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for detecting phishing website |
CN102724186A (en) * | 2012-06-06 | 2012-10-10 | 珠海市君天电子科技有限公司 | System and method for detecting phishing websites |
CN103532917A (en) * | 2012-07-06 | 2014-01-22 | 天讯天网(福建)网络科技有限公司 | Website-filtering method based on mobile Internet and cloud computing |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106570092A (en) * | 2016-10-21 | 2017-04-19 | 乐视控股(北京)有限公司 | Management method and device of URL (Uniform Resource Locator) address |
CN108664493A (en) * | 2017-03-29 | 2018-10-16 | 北京京东尚科信息技术有限公司 | Count the whether effective method, apparatus of URL, electronic equipment and storage medium |
CN109525586A (en) * | 2018-11-29 | 2019-03-26 | 杭州迪普科技股份有限公司 | Security policy configuration method and device based on URL |
CN110071840A (en) * | 2019-04-29 | 2019-07-30 | 厦门美图之家科技有限公司 | Upgrade method, device and client |
CN111460337A (en) * | 2020-03-23 | 2020-07-28 | 武汉思普崚技术有限公司 | UR L recognition rate analysis method and device |
CN111460337B (en) * | 2020-03-23 | 2023-04-11 | 武汉思普崚技术有限公司 | URL recognition rate analysis method and device |
CN111585982A (en) * | 2020-04-24 | 2020-08-25 | 云南电网有限责任公司信息中心 | Restful information exchange system and method for different-level secure networks |
CN111585982B (en) * | 2020-04-24 | 2022-12-06 | 云南电网有限责任公司信息中心 | Restful information exchange system and method for different-level security networks |
CN112286592A (en) * | 2020-10-29 | 2021-01-29 | 平安普惠企业管理有限公司 | Resource data loading method and device, storage medium and computer equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105939370A (en) | Method and device for updating URL library | |
US8943208B2 (en) | Controlling access to resources by hosted entities | |
US8112799B1 (en) | Method, system, and computer program product for avoiding cross-site scripting attacks | |
CN109977690A (en) | A kind of data processing method, device and medium | |
CN107070776A (en) | System and method for assessing outbound message | |
US20200074079A1 (en) | Method and system for checking malicious hyperlink in email body | |
US9521031B2 (en) | Internet access control using depth parameters | |
US8346950B1 (en) | Hosted application server | |
US20160034834A1 (en) | Capturing evolution of a resource memorandum according to resource requests | |
CN109492423A (en) | Method, apparatus, computer equipment and the storage medium of sensitive information filtering | |
US9471665B2 (en) | Unified system for real-time coordination of content-object action items across devices | |
CN102938766B (en) | Maliciously website prompt method and device | |
CN105631312A (en) | Method and system for processing rogue programs | |
US10192262B2 (en) | System for periodically updating backings for resource requests | |
CN107239701A (en) | Recognize the method and device of malicious websites | |
CN104468321A (en) | Method and system of INITIATING SOCIAL INTERACTION BASED ON E-MAIL CONTENT | |
CN106254528A (en) | A kind of resource downloading method and buffer memory device | |
US10013237B2 (en) | Automated approval | |
US20120304290A1 (en) | Cyber isolation, defense, and management of a inter-/intra- enterprise network | |
CN106060023A (en) | Malicious data interception processing method and device | |
US9264532B2 (en) | Technology for combating mobile phone criminal activity | |
JP2007156690A (en) | Method for taking countermeasure to fishing fraud, terminal, server and program | |
US9923857B2 (en) | Symbolic variables within email addresses | |
CN107229644A (en) | Searching method and device | |
US11550915B2 (en) | Method and system for data security and apparatus for executing the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
CB02 | Change of applicant information | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160914 |
|
RJ01 | Rejection of invention patent application after publication |