CN109962926A - A kind of verification method, equipment and system - Google Patents

A kind of verification method, equipment and system Download PDF

Info

Publication number
CN109962926A
CN109962926A CN201910278432.1A CN201910278432A CN109962926A CN 109962926 A CN109962926 A CN 109962926A CN 201910278432 A CN201910278432 A CN 201910278432A CN 109962926 A CN109962926 A CN 109962926A
Authority
CN
China
Prior art keywords
webpage
file
label
dynamic data
randomization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910278432.1A
Other languages
Chinese (zh)
Inventor
刘浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Wave Intelligent Technology Co Ltd
Original Assignee
Suzhou Wave Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Wave Intelligent Technology Co Ltd filed Critical Suzhou Wave Intelligent Technology Co Ltd
Priority to CN201910278432.1A priority Critical patent/CN109962926A/en
Publication of CN109962926A publication Critical patent/CN109962926A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The application provides a kind of verification method, equipment and system, which comprises the webpage of response is encrypted and randomization;The first webpage, the first file and output policy after encryption and randomization is sent to server-side proxy, so that the server-side proxy carries out legitimate verification to the static data and dynamic data of the webpage after the encryption and randomization according to first file and output policy;It wherein, include key and randomized marker in first file.Through the above technical solutions, the safety of webpage can be effectively ensured, and improve the flexibility of webpage output.

Description

A kind of verification method, equipment and system
Technical field
The present invention relates to computer field more particularly to a kind of verification methods, equipment and system.
Background technique
XSS attack (Cross Site Scripting, cross-site scripting attack) refers to that malicious attacker can be toward Web Be inserted into (World Wide Web, global wide area network) page malice Html (Hyper Text Markup Language, it is super Text mark up language) code, when user browses the page, being embedded in the Html code inside Web can be performed, to reach evil The specific purposes of meaning user.
The precautionary measures of XSS attack at present, the position difference where the various precautionary measures can be divided into three kinds: pure clothes The prevention of business device end, the prevention of pure client and server end and client cooperation prevention.
1, the pure server end precautionary measures, which refer to, only takes the precautionary measures in server end, in inputting to user The filtering and verifying of appearance carry out tactful inspection in server end output interface and execute in server end output interface based on clear The tactful of device that look at checks.
Filtering and verifying to user's input content due to concentrating on the input interface of server end, and are distributed in not In context embedded by secure data, therefore the shortcomings that this measure is that great burden is brought to network developer.
Tactful inspection is carried out in server end output interface, since dangerous data are embedded in arbitrary context, Therefore strategy, which checks, just becomes complexity, especially when processing dynamic changes file structure attack.In other words, this is arranged It is for client browser, accordingly, it is possible to which server end and client can be made to the same document that the strategy applied, which checks not, In same sentence parsing it is inconsistent, to cause browser and server parses inconsistent loophole.
The strategy based on browser, which is executed, in server end output interface checks that this method has a common problem, Exactly it cannot be guaranteed that client browser is to the parsing of same input be with the parsing of server end as.
2, the pure client precautionary measures
The pure client precautionary measures are exactly only to take prevention in client, and current main method has defeated in client progress Match out, track sensitive information stream, prevent script injection etc..
Output matching, the disadvantages of the method are as follows compromising the flexibility of web application.
The tracking of sensitive information stream, the disadvantages of the method are as follows needing to be determined in advance, which is sensitive information or its composition is tired Difficult.
Script is prevented to inject, the disadvantages of the method are as follows needing the intervention of user.
3, the precautionary measures of server end and client cooperation
Current some schemes, which are used, provides white list security strategy in server end, in client modification browser to support The method of the server end and client cooperation that execute security strategy takes precautions against XSS attack.This method, which only injects script, to be made For carrier, without considering other XSS attack carriers.Meanwhile this method cannot prevent dynamic from modifying file structure attack; Another scheme is to identify all Html labels in server end, and provide the security strategy for these labels, in client Petiolarea divides fiducial markers and insincere label, the method for then executing prevention XSS attack according to security strategy.
Summary of the invention
The application technology to be solved is to provide a kind of verification method, equipment and system, and webpage can be effectively ensured Safety, and improve the flexibility of webpage output.
In order to solve the above-mentioned technical problem, this application provides a kind of verification methods, are applied to server end, the method Include:
The webpage of response is encrypted and randomization;
The first webpage, the first file and output policy after encryption and randomization is sent to server end Agency, so that the server-side proxy is according to first file and output policy to the encryption and randomization The static data and dynamic data of webpage afterwards carry out legitimate verification;
It wherein, include key and randomized marker in first file.
Optionally, the webpage by after encryption and randomization, the first file and output policy are sent to Before server-side proxy, the method also includes:
Formulate the output policy.
Optionally, the webpage of described pair of response is encrypted and randomization includes:
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
Optionally, first file is the file by encryption.
The application also provides a kind of verification method, is applied to server-side proxy, which comprises
Obtain server end send encryption and randomization after the first webpage,
First file and output policy;
Legitimate verification is carried out to the output of first webpage according to first file and output policy;
It wherein, include key and randomized marker in first file.
Optionally, described that the output progress legitimacy of first webpage is tested according to first file and output policy Card includes:
Obtain the key in first file, the label of the first webpage and tag attributes according to the key pair into Row legitimate verification;
The randomized marker in first file is obtained, according to the randomized marker to the dynamic of first webpage Data carry out legitimate verification;
If the label and label data of first webpage do not pass through legitimate verification, according in the output policy The rule of formulation determines whether the static data allows to export;
If the dynamic data of first webpage does not pass through legitimate verification, according to what is formulated in the output policy Rule determines whether the dynamic data allows to export.
Optionally, described that the output progress legitimacy of first webpage is tested according to first file and output policy Card further include:
If the label and label data of first webpage are by legitimate verification, also, first webpage is dynamic State data pass through legitimate verification, it is determined that first webpage allows to export.
Optionally, the label of first webpage according to the key pair and tag attributes carry out legitimate verification packet It includes:
The first webpage according to the key pair is decrypted;
For first auto-building html files the first DOM Document Object Model dom tree after decryption;The original web page sent for server end Generate the second dom tree;If the first dom tree and the 2nd DOM successful match, the label and label data of first webpage are logical Cross legitimate verification;If the matching of the first dom tree is unsuccessful, it is legal that the label and label data of first webpage do not pass through Property verifying;
It is described to include: according to dynamic data progress legitimate verification of the randomized marker to first webpage
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first net The dynamic data of page passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage are marked Know inconsistent, then the dynamic data of first webpage does not pass through legitimate verification.
The application also provides a kind of server, and the server includes:
First processing module, for the webpage of response being encrypted and randomization;
Second processing module, for by the first webpage, the first file and the output after encryption and randomization Strategy is sent to server-side proxy, so that the server-side proxy adds according to first file and output policy to described The output of webpage after close processing and randomization carries out legitimate verification;
It wherein, include key and randomized marker in first file.
Optionally, the first processing module is also used to webpage, the first file after encryption and randomization And output policy is sent to before server-side proxy, formulates the output policy.
Optionally, the first processing module is used to that the webpage of response to be encrypted and randomization refers to:
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
Optionally, first file is the file by encryption.
The application also provides a kind of agent equipment, and the agent equipment includes:
Receiving module, for obtain server end transmission encryption and randomization after the first webpage, first File and output policy;
Authentication module, for carrying out legitimacy to the output of first webpage according to first file and output policy Verifying;
It wherein, include key and randomized marker in first file.
Optionally, the authentication module includes:
First authentication unit, for obtaining the key in first file, the first webpage according to the key pair Label and tag attributes carry out legitimate verification;
Second authentication unit, for obtaining the randomized marker in first file, according to the randomized marker pair The dynamic data of first webpage carries out legitimate verification;
Processing unit does not pass through legitimate verification for the label and label data when first webpage, then according to institute It states the rule formulated in output policy and determines whether the static data allows to export;It is also used to the dynamic when first webpage Data do not pass through legitimate verification, then it is defeated to determine whether the dynamic data allows according to the rule formulated in the output policy Out.
Optionally, the processing unit is also used to test when the label and label data of first webpage by legitimacy Card, also, the dynamic data of first webpage passes through legitimate verification, it is determined that and first webpage allows to export.
Optionally, first authentication unit label of the first webpage according to the key pair and tag attributes carry out Legitimate verification refers to:
The first webpage according to the key pair is decrypted;
For first auto-building html files the first DOM Document Object Model dom tree after decryption;The original web page sent for server end Generate the second dom tree;If the first dom tree and the 2nd DOM successful match, the label and label data of first webpage are logical Cross legitimate verification;If the matching of the first dom tree is unsuccessful, it is legal that the label and label data of first webpage do not pass through Property verifying;
Second authentication unit carries out legitimacy according to dynamic data of the randomized marker to first webpage Verifying refers to:
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first net The dynamic data of page passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage are marked Know inconsistent, then the dynamic data of first webpage does not pass through legitimate verification.
The application also provides a kind of verifying system, and the system comprises aforementioned any server and aforementioned any institutes The agent equipment stated.
Compared with prior art, the application includes: the webpage of response to be encrypted and randomization;It will encryption The first webpage, the first file and output policy after processing and randomization are sent to server-side proxy, so that described Server-side proxy is according to first file and output policy to the quiet of the webpage after the encryption and randomization State data and dynamic data carry out legitimate verification;It wherein, include key and randomized marker in first file.By upper Technical solution is stated, the safety of webpage can be effectively ensured, and improves the flexibility of webpage output.
Detailed description of the invention
Fig. 1 is the flow chart of the verification method of the embodiment of the present invention one;
Fig. 2 is another flow chart of the verification method of the embodiment of the present invention one;
Fig. 3 is the another flow chart of the verification method of the embodiment of the present invention one;
Fig. 4 is the structural schematic diagram of the server of the embodiment of the present invention one;
Fig. 5 is the structural schematic diagram of the agent equipment of the embodiment of the present invention one;
Fig. 6 is the structural schematic diagram for the system that the embodiment of the present invention one is verified;
Fig. 7 is the flow chart of the verification method of example one.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application Feature can mutual any combination.
Step shown in the flowchart of the accompanying drawings can be in a computer system such as a set of computer executable instructions It executes.Also, although logical order is shown in flow charts, and it in some cases, can be to be different from herein suitable Sequence executes shown or described step.
Embodiment one
As shown in Figure 1, being applied to server end the present embodiment provides a kind of verification method, which comprises
Step S102, the webpage of response is encrypted and randomization;
Step S104, the first webpage, the first file and the output policy after encryption and randomization are sent To server-side proxy so that the server-side proxy according to first file and output policy to the encryption and The static data and dynamic data of webpage after randomization carry out legitimate verification;
It wherein, include key and randomized marker in first file.
Optionally, as shown in Fig. 2, the webpage by after encryption and randomization, the first file and output Strategy is sent to before server-side proxy, and the method can also include:
Step S100, the output policy is formulated.
Optionally, the webpage of described pair of response is encrypted and randomization may include:
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
Optionally, first file can be the file by encryption.
Through the above technical solutions, can guarantee the integrality of document, webpage is effectively prevent to be tampered;Meanwhile passing through finger Determine output policy, it is more flexible to can be webpage output;In addition, webpage verification using data-hiding technology is executed by server-side proxy, it is not necessarily to client The support of browser.
As shown in figure 3, the present embodiment also provides a kind of verification method, it is applied to server-side proxy, which comprises
Step S101, the first webpage, the first file after obtaining the encryption and randomization that server end is sent And output policy;
Step S103, legitimacy is carried out to the output of first webpage according to first file and output policy to test Card;
It wherein, include key and randomized marker in first file.
Optionally, described that the output progress legitimacy of first webpage is tested according to first file and output policy Card may include:
Obtain the key in first file, the label of the first webpage and tag attributes according to the key pair into Row legitimate verification;
The randomized marker in first file is obtained, according to the randomized marker to the dynamic of first webpage Data carry out legitimate verification;
If the label and label data of first webpage do not pass through legitimate verification, according in the output policy The rule of formulation determines whether the static data allows to export;
If the dynamic data of first webpage does not pass through legitimate verification, according to what is formulated in the output policy Rule determines whether the dynamic data allows to export.
The output policy of the application can specify the rule of different stage, such as: it is loaded into anyway (about due to safety Rank is closed entirely), loading of having ready conditions (similar white list, there is the website of trust), unconditionally forbid being loaded into (similar blacklist).
For example, the case where legitimate verification is not passed through for label and label data, if output policy is regular accordingly Allow, from backup server application and original web page can be obtained, using the original web page of the acquisition as the static data of output. The case where not passing through legitimate verification for dynamic data can be dangerous by this if the corresponding rule of output policy allows Dynamic data output.
In this implementation, the verifying of static data and the verifying of dynamic data can carry out simultaneously, can also successively carry out.Such as Fruit first carries out the verifying of static data, can not allow the case where exporting in static data, cancel the verifying to dynamic data;Or Person can not allow the case where exporting in dynamic data, static data is tested in cancellation if the verifying of advanced Mobile state data Card;Alternatively, can all carry out the verifying of static data and dynamic data regardless of verification result.
Optionally, described that the output progress legitimacy of first webpage is tested according to first file and output policy Demonstrate,proving to include:
If the label and label data of first webpage are by legitimate verification, also, first webpage is dynamic State data pass through legitimate verification, it is determined that first webpage allows to export.
Optionally, the label of first webpage according to the key pair and tag attributes progress legitimate verification can To include:
The first webpage according to the key pair is decrypted;
For the first DOM of the first auto-building html files (Document Object Model, the DOM Document Object Model) tree after decryption; The second dom tree is generated for the original web page that server end is sent;If the first dom tree and the 2nd DOM successful match, described The label and label data of one webpage pass through legitimate verification;If the matching of the first dom tree is unsuccessful, first webpage Label and label data do not pass through legitimate verification;
It is described to include: according to dynamic data progress legitimate verification of the randomized marker to first webpage
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first net The dynamic data of page passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage are marked Know inconsistent, then the dynamic data of first webpage does not pass through legitimate verification.
Through the above technical solutions, can guarantee the integrality of document, webpage is effectively prevent to be tampered;Meanwhile passing through finger Determine output policy, it is more flexible to can be webpage output;In addition, webpage verification using data-hiding technology is executed by server-side proxy, it is not necessarily to client The support of browser.
As shown in figure 4, the present embodiment also provides a kind of server, the server 1 includes:
First processing module 10, for the webpage of response being encrypted and randomization;
Second processing module 11, for by the first webpage, the first file and defeated after encryption and randomization Strategy is sent to server-side proxy out, so that the server-side proxy is according to first file and output policy to described The output of webpage after encryption and randomization carries out legitimate verification;
It wherein, include key and randomized marker in first file.
Optionally, the first processing module 10, can be also used for by after encryption and randomization webpage, One file and output policy are sent to before server-side proxy, formulate the output policy.
Optionally, the first processing module 10 is for being encrypted the webpage of response and randomization can be with Refer to:
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
Optionally, first file can be the file by encryption.
Through the above technical solutions, can guarantee the integrality of document, webpage is effectively prevent to be tampered;Meanwhile passing through finger Determine output policy, it is more flexible to can be webpage output;In addition, webpage verification using data-hiding technology is executed by server-side proxy, it is not necessarily to client The support of browser.
As shown in figure 5, the present embodiment also provides a kind of agent equipment, the agent equipment 2 includes:
Receiving module 20, the first webpage after encryption and randomization for obtaining server end transmission, the One file and output policy;
Authentication module 21, it is legal for being carried out according to first file and output policy to the output of first webpage Property verifying;
It wherein, include key and randomized marker in first file.
Optionally, the authentication module 21 includes:
First authentication unit 211, for obtaining the key in first file, the first net according to the key pair The label and tag attributes of page carry out legitimate verification;
Second authentication unit 212, for obtaining the randomized marker in first file, according to the randomized marker Legitimate verification is carried out to the dynamic data of first webpage;
Processing unit 213 does not pass through legitimate verification for the label and label data when first webpage, then basis The rule formulated in the output policy determines whether the static data allows to export;It is also used to moving when first webpage State data do not pass through legitimate verification, then determine whether the dynamic data allows according to the rule formulated in the output policy Output.
Optionally, the processing unit 213 can be also used for passing through conjunction when the label and label data of first webpage Method verifying, also, the dynamic data of first webpage passes through legitimate verification, it is determined that and first webpage allows defeated Out.
Optionally, the label and tag attributes of first authentication unit 211, first webpage according to the key pair Carrying out legitimate verification can refer to:
The first webpage according to the key pair is decrypted;
For first auto-building html files the first DOM Document Object Model dom tree after decryption;The original web page sent for server end Generate the second dom tree;If the first dom tree and the 2nd DOM successful match, the label and label data of first webpage are logical Cross legitimate verification;If the matching of the first dom tree is unsuccessful, it is legal that the label and label data of first webpage do not pass through Property verifying;
It is legal that second authentication unit 212 is carried out according to dynamic data of the randomized marker to first webpage Property verifying can refer to:
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first net The dynamic data of page passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage are marked Know inconsistent, then the dynamic data of first webpage does not pass through legitimate verification.
Through the above technical solutions, can guarantee the integrality of document, webpage is effectively prevent to be tampered;Meanwhile passing through finger Determine output policy, it is more flexible to can be webpage output;In addition, webpage verification using data-hiding technology is executed by server-side proxy, it is not necessarily to client The support of browser.
As shown in fig. 6, the present embodiment also provides a kind of verifying system 3, the verifying system 2 includes aforementioned any described Server 1 and aforementioned any agent equipment 2.
Example one
The verification method of the application is further illustrated below by example.
Originally following object can be related to by showing: server end, server-side proxy
1, server end
In this example, server end can be used for in original web page all labels and its attribute encrypt, simultaneously It can be obtained by Get (from specified resource request data)/Post (resource of Xiang Zhiding submits data to be processed) mode The dynamic data of family input is taken, and adds randomized marker before these dynamic datas.Server end is also formulated for clothes The policy document for device administrator configurations of being engaged in.
In this example, key and randomized marker can be stored in the specified file of server end, and specified to this File is encrypted.
The server end that the application is further illustrated below operates.
(1) in original web page all labels and its attribute encrypt.
The function can be effectively prevented static state for label trusted in original web page and its attribute to be encrypted Change the XSS attack of file structure.Meanwhile trusted label and its attribute in original web page can be prevented to be tampered.It can be with Above-mentioned function is realized by following procedure:
Input:An HTML document d
Output:The document d after encryption
begin
for Tag t∈d do
for Attribute a∈t do
A=DES (key)
end
T=DES (key)
end
File.write (key, a) // key is stored in file a
end
(2) dynamic data of user is obtained, and adds randomized marker before dynamic data.
The function is used for Dynamic Tracking Data stream.When client submits data, server end is according to Get/ Post mode obtains dynamic data.It is performed before in dynamic data, randomized marker is carried out to its prefix.It can be by following Program realizes above-mentioned function:
Input:The document d after encryption
Output:The document d after prefix randomization
begin
String t=GET (dynamic data)
Random rdm=new Random ();
Int i=rdm.Next (N);//N is random number range
String t=i.toString ()+t;
File.write (t, a) // randomized marker prefix is stored in file a
end
(3) policy document configured for server administrators is formulated.
In this example, policy document carries out legitimate verification to the output of webpage for server-side proxy.Strategy text Shelves, which can be, formulates some rules, to allow or refuse the execution of certain codes, for example, can permit in policy document it is certain not The execution etc. of trusted data.
The webpage that has been encrypted and has been randomized when server end, storage have the file A of key and randomization mark prefix When being transferred to server-side proxy, server-side proxy identifies dynamic data in prefix and webpage using the randomization in file A Randomization mark prefix matched.If successful match, illustrate that the data are trusty;If matching is unsuccessful, in net Page before exporting, judged according to the rule in policy document the data whether trusted.The format of policy document can be with The configuration documentation of firewall is similar.
Above-mentioned function can be realized by following procedure:
#Restrict untrusted content to safe subset of HTML
#Declare the names of trust classes
PrefixName trusted
#Policy for trusted content
Allow//trusted:*# allows all elements
Allow//trusted:@* # allows all properties
The strategy of the not trusted content of #Policy for untrusted content
#Allow safe elements
allow//untrusted:b
allow//untrusted:i
allow//untrusted:u
allow//untrusted:s
allow//untrusted:pre
#Fail-safe defaults
deny//*#Deny all elements
deny//@*#Deny all attributes
2, server-side proxy
In this example, server-side proxy is used to check the integrality of original web page.
Server-side proxy gets Html webpage (all labels and its attribute quilt of the webpage of response from server end Encryption, dynamic data are coupled with randomization prefix mark) after, the file A sent from server end is decrypted, Therefrom extract key and randomization prefix mark.It is decrypted using the Html webpage that key pair responds, after decryption Html generates corresponding dom tree.Meanwhile corresponding dom tree is also generated to the original web page sent from server end, it matches This two dom trees.If matching is unsuccessful, illustrate that the label and its attribute in original web page are tampered with, then to backup server Send the request of request original web page;If successful match, it can guarantee the execution of the static part of original web page.
Followed by the randomization prefix mark extracted, to judge the legitimacy of dynamic data.If before dynamic data It is consistent with the randomization prefix mark extracted to sew mark, then illustrates that the dynamic data is trusty;If before dynamic data Sew mark and the randomization prefix extracted mark is inconsistent, is then determined whether according to the corresponding strategies in policy document The generation of the dynamic data.
(1) the Html webpage of response is decrypted.The function and above-mentioned encryption are corresponding.It can be by following Program realizes the function:
Input:The document d after encryption
Output:An HTML document d
begin
for Tag t∈d do
for Attribute a∈t do
A=DES (key)
end
T=DES (key)
end
end
(2) by the corresponding dom tree of Html auto-building html files.
The function for comparing two Html web document structures, thus come judge Html webpage static part whether by It is tampered.The function can be realized by following procedure:
Bool matchDOM (rootNode1, rootNode2)
{
if(rootNode1!=rootNode2)
{
Request (" original web page ");
return false;
}
else
{
For (int i=0;Int j=0;I < rootNode1.ChildNodes&&
J < root-Node2.ChildNodes;I++, j++)
{
if(rootNode1.ChildNodes[i]!=rootNode2.ChildNodes [j])
{
Request (" original web page ");
Return false;
Break;
}
else
Continue;
}
return true;
}
(3) legitimate verification of webpage dynamic part.
The function can use the legitimacy that randomization prefix mark carries out webpage dynamic part with policy document jointly and test Card.The function can be realized by following procedure:
Input:The document d after prefix randomization
Output:TRUE if prefix from file a equals the prefix of dynamic
data;otherwise depends on the policy p.If p allow the dynamic
Data, return true;otherwise false.
begin
String prefix=decryp (key, a) .prefix//from file a extract with
Machine prefix mark;
If (prefix==Get (dynamic data) .prefix)
return true;
else
for Rule r∈p.rules do
If (Get (dynamic data) .prefix) .action==r.action) //r.acton
Equal to allow or deny
return true;
else
return false;
end
end
end
As shown in fig. 7, this exemplary verification method includes:
Step S200, server end formulates output policy;
Step S201, server end responds webpage;
Step S202, server end encrypts all labels and tag attributes of response webpage;
Step S203, server end adds randomized marker before the dynamic data of response webpage;
Step S204, key and randomized marker are stored in the first file by server end, and are carried out to the first file Encryption;
Step S205, server end is by the first webpage, the first file and the output after encryption and randomization Strategy is sent to server-side proxy;
Step S206, server-side proxy obtains the key in first file, first according to the key pair Webpage is decrypted;
It step S207, is the first auto-building html files the first DOM (Document Object Model, the document object after decryption Model) tree;The second dom tree is generated for the original web page that server end is sent;
Step S208, the first dom tree and the 2nd DOM are matched, if the first dom tree and the 2nd DOM successful match, Then follow the steps S209;If the first dom tree matches unsuccessful with the 2nd DOM, S210 is thened follow the steps;
Step S209, judge whether the rule formulated in output policy allows the static data to export;If exporting plan The rule formulated in slightly allows the static data to export, then goes to step S220, if the rule formulated in output policy does not permit Perhaps the described static data output, then go to step S221;
Step S210, server-side proxy obtains the randomized marker in first file;
Step S211, it is consistent to judge that the prefix mark of the dynamic data of the first webpage and the randomization identify whether, such as Prefix mark and the randomization of the dynamic data of the first webpage of fruit identify, and then follow the steps S220;If first net The prefix mark and randomization mark of the dynamic data of page are inconsistent, then follow the steps S212;
The dynamic data of first webpage does not pass through legitimate verification.If the dynamic data of first webpage does not lead to Legitimate verification is crossed, then determines whether the dynamic data allows to export according to the rule formulated in the output policy.
Step S212, judge whether the rule formulated in output policy allows the dynamic data to export;If exporting plan The rule formulated in slightly allows the dynamic data to export, then goes to step S220;If the rule formulated in output policy does not permit Perhaps the described dynamic data output, then go to step S221;
Step S220, judge whether the static data of the first webpage allows to export, also, the dynamic data of the first webpage is No to allow to export, if the static data of the first webpage allows to export, also, the dynamic data of the first webpage also allows to export, Then go to step S222;If the static data of the first webpage does not allow to export, and/or, the dynamic data of the first webpage does not allow Output, then go to step S221.
Step S221, abnormality processing.
Through the above technical solutions, can guarantee the integrality of document, webpage is effectively prevent to be tampered;Meanwhile passing through finger Determine output policy, it is more flexible to can be webpage output;In addition, webpage verification using data-hiding technology is executed by server-side proxy, it is not necessarily to client The support of browser.
Those of ordinary skill in the art will appreciate that all or part of the steps in the above method can be instructed by program Related hardware is completed, and described program can store in computer readable storage medium, such as read-only memory, disk or CD Deng.Optionally, one or more integrated circuits also can be used to realize, accordingly in all or part of the steps of above-described embodiment Ground, each module/unit in above-described embodiment can take the form of hardware realization, can also use the shape of software function module Formula is realized.The application is not limited to the combination of the hardware and software of any particular form.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.

Claims (17)

1. a kind of verification method is applied to server end, which is characterized in that the described method includes:
The webpage of response is encrypted and randomization;
The first webpage, the first file and output policy after encryption and randomization is sent to server end generation Reason so that the server-side proxy according to first file and output policy to the encryption and randomization after Webpage static data and dynamic data carry out legitimate verification;
It wherein, include key and randomized marker in first file.
2. verification method as described in claim 1, which is characterized in that the net by after encryption and randomization Page, the first file and output policy are sent to before server-side proxy, the method also includes:
Formulate the output policy.
3. verification method as described in claim 1, which is characterized in that the webpage of described pair of response is encrypted and at random Change is handled
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
4. verification method as described in claim 1, it is characterised in that:
First file is the file by encryption.
5. a kind of verification method is applied to server-side proxy, which is characterized in that the described method includes:
Obtain server end send encryption and randomization after the first webpage,
First file and output policy;
Legitimate verification is carried out to the output of first webpage according to first file and output policy;
It wherein, include key and randomized marker in first file.
6. method as claimed in claim 5, which is characterized in that it is described according to first file and output policy to described The output of one webpage carries out legitimate verification
The key in first file is obtained, the label of the first webpage and tag attributes according to the key pair are closed Method verifying;
The randomized marker in first file is obtained, according to the randomized marker to the dynamic data of first webpage Carry out legitimate verification;
If the label and label data of first webpage do not pass through legitimate verification, formulated according in the output policy Rule determine whether the static data allows to export;
If the dynamic data of first webpage does not pass through legitimate verification, according to the rule formulated in the output policy Determine whether the dynamic data allows to export.
7. method as claimed in claim 6, which is characterized in that it is described according to first file and output policy to described The output of one webpage carries out legitimate verification further include:
If the label and label data of first webpage pass through legitimate verification, also, the dynamic number of first webpage According to passing through legitimate verification, it is determined that first webpage allows to export.
8. method as claimed in claim 6, it is characterised in that:
The label and tag attributes of first webpage according to the key pair carry out legitimate verification
The first webpage according to the key pair is decrypted;
For first auto-building html files the first DOM Document Object Model dom tree after decryption;It is generated for the original web page that server end is sent Second dom tree;If the first dom tree and the 2nd DOM successful match, the label and label data of first webpage pass through conjunction Method verifying;If the matching of the first dom tree is unsuccessful, the label and label data of first webpage are not tested by legitimacy Card;
It is described to include: according to dynamic data progress legitimate verification of the randomized marker to first webpage
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first webpage Dynamic data passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage identify not Unanimously, then the dynamic data of first webpage does not pass through legitimate verification.
9. a kind of server, which is characterized in that the server includes:
First processing module, for the webpage of response being encrypted and randomization;
Second processing module, for by the first webpage, the first file and the output policy after encryption and randomization Be sent to server-side proxy so that the server-side proxy according to first file and output policy to the encryption at The output of webpage after reason and randomization carries out legitimate verification;
It wherein, include key and randomized marker in first file.
10. server as claimed in claim 9, it is characterised in that:
The first processing module is also used to webpage, the first file and the output plan after encryption and randomization It is slightly sent to before server-side proxy, formulates the output policy.
11. server as claimed in claim 9, which is characterized in that the first processing module be used for the webpage of response into Row encryption and randomization refer to:
All labels and tag attributes of the webpage of the response are encrypted;
Randomized marker will be added before the dynamic data of the webpage of the response.
12. server as claimed in claim 9, it is characterised in that:
First file is the file by encryption.
13. a kind of agent equipment, which is characterized in that the agent equipment includes:
Receiving module, the first webpage after encryption and randomization, the first file for obtaining server end transmission And output policy;
Authentication module is tested for carrying out legitimacy to the output of first webpage according to first file and output policy Card;
It wherein, include key and randomized marker in first file.
14. agent equipment as claimed in claim 13, which is characterized in that the authentication module includes:
First authentication unit, for obtaining the key in first file, the mark of the first webpage according to the key pair Label and tag attributes carry out legitimate verification;
Second authentication unit, for obtaining the randomized marker in first file, according to the randomized marker to described The dynamic data of first webpage carries out legitimate verification;
Processing unit does not pass through legitimate verification for the label and label data when first webpage, then according to described defeated The rule formulated in strategy out determines whether the static data allows to export;It is also used to the dynamic data when first webpage Not by legitimate verification, then determine whether the dynamic data allows to export according to the rule formulated in the output policy.
15. agent equipment as claimed in claim 14, it is characterised in that:
The processing unit is also used to pass through legitimate verification when the label and label data of first webpage, also, described The dynamic data of first webpage passes through legitimate verification, it is determined that first webpage allows to export.
16. agent equipment as claimed in claim 14, it is characterised in that:
First authentication unit label of the first webpage according to the key pair and tag attributes carry out legitimate verification Refer to:
The first webpage according to the key pair is decrypted;
For first auto-building html files the first DOM Document Object Model dom tree after decryption;It is generated for the original web page that server end is sent Second dom tree;If the first dom tree and the 2nd DOM successful match, the label and label data of first webpage pass through conjunction Method verifying;If the matching of the first dom tree is unsuccessful, the label and label data of first webpage are not tested by legitimacy Card;
Second authentication unit carries out legitimate verification according to dynamic data of the randomized marker to first webpage Refer to:
If the prefix mark of the dynamic data of first webpage is consistent with randomization mark, first webpage Dynamic data passes through legitimate verification;If prefix mark and the randomization of the dynamic data of first webpage identify not Unanimously, then the dynamic data of first webpage does not pass through legitimate verification.
17. a kind of verifying system, it is characterised in that:
The system comprises as described in claim 9 to 12 is any server and 13 to 16 it is any as described in agent equipment.
CN201910278432.1A 2019-04-09 2019-04-09 A kind of verification method, equipment and system Pending CN109962926A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910278432.1A CN109962926A (en) 2019-04-09 2019-04-09 A kind of verification method, equipment and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910278432.1A CN109962926A (en) 2019-04-09 2019-04-09 A kind of verification method, equipment and system

Publications (1)

Publication Number Publication Date
CN109962926A true CN109962926A (en) 2019-07-02

Family

ID=67025861

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910278432.1A Pending CN109962926A (en) 2019-04-09 2019-04-09 A kind of verification method, equipment and system

Country Status (1)

Country Link
CN (1) CN109962926A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101599118A (en) * 2009-06-26 2009-12-09 华中师范大学 Html web page is distorted and is detected and localization method
CN101635622A (en) * 2008-07-24 2010-01-27 阿里巴巴集团控股有限公司 Method, system and equipment for encrypting and decrypting web page
CN102546576A (en) * 2010-12-31 2012-07-04 北京启明星辰信息技术股份有限公司 Webpagehanging trojan detecting and protecting method and system as well as method for extracting corresponding code
US20140139318A1 (en) * 2012-11-21 2014-05-22 Ca, Inc. Mapping Biometrics To A Unique Key

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101635622A (en) * 2008-07-24 2010-01-27 阿里巴巴集团控股有限公司 Method, system and equipment for encrypting and decrypting web page
CN101599118A (en) * 2009-06-26 2009-12-09 华中师范大学 Html web page is distorted and is detected and localization method
CN102546576A (en) * 2010-12-31 2012-07-04 北京启明星辰信息技术股份有限公司 Webpagehanging trojan detecting and protecting method and system as well as method for extracting corresponding code
US20140139318A1 (en) * 2012-11-21 2014-05-22 Ca, Inc. Mapping Biometrics To A Unique Key

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘海等: "防范 XSS 攻击的研究综述", 《计算机与现代化》 *

Similar Documents

Publication Publication Date Title
Gupta et al. XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud
Gupta et al. Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud
Gupta et al. Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network
Lekies et al. 25 million flows later: large-scale detection of DOM-based XSS
Van Gundy et al. Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks.
Shar et al. Automated removal of cross site scripting vulnerabilities in web applications
Van Gundy et al. Noncespaces: Using randomization to defeat cross-site scripting attacks
US8800042B2 (en) Secure web application development and execution environment
Shema Hacking web apps: detecting and preventing web application security problems
Shema Seven deadliest web application attacks
Chaudhary et al. A novel framework to alleviate dissemination of XSS worms in online social network (OSN) using view segregation.
Choudhary et al. CIDT: Detection of malicious code injection attacks on web application
Gupta et al. Evaluation and monitoring of XSS defensive solutions: a survey, open research issues and future directions
Yang et al. Toward principled browser security
Wu et al. Web security: a whitehat perspective
Panja et al. Handling cross site scripting attacks using cache check to reduce webpage rendering time with elimination of sanitization and filtering in light weight mobile web browser
Calzavara et al. Micro-policies for web session security
Jovičić et al. Common web application attack types and security using asp. net
CN109962926A (en) A kind of verification method, equipment and system
Raj et al. An SQL injection defensive mechanism using reverse insertion technique
Oz et al. (In) Security of File Uploads in Node. js
Niemietz et al. Over 100 Bugs in a Row: Security Analysis of the Top-Rated Joomla Extensions
Reintjes et al. a Benchmark Approach To Analysis the Security of Web Frameworks
Ingle et al. Attacks on web based software and modelling defence mechanisms
Norberg Advanced ASP .NET Core 3 Security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190702