CN110392022A

CN110392022A - A kind of network resource access method, computer equipment, storage medium

Info

Publication number: CN110392022A
Application number: CN201810355317.5A
Authority: CN
Inventors: 武倩如; 夏辉; 陆全
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2018-04-19
Filing date: 2018-04-19
Publication date: 2019-10-29
Anticipated expiration: 2038-04-19
Also published as: CN110392022B

Abstract

The embodiment of the present application discloses a kind of network resource access method and device.The described method includes: obtaining the first session information of preservation corresponding with the server identification of Resource Server, first session information is added to network resource request, and network resource request is initiated according to resource address, server is allowed to determine whether access Internet resources according to the first session information, then when resource address is stolen, if there is no the first session information in network resource request, or first session information show that resource content request end and resource address requests end are not same, Internet resources can not be just accessed, that is, it may determine whether to allow to access Internet resources according to the first entrained session information, the injurious act that Internet resources can be usurped by resource address is prevented, avoid the waste of server resource.

Description

A kind of network resource access method, computer equipment, storage medium

Technical field

This application involves technical field of data processing, and in particular to a kind of network resource access method, one kind, Internet resources Processing method, a kind of computer equipment, a kind of computer readable storage medium.

Background technique

With the development of internet technology, the resources such as video, the picture that user can obtain from network are more and more.And it provides When the supplier in source provides a user these resources, need to expend storage resource, bandwidth resources etc..

Applicant it has been investigated that, there is a kind of " stealing chain " behavior, by the resource stolen to final on the website of oneself User provides." stealing chain " server itself does not provide the resources such as video, picture, but passes through technological means from the net for possessing resource Link is stolen in standing, and provides the resource of aggrieved website to end user on the website of oneself, gains the browsing of end user by cheating And click, and " stealing chain " server does not provide resource or provides seldom resource." stealing chain " behavior provides money to real for user The supplier in source causes to seriously affect.

The prior art lacks the technical solution of effectively discovery " stealing chain " behavior.

Summary of the invention

In view of the above problems, it proposes on the application overcomes the above problem or at least be partially solved in order to provide one kind State network resource access method, network resource processing method and computer equipment, the computer readable storage medium of problem.

According to the one aspect of the application, a kind of network resource access method is provided, comprising:

The first session information of preservation corresponding with the server identification of Resource Server is obtained, first session information is used In the first session for marking the Resource Server and resource content request end；

First session information is added to network resource request, to be according to entrained the first session information determination It is no to allow to access Internet resources；

The network resource request is initiated according to resource address.

Optionally, before first session information for obtaining preservation corresponding with the server identification of Resource Server, The method also includes:

The second session information that resource address and Resource Server provide is obtained, second session information is for marking Second session at the Resource Server and resource address requests end and target resource, the resource address requests end include money Source contents request end or intermediate server.

Optionally, before the network resource request according to resource address initiation, the method also includes:

Second session information is added to the network resource request, in conjunction with first session information and second Session information determines whether access Internet resources.

Obtain the third session information that Resource Server provides, wherein the third session information is for marking the money Second session of source server and resource address requests end.

Optionally, the resource address requests end includes resource content request end or intermediate server, when the resource When location request end includes resource content request end, the third session information is identical as the first session information, when the resource When location request end includes intermediate server, the third session information is different from the first session information.

Optionally, the method also includes:

By third session information preservation corresponding with the server identification that resource address provides end, the resource address is mentioned It include intermediate server or Resource Server for end.

Optionally, the server identification includes domain name, and the third session information carries information write instruction, described to incite somebody to action The third session information provides corresponding save of the server identification at end with resource address

The resource address is written into the third session information by the execution information write instruction, the domain at end is provided The corresponding storage location of name.

Optionally, the information write instruction includes set cookie instruction.

Correspondingly, according to the another aspect of the application, a kind of network resource processing method is additionally provided, comprising:

Receive network resource request；

The first session information that the network resource request carries is obtained, first session information takes for markup resources The server identification of first session of business device and resource content request end, first session information and the Resource Server exists The resource content request end is corresponding to be saved；

Access Internet resources are determined whether according to first session information.

Optionally, described to determine whether that access Internet resources include: according to first session information

Determine whether first session information is non-empty information, if so, allowing to access Internet resources.

Optionally, the network resource request also carries the second session information, and second session information is for marking institute State the second session of Resource Server Yu resource address requests end, the resource address requests end include resource content request end or Intermediate server；

It is described to determine whether that access Internet resources include: according to first session information

Identify whether first session information matches with the second session information.

Optionally, second session information includes the resource identification of Internet resources, identification the first session letter Cease with whether the second session information matches and includes:

The 4th session information is generated according to resource identification and the second session information；

Determine whether the 4th session information and the first session information are consistent.

Optionally, the method also includes:

Identify whether second session information meets presupposed information rule.

Optionally, before receiving network resource request, the method also includes:

Receive resource address acquisition request；

It generates the second session information and is supplied to resource address requests end.

Optionally, the second session information of the generation includes:

Second session information is determined according to resource address requests client information and target resource identifier.

Correspondingly, according to the another aspect of the application, a kind of computer equipment, including memory, processor are additionally provided And store the computer program that can be run on a memory and on a processor, which is characterized in that described in the processor executes The method such as above-mentioned one or more is realized when computer program.

Correspondingly, according to the another aspect of the application, a kind of computer readable storage medium is additionally provided, is stored thereon with Computer program, which is characterized in that the method such as above-mentioned one or more is realized when the program is executed by processor.

According in the embodiment of the present application, pass through the first session of acquisition preservation corresponding with the server identification of Resource Server First session information is added to network resource request, and initiates network resource request according to resource address by information, so that Server can determine whether access Internet resources according to the first session information, then when resource address is stolen, If there is no the first session information or the first session information to show resource content request end and resource address in network resource request Request end be not it is same, Internet resources can not be just accessed, that is to say, that can be true according to the first entrained session information It is fixed whether to allow to access Internet resources, the injurious act that can usurp Internet resources by resource address has been prevented, has been avoided The waste of server resource.

Further, by the way that the second session information is added to network resource request, in conjunction with first session information and Second session information determines whether access Internet resources, realizes and compares resource content request end and resource address requests end It is whether same, if it is same, then the case where stealing resource address there is no intermediate server, then allow to access network Resource further ensures that the case where there is no steal resource address, improves prevention when the first session information is not empty data Usurp the accuracy of the injurious act of Internet resources.

Above description is only the general introduction of technical scheme, in order to better understand the technological means of the application, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects, features and advantages of the application can It is clearer and more comprehensible, below the special specific embodiment for lifting the application.

Detailed description of the invention

By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the application Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:

Fig. 1 shows the schematic diagram of network resource accession process；

Fig. 2 shows the flow charts according to a kind of network resource access method embodiment of the embodiment of the present application one；

Fig. 3 shows a kind of flow chart of network resource access method embodiment according to the embodiment of the present application two；

Fig. 4 shows a kind of flow chart of network resource processing method embodiment according to the embodiment of the present application three；

Fig. 5 shows a kind of flow chart of network resource processing method embodiment according to the embodiment of the present application four；

Fig. 6 shows the schematic diagram that Internet resources are accessed when being stolen there is no resource address；

Fig. 7 shows the schematic diagram that Internet resources are accessed when being stolen there are resource address；

Fig. 8 shows the schematic diagram of the treatment process of Internet resources；

Fig. 9 shows vod server to the schematic diagram of the treatment process of Internet resources；

Figure 10 shows CDN server to the schematic diagram of the treatment process of Internet resources；

Figure 11 shows a kind of structural block diagram of network resource accession Installation practice according to the embodiment of the present application five；

Figure 12 shows a kind of structural block diagram of Internet resources processing device embodiment according to the embodiment of the present application six；

Figure 13 shows the exemplary system that can be used for realizing each embodiment described in the disclosure.

Specific embodiment

Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure It is fully disclosed to those skilled in the art.

To make those skilled in the art more fully understand the application, below to this application involves concept be illustrated:

Internet resources include the resource of the diversified forms such as video, picture, text, sound, can specifically include arbitrary form Network on various resources, the embodiment of the present application is without limitation.For example, the various programs provided in video-on-demand platform Video resource.

Internet resources can be acquired by resource address, and resource address is used to establish connection transport network resources, for example, When video on demand, the actual play address of program video.In this application, requested Internet resources are denoted as target resource.

Internet resources are provided by Resource Server onto network.Resource Server includes providing the service of Internet resources Device, or the server of the resource address of Internet resources is provided.The server of Internet resources is provided and the money of Internet resources is provided The server of source address can be the same server, be also possible to different servers.For example, in video on demand scene, visitor Family end is the resource address that program video is obtained from the server (i.e. Resource Server) of video on demand website, but video is practical deposits On CDN (Content Delivery Network, content distributing network) server, program video is from CDN server for storage It is transferred to client, wherein Resource Server only provides the resource address of Internet resources, and accessible according to resource address CDN server obtains the Internet resources stored thereon.

The client or server of Internet resources will be requested access to, is denoted as resource content request end.For example, video on demand field Jing Zhong, accesses the client of Internet resources according to resource address or server is resource content request end.It is worth noting that depositing In some " stealing chain website " for the website for possessing Internet resources, " stealing chain website " itself does not provide Internet resources, passes through skill Art means steal resource address from the website for possessing Internet resources, and provide a user Internet resources on " stealing chain website ".In In this case, the web site requests resource address of Xiang Yongyou Internet resources be " steal chain website " server, and according to resource What address accessed Internet resources is the client of user, i.e. resource content request end.This " stealing chain " means are to data source website Caused by loss include: the bandwidth resources for wasting server, storage resource has invaded its copyright, has reduced and brought by resource Advertising income etc..

Network resource request is initiated according to resource address in resource content request end, and network resource request can be to resource service Device is initiated, and can also initiate to the server of actual storage Internet resources or any other applicable server, the application are real It is without limitation to apply example.For example, client obtains the resource address of program video, if resource address in video on demand scene It is Resource Server address, then client initiates the network resource request of program video according to resource address to Resource Server, To obtaining Internet resources, if resource address is the address of the server of actual storage Internet resources in CDN, client according to Resource address initiates the network resource request of program video to CDN server, to obtain Internet resources.

It is worth noting that provide resource address server and provide Internet resources server can be it is same, Or the server for the server and offer Internet resources for providing resource address is the different server under same domain name, Huo Zheti The server of server and offer Internet resources for resource address is the different server under different domain names, in above-mentioned scene Under, if there is no the first session information in verifying network resource request, if being asked according to the first session information verifying resource content It asks end and resource address requests end different, then finds there is " stealing chain " behavior, do not allow to provide Internet resources, otherwise can mention For Internet resources.

In a kind of alternative embodiment of the application, relative to Resource Server, the requesting terminal of resource address will be requested Or request server, it is denoted as resource address requests end.Resource address requests end includes resource content request end or intermediate server. Wherein, by the server between Resource Server and resource content request end, it is denoted as intermediate server, in other words, in resource Hold request end and request resource address to intermediate server, intermediate server requests resource address to Resource Server again.For example, view Frequency point is broadcast in scene, if client is that when obtaining the resource address of program video by video on demand website, resource is taken It is engaged in for device, resource address requests end is exactly client, if but client is to obtain program video by " stealing chain website " When resource address, then for Resource Server, resource address requests end is exactly the server of " stealing chain website ", i.e., intermediate clothes Business device.

In a kind of alternative embodiment of the application, relative to resource content request end, it will thus provide the service of resource address Device is denoted as resource address and provides end.It includes intermediate server or Resource Server that resource address, which provides end,.Work as resource content request End is when directly acquiring resource address from Resource Server, and it is exactly Resource Server that resource address, which provides end, when resource content is asked Asking end is when obtaining resource address by intermediate server, and for resource content request end, resource address provides end and is exactly Intermediate server.For example, in video on demand scene, if client is from the resource for being video on demand website acquisition program video When location, then for resource content request end, resource address provide end be exactly Resource Server, if but client be from When " stealing chain website " obtains the resource address of program video, then for resource content request end, resource address provides end just It is the server of " stealing chain website ", i.e. intermediate server.

Session may include this acquisition process that client is directed to Internet resources.It or also may include a client With the entire interactive process between a server, one has been begun to when a user end to server sends a request Session, when client clearly terminates session or server within a predefined time limit not from any request of client receiving When, session just finishes.If direct interactive process is not present between client and server, between client and server not There are sessions.

In the application, session between Resource Server and resource content request end is denoted as the first session.Resource Server With the session between resource address requests end, it is denoted as the second session.It is worth noting that when resource content request end and resource When location request end is same, the first session is exactly that the second session, otherwise the first session and the second session are different two meetings Words.

For example, opening a net of video on demand website on browser (resource content request end) in video on demand scene Page is to the whole process for closing the webpage, i.e., a session between browser and the Resource Server of video on demand website, i.e., First session；If intermediate server is not present between resource content request end and Resource Server, that is to say, that resource content is asked Ask end and resource address requests end be it is same, then the first session is exactly the second session, if but resource content request end and resource There are intermediate servers between server, i.e., the webpage that intermediate server provides are opened on browser, intermediate server is again Resource address is requested to Resource Server, then the interactive process between intermediate server and Resource Server is a session, That is session is then not present in the second session between browser and Resource Server.

Session information for one session of one session of label or label and target resource or it is any other can The information of session is marked, the embodiment of the present application is without limitation.Session information is by Resource Server according to directly communicating with Client or server between the session that occurs generate, and feed back to resource content request end, if there is intermediate server, then It is that resource content request end is fed back to by intermediate server.

For example, client opens a webpage of video on demand website in video on demand scene, a session is opened, To the resource address of the server request program video of video on demand website, server is believed according to the user of the client received The mark of breath and program video generates the first session information to mark current session.

In this application, the first session information is used for the first session of label, and the second session information is used for the second session of label And target resource, third session information are used for the second session of label.

In order to mark the source of session information, needed when storing session information corresponding with the server identification of origin server It saves.Server identification includes that domain name, unique identification or any other applicable mark, the embodiment of the present application do not do this Limitation.

In a kind of alternative embodiment of the application, need through execution information write instruction, session information is written.Letter Breath write instruction includes mode, the position of write-in etc. of write-in, and the embodiment of the present application is without limitation.For example, by third meeting It talks about information write-in resource address and the corresponding storage location of domain name at end is provided.

In a kind of alternative embodiment of the application, set cookie instruction includes the finger write data into cookie It enables.Cookie is certain websites to distinguish user identity, conversate status tracking and be stored on user local terminal Data (generally go through encryption).For example, executing set cookie instruction, it can make the first session information that Resource Server pair be written In cookie under the domain name answered.

According to a kind of embodiment of the application, for the Internet resources that Resource Server possesses, " link network is stolen there are some Stand ", resource address is stolen from Resource Server, and provide a user Internet resources on " stealing chain website ".Net as shown in Figure 1 The schematic diagram of network resource access process, this application provides a kind of network resource accession mechanism at resource content request end, pass through First session information is added to network money by the first session information for obtaining preservation corresponding with the server identification of Resource Server Source request initiates network resource request according to resource address, then when resource address is stolen, if not having in network resource request Have the first session information or the first session information show resource content request end and resource address requests end be not it is same, Internet resources can not be just accessed, that is to say, that may determine whether to allow to access net according to the first entrained session information Network resource has prevented the injurious act that Internet resources can be usurped by resource address, avoids the waste of server resource. The application is applicable in but is not limited to above-mentioned application scenarios.

Referring to Fig. 2, a kind of flow chart of network resource access method embodiment according to the embodiment of the present application one is shown, This method can specifically include following steps:

Step 101, the first session information of preservation corresponding with the server identification of Resource Server is obtained.

In the embodiment of the present application, the first session information is for markup resources server and the first of resource content request end Session, the first session information are save corresponding with the server identification of Resource Server.

In the access process of Internet resources, resource address, resource are first requested to Resource Server in resource content request end Resource address and the first session information are returned to resource content request end by server, take resource on resource content request end The server identification of business device is corresponding with the first session information to be saved.

Wherein, the first session information, which can be, is generated by Resource Server according to the identification information at resource content request end , such as user information, the unique identification at resource content request end etc., the server for being also possible to provide Internet resources can verify that Other information, but session that need to be different using different information flags, for example, one generated when Session Time, session with First session information of mark and random number of machine number or Internet resources etc. or any other service form, the application are real It is without limitation to apply example.

In the embodiment of the present application, the first session is the session between Resource Server and resource content request end, resource Content requests end can only be saved the first session information is corresponding with the server identification of Resource Server, without will be with other The session information that server conversates is corresponding with the server identification of Resource Server to be saved.

For example, in video on demand scene, resource of the resource content request end to Resource Server request Internet resources Location, then by the preservation corresponding with the server identification of Resource Server of the first session information, so as to the first session of subsequent follow-up letter Breath determines whether access Internet resources.

Step 102, first session information is added to network resource request, according to entrained the first session letter Breath determines whether access Internet resources.

In the embodiment of the present application, after getting the first session information, the first session information is added to Internet resources and is asked It asks.Network resource request is from resource content request end to the CDN server or Resource Server for distribution network resource It sends.First session information can be according to network resource request from resource content request end to CDN server or resource Server is sent or CDN server or Resource Server are read according to network resource request from resource content request end 's.When practical operation, there are two kinds of situations to need to be illustrated respectively:

It is if the first session information can not be got, i.e., corresponding with the server identification of Resource Server to protect in a kind of situation The content deposited is empty data, then then is determining whether to visit just without carrying the first session information in network resource request When asking Internet resources, you can't get permissions.For example, resource content request end is not directly to money under video on demand scene Source server requests the resource address of Internet resources, but intermediate server requests resource address to Resource Server, then in Between server resource address is transmitted to resource content request end, since resource content request end is not turned on Resource Server First session is obtaining first after the first session information that preservation corresponding with the server identification of Resource Server may be not present When session information, the first session information can not be got.

In another case, showing that resource content request end and Resource Server are opened if getting the first session information The first session is crossed, then the first session information is just carried in network resource request, then according to the actual content of the first session information To determine whether that the second session information is added to Internet resources for example, obtaining the second session information by access Internet resources In request, Resource Server or CDN server identify whether the first session information and the second session information match, if matching, Resource address requests end and resource content request end be it is same, then the first session is exactly the second session, that is to say, that resource The case where location request end is not intermediate server, steals resource address there is no " stealing chain website ", then allows to access network money Source.

Step 103, the network resource request is initiated according to resource address.

In the embodiment of the present application, the server where Internet resources, resource content can be found according to resource address Request end network resource request is initiated according to resource address.If Internet resources are stored in Resource Server, resource address is resource The address of server or Resource Server cluster, then network resource request is sent to Resource Server, if Internet resources store The address of CDN server in CDN server, resource address, then network resource request is sent to CDN server.By resource Server or CDN server determine whether to access Internet resources according to the first session information.

In a kind of embodiment of the application, optionally, save corresponding with the server identification of Resource Server is being obtained The first session information before, can also include: the second session information for obtaining resource address and Resource Server and providing.

Wherein, the second session information is used for the second session and target of markup resources server and resource address requests end Resource, resource address requests end include resource content request end or intermediate server.For Resource Server, resource content Request end or intermediate server all may be resource address requests end.If resource address requests end is same with resource content request end At one, then the second session is exactly the first session, if but resource address requests end when being intermediate server, just and in resource It is not same for holding request end, then the second session is not just same with the first session.

In one implementation, the second session information can also only markup resources server and resource address requests end Second session, and in addition the label of target resource can be sent between resource content request end and Resource Server.

It is not this request Internet resources there is also the first session information when the first session information obtained is not sky data Shi Baocun's or the first session information be not the case where Resource Server is sent, then need according to the first session information Access Internet resources are determined whether with whether the second session information matches.

In the access process of Internet resources, resource content request end needs to obtain resource address, and from Resource Server Obtain the second session information, to initiate network resource request according to resource address later, and according to the first session information and Second session information determines whether access Internet resources.

In a kind of embodiment of the application, optionally, before initiating the network resource request according to resource address, It can also include: that the second session information is added to network resource request, in conjunction with first session information and the second session Information determines whether access Internet resources.

First session information is sent to Resource Server or CDN server by resource content request end, it is also necessary to by second Session information is added to network resource request, is sent to Resource Server or CDN server.Resource Server or CDN server After receiving the second session information, access network money can be determined whether in conjunction with the first session information and the second session information Source specifically can determine resource content request end according to the first session information, determine that resource address is asked according to the second session information It asks end, compares resource content request end and whether resource address requests end is same, if it is same, then taken there is no intermediate The case where business device steals resource address then allows to access Internet resources, when the first session information is not empty data, further Ensure the case where there is no steal resource address, improves the accuracy for preventing the injurious act for usurping Internet resources.

Referring to Fig. 3, a kind of flow chart of network resource access method embodiment according to the embodiment of the present application two is shown, This method can specifically include following steps:

Step 201, the third session information that Resource Server provides is obtained.

In the embodiment of the present application, third session information is for markup resources server and the second of resource address requests end Session.Third session information is that Resource Server provides, but resource content request end may be directly to obtain from Resource Server Take third session information, it is also possible to forward to obtain third session information through intermediate server.

For example, under video on demand scene, steal the injurious act of resource address if it does not exist, resource content request end to The Resource Server of video on demand website requests resource address, first to Resource Server have sent user information (User) and The mark (RID) of required target resource.Resource Server carries out Hash calculation to user information (User), generates third meeting It talks about information KeyCookie=hash (User), then to the mark of target resource (RID) and third session information KeyCookie Etc. information encrypted, obtain the second session information KeyQuery=encode (RID+KeyCookie), find target resource Identify (RID) corresponding resource address (URL).Then Resource Server is by resource address (URL), third session information KeyCookie value and the second session information KeyQuery value are sent to resource content request end.Resource content request termination receives After third session information KeyCookie, third session information KeyCookie value is stored under the domain name of video on demand website In browser cookie.

In another example under video on demand scene, steal the injurious act of resource address if it exists, resource content request end to Intermediate server requests resource address, and intermediate server requests resource address to Resource Server again, and intermediate server is to resource Server has sent the mark (RID) of intermediate server information (EvilServer) and required target resource.Resource clothes Device be engaged in intermediate server info (EvilServer) progress Hash calculation, generates third session information KeyCookieEvil= Hash (EvilServer), then to the information such as the mark of target resource (RID) and third session information KeyCookieEvil into Row encryption, obtains the second session information KeyQueryEvil=encode (RID+KeyCookieEvil), finds target resource Identify (RID) corresponding resource address (URL).Then Resource Server is by resource address (URL), third session information KeyCookieEvil value and the second session information KeyQueryEvil value are sent to intermediate server.Intermediate server forwards again After giving resource content request end, resource content request termination to receive third session information KeyCookieEvil, third session is believed Breath KeyCookieEvil value is stored in the browser cookie under the domain name of intermediate server.

In a kind of embodiment of the application, optionally, resource address requests end includes resource content request end or centre Server, when resource address requests end includes resource content request end, third session information is identical as the first session information, when When resource address requests end includes intermediate server, third session information is different from the first session information.

When resource address requests end and resource content request end are same, the second session is exactly the first session, so Third session information and the first session information are same.When resource address requests end and intermediate server are same, the Two sessions are different from the first session, so third session information is different from the first session information.

It can also include: by the third session information and resource address optionally in a kind of embodiment of the application The corresponding preservation of server identification at end is provided.

It includes intermediate server or Resource Server that resource address, which provides end,.For resource content request end, resource When address offer end is Resource Server, just by the preservation corresponding with the server identification of Resource Server of third session information, money When source address offer end is intermediate server, just by the preservation corresponding with the server identification of intermediate server of third session information.

When practical operation, using the origin policy (Same origin policy) of browser, browser is according to homologous plan Agreement slightly will be corresponding with the server identification of Resource Server for the third session information that Resource Server is sent It saves, for the third session information that intermediate server is sent, corresponding with the server identification of intermediate server will save.

In a kind of embodiment of the application, optionally, server identification includes domain name, and third session information carries information Save corresponding with the server identification that resource address provides end of the third session information be may include: to pass through by write instruction It executes the information write instruction resource address is written into the third session information and the corresponding storage of domain name at end is provided Position.

When resource content request end obtains third session information, corresponding information write instruction, execution information are also obtained Third session information is written to resource address and provides the corresponding storage location of domain name at end by write instruction.It is worth noting that Information write instruction from Resource Server corresponding can only deposit the domain name that Resource Server is written in third session information Storage space is set, and third session information can only be written to the domain name of intermediate server from the information write instruction of intermediate server Corresponding storage location.

Step 202, the first session information of preservation corresponding with the server identification of Resource Server is obtained.

In the embodiment of the present application, when resource address requests end and resource content request end are same, the first session Information is exactly third session information, and available to the first session information, that is to say acquisition is third session information.If can not Obtain the first session information, then illustrate the third session information obtained in step 201 not with the server mark of Resource Server Know corresponding save.

In the embodiment of the present application, the specific implementation of this step may refer to the description in previous embodiment, herein It does not repeat separately.

Step 203, first session information is added to network resource request, according to entrained the first session letter Breath determines whether access Internet resources.

Step 204, the network resource request is initiated according to resource address.

According in the embodiment of the present application, the third session information provided by obtaining Resource Server is obtained and is taken with resource Corresponding the first session information saved of the server identification of business device, is added to network resource request for first session information, And network resource request is initiated according to resource address, due to being same when resource address requests end and resource content request end When, third session information is exactly the first session information, and server is determined whether according to the first session information Internet resources are accessed, then when resource address is stolen, if there is no the first session information or first in network resource request Session information show resource content request end and resource address requests end be not it is same, Internet resources can not be just accessed, That is may determine whether to allow to access Internet resources according to the first entrained session information, prevent by resource Location can usurp the injurious act of Internet resources, avoid the waste of server resource.

Referring to Fig. 4, a kind of flow chart of network resource processing method embodiment according to the embodiment of the present application three is shown, This method can specifically include following steps:

Step 301, network resource request is received.

In the embodiment of the present application, the server of resource address instruction receives network resource request, can specifically include Resource Server, CDN server or any other applicable server, the embodiment of the present application are without limitation.

Step 302, the first session information that the network resource request carries is obtained.

In the embodiment of the present application, the first session information can be with network resource request by Resource Server or CDN service Device obtains, and is also possible to Resource Server or CDN server according to reading in network resource request to resource content request end.

Step 303, access Internet resources are determined whether according to first session information.

In the embodiment of the present application, Resource Server or CDN server can determine whether to permit according to the first session information Perhaps Internet resources are accessed, if it is determined that allow to access Internet resources, then transmit Internet resources to resource content request end, if really It is fixed not allow to access Internet resources, then not to resource content request end transport network resources.

According in the embodiment of the present application, by receiving network resource request, obtain that the network resource request carries the One session information determines whether access Internet resources according to first session information, allows server according to the One session information come determine whether access Internet resources, then when resource address is stolen, if in network resource request Show that resource content request end and resource address requests end are not same without the first session information or the first session information A, Internet resources can not be just accessed, that is to say, that may determine whether to allow to access according to the first entrained session information Internet resources have prevented the injurious act that Internet resources can be usurped by resource address, avoid the wave of server resource Take.

It can also include: to receive before receiving network resource request optionally in a kind of embodiment of the application Resource address acquisition request；It generates the second session information and is supplied to resource address requests end.

For Resource Server, in the access process of Internet resources, need first to receive resource address acquisition request, According to resource address acquisition request, the second session information is generated for resource address requests end, and be supplied to resource address requests end. If resource address requests end is resource content request end, the second session information will be supplied to resource content request end, if resource Address requests end is intermediate server, and the second session information will be supplied to intermediate server.Certain intermediate server may also Second session information is transmitted to resource content request end.

In a kind of embodiment of the application, optionally, a kind of implementation for generating the second session information may include: The second session information is determined according to resource address requests client information and target resource identifier.

For example, Resource Server receives user information (User) and target resource identifier (RID), Resource Server pair User information (User) carries out Hash calculation, generates third session information KeyCookie=hash (User), then provides to target The information such as the mark (RID) in source and third session information KeyCookie are encrypted, and the second session information KeyQuery=is obtained encode(RID+KeyCookie)。

Referring to Fig. 5, a kind of flow chart of network resource processing method embodiment according to the embodiment of the present application four is shown, This method can specifically include following steps:

Step 401, network resource request is received.

Step 402, the first session information that the network resource request carries is obtained.

Step 403, determine whether first session information is non-empty information, if so, allowing to access Internet resources.

In the embodiment of the present application, if the first session information is non-empty information, allow to access Internet resources, otherwise not permit Perhaps Internet resources are accessed.

It is being that non-empty information can be with when obtaining determining result to allow to access Internet resources according to the first session information Step 404 and/or step 405 are executed, is continued to whether allowing to access Internet resources and determine.

Step 404, identify whether second session information meets presupposed information rule.

In the embodiment of the present application, presupposed information rule includes the rule of preset processing information, for example, encryption information Encryption rule, processing rule that two kinds of information are mixed etc. or any other applicable rule, the embodiment of the present application It is without limitation.

Second session information is handled according to presupposed information rule, for example, to the mark of target resource (RID) it is encrypted with the information such as third session information KeyCookie, obtains the second session information KeyQuery=encode (RID+KeyCookie).Presupposed information rule includes the rule of encryption.

In the embodiment of the present application, whether the second session information of identification meets a kind of implementation packet of presupposed information rule Include: presupposed information rule can specify that the mode that processing and inversely processing are carried out to message, carry out inversely processing to the second session information, If inversely processing is available as a result, showing that the second session information meets presupposed information rule.Another implementation includes: pre- If rule information includes that the format etc. of the information obtained after handling shows the second session if the format of the second session information is consistent Information meets presupposed information rule.Any suitable mode be can specifically include to identify it is default whether the second session information meets Rule information, the embodiment of the present application are without limitation.

Step 405, identify whether first session information matches with the second session information.

In the embodiment of the present application, when the first session information is non-empty information, step 404 can be executed and execute step again later Rapid 405, the identification of step 404 can not also be executed, directly execution step 405, to determine whether access Internet resources.If First session information is matched with the second session information, it is determined that allows to access Internet resources, if the first session information and the second meeting It talks about information to mismatch, does not then allow to access Internet resources.

The match condition of first session information and the second session information may include: that the first session information and the second session are believed Manner of breathing is same, then matches or after the first session information handled, the information obtained after processing is identical as the second session information, It then matches or after the second session information handled, the information obtained after processing is identical as the first session information, then match, It can specifically include any suitable mode, the embodiment of the present application is without limitation.

In a kind of embodiment of the application, optionally, second session information includes the resource identification of Internet resources, Identify that first session information and a kind of whether matched implementation of the second session information may include: according to resource identification The 4th session information is generated with the second session information；Determine whether the 4th session information and the first session information are consistent.If 4th session information is consistent with the first session information, then the first session information is matched with the second session information.

For example, under video on demand scene, the injurious act of resource address is stolen if it does not exist, Resource Server is from network The second session information KeyQuery value is obtained in resource request, is obtained from the browser Cookie under the domain name of video on demand website Take the first session information (i.e. third session information) KeyCookie value, whether the second session information KeyQuery value of identification can be with Be decrypted, do not allow if it can not be decrypted access Internet resources, if can be decrypted decode (KeyQuery)=RID, KeyCookieDecode then obtains the mark (RID) and the 4th session information KeyCookieDecode of target resource, judges Whether four session information KeyCookieDecode and the first session information KeyCookie are equal, first session information if equal It matches with the second session information, otherwise mismatches.

According in the embodiment of the present application, by receiving network resource request, obtain that the network resource request carries the One session information determines whether first session information is non-empty information, if so, allowing to access Internet resources, identification second Whether session information meets presupposed information rule, and whether the first session information of identification matches with the second session information, if matching Determining allows to access Internet resources, and server is allowed to determine whether access network money according to the first session information Source, then when resource address is stolen, if not having the first session information or the first session information table in network resource request Bright resource content request end with resource address requests end be not it is same, Internet resources can not be just accessed, that is to say, that according to The first entrained session information may determine whether to allow to access Internet resources, and having prevented can be usurped by resource address The injurious act of Internet resources avoids the waste of server resource.

To make those skilled in the art more fully understand the application, below by way of specific example to a kind of reality of the application Existing mode is illustrated.

The schematic diagram as shown in FIG. 6 that Internet resources are accessed when being stolen there is no resource address.

Wherein, user is resource content request end, and server (a.com) is Resource Server, is stored in CDN server Internet resources specifically comprise the following steps:

Step 1, the request of the mark (RID) of carrying Internet resources is initiated with user orientation server (a.com).

Step 2, RID and user information (User) are sent to server (a.com).

Step 3, after server (a.com) receives, Hash calculation is carried out to user information (User), obtains third session letter It ceases KeyCookie=hash (User), then KeyCookie and RID is encrypted, obtain the second session information KeyQuery =encode (RID+KeyCookie).

Step 4, server (a.com) sends resource link (i.e. resource address) and KeyQuery and KeyCookie To user, wherein KeyCookie is sent by way of set cookie.

Step 5, KeyCookie is recorded under local a.com domain name in cookie.

Step 6, CDN server receives KeyQuery, reads KeyCookie under the a.com domain name of user browser.

Step 7, whether CDN server judges whether KeyQuery is legal, i.e., can be successfully decrypted.If it is illegal (i.e. Can not decrypt), 12 are thened follow the steps, does not send Internet resources to user, and terminate.

Step 8, CDN server to KeyQuery be decrypted decode (KeyQuery)=RID, KeyCookieDecode obtains RID and KeyCookieDecode.

Step 9, judge whether KeyCookieDecode is equal to KeyCookie, if being not equal to, then follow the steps 12, not to User sends Internet resources, and terminates.If being equal to, 10 are thened follow the steps.

Step 10, the corresponding Internet resources of RID are sent to resource content request end by CDN server.

Step 11, resource is showed into user, and terminated.

Step 12, Internet resources are not sent to user, and terminated.

The schematic diagram that Internet resources are accessed when being stolen there are resource address as shown in Figure 7.

Wherein, stealing chain server (evil.com) is intermediate server, is specifically comprised the following steps:

Step 1, request of the user to the mark (RID) for stealing chain server (evil.com) initiation carrying Internet resources.

Step 2, RID is sent to robber chain server (evil.com).

Step 3, it steals chain server (evil.com) and requests Internet resources RID to server (a.com).

Step 4, chain server (evil.com) is stolen to send RID to server (a.com) and steal chain server info (EvilServer)。

Step 5, after server (a.com) receives, Hash calculation is carried out to chain server info (EvilServer) is stolen, is obtained To third session information KeyCookieEvil=hash (EvilServer), then KeyCookieEvil and RID are added It is close, obtain the second session information KeyQuery=encode (RID+KeyCookieEvil).

Step 6, resource address and KeyQuery and KeyCookieEvil are sent to by server (a.com) steals chain clothes It is engaged in device (evil.com), wherein KeyCookieEvil is sent by way of set cookie.

Step 7, it steals chain server (evil.com) KeyCookieEvil is recorded under local a.com domain name In cookie.

Step 8, chain server (evil.com) is stolen by resource address, KeyQuery is sent to resource content request end, with And KeyCookieEvil is sent to resource content request end by way of set cookie.

Step 9, KeyCookieEvil is recorded in the cookie under local evil.com domain name by resource content request end In.

Step 10, CDN server receives KeyQuery, reads under the a.com domain name of user browser KeyCookieUser。

Step 11, whether CDN server judges whether KeyQuery is legal, i.e., can be successfully decrypted.If it is illegal (i.e. Can not decrypt), 14 are thened follow the steps, does not send Internet resources to user, and terminate.

Step 12, CDN server to KeyQuery be decrypted decode (KeyQuery)=RID, KeyCookieDecode obtains RID and KeyCookieDecode.

Step 13, KeyCookieDecode is equal to KeyCookieEvil, is not equal to KeyCookieUser, executes step 14。

Step 14, Internet resources are not sent to user, and terminated.

The schematic diagram of the treatment process of Internet resources as shown in Figure 8.

Step 1, vod server (Resource Server) receives the web-page requests that client (resource content request end) is sent.

Step 2, vod server generates two Key:KeyCookie and KeyQuery, together together with network resources address It is sent to client, wherein KeyCookie must be sent in a manner of set cookie.

Step 3, KeyCookie is written in the cookie under the vod server domain name client.

Step 4, client sends network resource request to CDN server.

Step 5, CDN server reads KeyQuery from client request, reads from client cookie KeyCookie, is authenticated and (determines whether access Internet resources).

The schematic diagram of vod server as shown in Figure 9 to the treatment process of Internet resources.

Step 1, vod server generates KeyCookie.

Step 2, vod server generates KeyQuery=encode (KeyCookie, RID).

Step 3, KeyCookie, KeyQuery and resource address are sent client by vod server together, wherein KeyCookie must be sent in a manner of set cookie, and KeyQuery can be sent in any way.

The schematic diagram of CDN server as shown in Figure 10 to the treatment process of Internet resources.

Step 1, CDN server reads KeyQuery from the request of client.

Step 2, judge whether KeyQuery is legal, i.e., whether can be successfully decrypted.It (can not decrypt) if it is illegal, Then follow the steps 6.

Step 3, CDN server reads KeyCookie from the cookie of client.

Step 4, CDN server judges whether encode (KeyCookie, RID) is equal to KeyQuery and holds if being equal to Row step 5, if not equal to thening follow the steps 6.

Step 5, Internet resources are sent to client.

Step 6, Internet resources are not sent to client, and terminated.

Referring to Fig.1 1, show a kind of structural frames of network resource accession Installation practice according to the embodiment of the present application five Figure, can specifically include:

The first information obtains module 501, for obtaining the first meeting of preservation corresponding with the server identification of Resource Server Information is talked about, first session information is used to mark the first session of the Resource Server Yu resource content request end；

First information adding module 502, for first session information to be added to network resource request, according to institute The first session information carried determines whether access Internet resources；

Initiation module 503 is requested, for initiating the network resource request according to resource address.

In a kind of embodiment of the application, optionally, described device further include:

Second data obtaining module, for obtaining first saved corresponding with the server identification of Resource Server described Before session information, the second session information that resource address and Resource Server provide is obtained, second session information is used In the second session and target resource that mark the Resource Server and resource address requests end, the resource address requests end Including resource content request end or intermediate server.

Second information adding module is used for before the network resource request according to resource address initiation, by institute It states the second session information and is added to the network resource request, to be determined in conjunction with first session information and the second session information Whether allow to access Internet resources.

Third data obtaining module, for obtaining first saved corresponding with the server identification of Resource Server described Before session information, the third session information that Resource Server provides is obtained, wherein the third session information is for marking institute State the second session of Resource Server Yu resource address requests end.

In a kind of embodiment of the application, optionally, the resource address requests end include resource content request end or Intermediate server, when the resource address requests end includes resource content request end, the third session information and the first meeting It is identical to talk about information, when the resource address requests end includes intermediate server, the third session information and the first session are believed Breath is different.

Preserving module, for by the third session information it is corresponding with the server identification that resource address provides end save, It includes intermediate server or Resource Server that the resource address, which provides end,.

In a kind of embodiment of the application, optionally, the server identification includes domain name, the third session information Information write instruction is carried, the preserving module includes:

Implementation sub-module, for the resource to be written in the third session information by executing the information write instruction The corresponding storage location of domain name at address offer end.

In a kind of embodiment of the application, optionally, the information write instruction includes set cookie instruction.

Referring to Fig.1 2, show a kind of structural frames of Internet resources processing device embodiment according to the embodiment of the present application six Figure, can specifically include:

Request receiving module 601, for receiving network resource request；

The first information obtains module 602, the first session information carried for obtaining the network resource request, and described the One session information be used for markup resources server and resource content request end the first session, first session information with it is described The server identification of Resource Server is in the corresponding preservation in the resource content request end；

Determining module 603, for determining whether access Internet resources according to first session information.

In a kind of embodiment of the application, optionally, the determining module includes:

Non-empty decision sub-module, for determining whether first session information is non-empty information, if so, allowing to access net Network resource.

In a kind of embodiment of the application, optionally, the network resource request also carries the second session information, described Second session information is used to mark the second session of the Resource Server Yu resource address requests end, the resource address requests End includes resource content request end or intermediate server；

The determining module includes:

Match cognization submodule, whether first session information matches with the second session information for identification.

In a kind of embodiment of the application, optionally, second session information includes the resource identification of Internet resources, The match cognization submodule includes:

4th information generating unit, for generating the 4th session information according to resource identification and the second session information；

Consistent judging unit, for determining whether the 4th session information and the first session information are consistent.

Regular identification module, whether second session information meets presupposed information rule for identification.

Request receiving module, for receiving resource address acquisition request before receiving network resource request；

Information generating module, for generating the second session information and being supplied to resource address requests end.

In a kind of embodiment of the application, optionally, the information generating module includes:

Information determines submodule, for determining described second according to resource address requests client information and target resource identifier Session information.

For device embodiment, since it is basically similar to the method embodiment, related so being described relatively simple Place illustrates referring to the part of embodiment of the method.

Embodiment of the disclosure can be implemented as using any suitable hardware, firmware, software, or and any combination thereof into The system of the desired configuration of row.Figure 13, which is schematically shown, can be used for realizing showing for each embodiment described in the disclosure Example property system (or device) 700.

For one embodiment, Figure 13 shows exemplary system 700, the system have one or more processors 702, It is coupled to the system control module (chipset) 704 of at least one of (one or more) processor 702, is coupled to and be The system storage 706 for control module 704 of uniting is coupled to the nonvolatile memory (NVM) of system control module 704/deposit Storage equipment 708 is coupled to one or more input-output apparatus 710 of system control module 704, and is coupled to and is The network interface 712 for control module 706 of uniting.

Processor 702 may include one or more single or multiple core processors, processor 702 may include general processor or Any combination of application specific processor (such as graphics processor, application processor, Baseband processor etc.).In some embodiments, System 700 can be as the browser described in the embodiment of the present application.

In some embodiments, system 700 may include with instruction one or more computer-readable mediums (for example, System storage 706 or NVM/ store equipment 708) and mutually merge with the one or more computer-readable medium and be configured as Execute instruction the one or more processors 702 to realize module thereby executing movement described in the disclosure.

For one embodiment, system control module 704 may include any suitable interface controller, with to (one or It is multiple) at least one of processor 702 and/or any suitable equipment or component that communicate with system control module 704 mentions For any suitable interface.

System control module 704 may include Memory Controller module, to provide interface to system storage 706.Storage Device controller module can be hardware module, software module and/or firmware module.

System storage 706 can be used for for example, load of system 700 and storing data and/or instruction.For a reality Example is applied, system storage 706 may include any suitable volatile memory, for example, DRAM appropriate.In some embodiments In, system storage 706 may include four Synchronous Dynamic Random Access Memory of Double Data Rate type (DDR4SDRAM).

For one embodiment, system control module 704 may include one or more i/o controllers, with to NVM/ stores equipment 708 and (one or more) input-output apparatus 710 provides interface.

For example, NVM/ storage equipment 708 can be used for storing data and/or instruction.NVM/ storage equipment 708 may include appointing It anticipates nonvolatile memory appropriate (for example, flash memory) and/or to may include that any suitable (one or more) is non-volatile deposit Equipment is stored up (for example, one or more hard disk drives (HDD), one or more CD (CD) drivers and/or one or more Digital versatile disc (DVD) driver).

NVM/ storage equipment 708 may include a part for the equipment being physically mounted on as system 700 Storage resource or its can by the equipment access without a part as the equipment.For example, NVM/ storage equipment 708 can It is accessed by network via (one or more) input-output apparatus 710.

(one or more) input-output apparatus 710 can be provided for system 700 interface with other any equipment appropriate Communication, input-output apparatus 710 may include communication component, audio component, sensor module etc..Network interface 712 can be System 700 provides interfaces with by one or more network communications, system 700 can according to one or more wireless network standards and/ Or arbitrary standards in agreement and/or agreement are carried out wireless communication with the one or more components of wireless network, such as are accessed Wireless network based on communication standard, such as WiFi, 2G or 3G or their combination carry out wireless communication.

For one embodiment, at least one of (one or more) processor 702 can be with system control module 704 The logic of one or more controllers (for example, Memory Controller module) is packaged together.For one embodiment, (one Or multiple) at least one of processor 702 can be encapsulated in the logic of one or more controllers of system control module 704 Together to form system in package (SiP).For one embodiment, at least one of (one or more) processor 702 can It is integrated on same mold with the logic of one or more controllers of system control module 704.For one embodiment, (one It is a or multiple) at least one of processor 702 can be integrated with the logic of one or more controllers of system control module 704 To form system on chip (SoC) on same mold.

In various embodiments, system 700 can be, but not limited to be: browser, work station, desk-top calculating equipment or movement It calculates equipment (for example, lap-top computing devices, handheld computing device, tablet computer, net book etc.).In various embodiments, System 700 can have more or fewer components and/or different frameworks.For example, in some embodiments, system 700 includes One or more video cameras, keyboard, liquid crystal display (LCD) screen (including touch screen displays), nonvolatile memory port, Mutiple antennas, graphic chips, specific integrated circuit (ASIC) and loudspeaker.

Wherein, if display includes touch panel, display screen may be implemented as touch screen displays, be used by oneself with receiving The input signal at family.Touch panel includes one or more touch sensors to sense the hand on touch, slide, and touch panel Gesture.The touch sensor can not only sense the boundary of a touch or slide action, but also detect and the touch or sliding Operate relevant duration and pressure.

The embodiment of the present application also provides a kind of non-volatile readable storage medium, be stored in the storage medium one or Multiple modules (programs) when the one or more module is used in terminal device, can make the terminal device execute The instruction (instructions) of various method steps in the embodiment of the present application.

Provide a kind of computer equipment in one example, including memory, processor and storage are on a memory simultaneously The computer program that can be run on a processor, which is characterized in that the processor is realized such as when executing the computer program The method of the embodiment of the present application.

A kind of computer readable storage medium is additionally provided in one example, is stored thereon with computer program, it is special Sign is, one or more methods such as the embodiment of the present application are realized when which is executed by processor.

The embodiment of the present application discloses a kind of network resource access method and device, and example 1 includes that a kind of Internet resources are visited Ask method, comprising:

The network resource request is initiated according to resource address.

Example 2 may include method described in example 1, wherein in the server identification pair of the acquisition and Resource Server Before the first session information that should be saved, the method also includes:

Example 3 may include method described in example 1 and/or example 2, wherein it is described initiated according to resource address described in Before network resource request, the method also includes:

Example 4 may include method described in 3 one or more of example 1- example, wherein in the acquisition and resource service Before corresponding the first session information saved of the server identification of device, the method also includes:

Example 5 may include method described in 4 one or more of example 1- example, wherein the resource address requests end packet Resource content request end or intermediate server are included, when the resource address requests end includes resource content request end, described Three session informations are identical as the first session information, when the resource address requests end includes intermediate server, the third meeting It is different from the first session information to talk about information.

Example 6 may include method described in 5 one or more of example 1- example, wherein the method also includes:

Example 7 may include method described in 6 one or more of example 1- example, wherein the server identification includes domain Name, the third session information carries information write instruction, described to provide the third session information and resource address to end Server identification corresponds to save

Example 8 may include method described in 7 one or more of example 1- example, wherein the information write instruction includes Set cookie instruction.

Example 9 includes a kind of network resource processing method, comprising:

Receive network resource request；

Example 10 may include method described in example 9, wherein described to be determined whether according to first session information Accessing Internet resources includes:

Example 11 may include method described in example 9 and/or example 10, wherein the network resource request also carries Two session informations, second session information are used to mark the second session of the Resource Server Yu resource address requests end, The resource address requests end includes resource content request end or intermediate server；

Example 12 may include method described in 11 one or more of example 9- example, wherein the second session information packet The resource identification of Internet resources is included, identification first session information includes: with whether the second session information matches

Example 13 may include method described in 12 one or more of example 9- example, wherein the method also includes:

Identify whether second session information meets presupposed information rule.

Example 14 may include method described in 13 one or more of example 9- example, wherein receive network resource request Before, the method also includes:

Receive resource address acquisition request；

Example 15 may include method described in 14 one or more of example 9- example, wherein the second session of generation letter Breath includes:

Example 16 includes a kind of network resource accession device, comprising:

The first information obtains module, and the first session for obtaining preservation corresponding with the server identification of Resource Server is believed Breath, first session information are used to mark the first session of the Resource Server Yu resource content request end；

First information adding module, for first session information to be added to network resource request, with according to being taken First session information of band determines whether access Internet resources；

Initiation module is requested, for initiating the network resource request according to resource address.

Example 17 may include device described in example 16, wherein described device further include:

Example 18 may include device described in example 16 and/or example 17, wherein described device further include:

Example 19 may include device described in 18 one or more of example 16- example, wherein described device further include:

Example 20 may include device described in 19 one or more of example 16- example, wherein the resource address requests end It is described when the resource address requests end includes resource content request end including resource content request end or intermediate server Third session information is identical as the first session information, when the resource address requests end includes intermediate server, the third Session information is different from the first session information.

Example 21 may include device described in 20 one or more of example 16- example, wherein described device further include:

Example 22 may include device described in 20 one or more of example 16- example, wherein the server identification includes Domain name, the third session information carry information write instruction, and the preserving module includes:

Example 23 may include device described in 22 one or more of example 16- example, wherein the information write instruction packet Include set cookie instruction.

Example 24 includes a kind of Internet resources processing unit, comprising:

Request receiving module, for receiving network resource request；

The first information obtains module, the first session information carried for obtaining the network resource request, and described first Session information is used for the first session of markup resources server and resource content request end, first session information and the money The server identification of source server is in the corresponding preservation in the resource content request end；

Determining module, for determining whether access Internet resources according to first session information.

Example 25 may include device described in example 24, wherein the determining module includes:

Example 26 may include device described in example 24 and/or example 25, wherein the network resource request also carries Two session informations, second session information are used to mark the second session of the Resource Server Yu resource address requests end, The resource address requests end includes resource content request end or intermediate server；

The determining module includes:

Example 27 may include device described in 26 one or more of example 24- example, wherein the second session information packet The resource identification of Internet resources is included, the match cognization submodule includes:

Example 28 may include device described in 27 one or more of example 24- example, wherein described device further include:

Example 29 may include device described in 28 one or more of example 24- example, wherein described device further include:

Example 30 may include device described in 29 one or more of example 24- example, wherein the information generating module packet It includes:

Example 31 includes a kind of computer equipment, including memory, processor and storage on a memory and can handled The computer program run on device, the processor are realized when executing the computer program as example 1-15 is one or more Method.

Example 32 includes a kind of computer readable storage medium, is stored thereon with computer program, the program is by processor The method such as example 1-15 one or more is realized when execution.

Although some embodiments are various substitutions, and/or equivalent implementation for the purpose of illustrating and describing Scheme calculates to reach same purpose and implement the realization for exemplifying and describing, and does not depart from the practical range of the application.This Shen It please be intended to cover any modification or variation of the embodiment being discussed herein.It is, therefore, apparent that embodiment described herein only by right It is required that being limited with their equivalent.

Claims

1. a kind of network resource access method characterized by comprising

The first session information of preservation corresponding with the server identification of Resource Server is obtained, first session information is for marking Remember the first session of the Resource Server Yu resource content request end；

First session information is added to network resource request, to determine whether to permit according to the first entrained session information Perhaps Internet resources are accessed；

The network resource request is initiated according to resource address.

2. the method according to claim 1, wherein in the server identification pair of the acquisition and Resource Server Before the first session information that should be saved, the method also includes:

The second session information that resource address and Resource Server provide is obtained, second session information is described for marking Second session at Resource Server and resource address requests end and target resource, the resource address requests end includes in resource Hold request end or intermediate server.

3. according to the method described in claim 2, it is characterized in that, being asked described according to the resource address initiation Internet resources Before asking, the method also includes:

Second session information is added to the network resource request, in conjunction with first session information and the second session Information determines whether access Internet resources.

4. the method according to claim 1, wherein in the server identification pair of the acquisition and Resource Server Before the first session information that should be saved, the method also includes:

Obtain the third session information that Resource Server provides, wherein the third session information is for marking the resource to take Second session of business device and resource address requests end.

5. according to the method described in claim 4, it is characterized in that, the resource address requests end includes resource content request end Or intermediate server, when the resource address requests end includes resource content request end, the third session information and first Session information is identical, when the resource address requests end includes intermediate server, the third session information and the first session Information is different.

6. according to the method described in claim 4, it is characterized in that, the method also includes:

By third session information preservation corresponding with the server identification that resource address provides end, the resource address provides end Including intermediate server or Resource Server.

7. according to the method described in claim 6, it is characterized in that, the server identification includes domain name, the third session Information carries information write instruction, described by third session information guarantor corresponding with the server identification that resource address provides end It deposits and includes:

The resource address is written into the third session information by the execution information write instruction, the domain name pair at end is provided The storage location answered.

8. the method according to the description of claim 7 is characterized in that the information write instruction includes set cookie instruction.

9. a kind of network resource processing method characterized by comprising

Receive network resource request；

The first session information that the network resource request carries is obtained, first session information is used for markup resources server With first session at resource content request end, the server identification of first session information and the Resource Server is described Resource content request end is corresponding to be saved；

10. according to the method described in claim 9, it is characterized in that, described determine whether to permit according to first session information Perhaps access Internet resources include:

11. according to the method described in claim 9, it is characterized in that, the network resource request also carries the second session information, Second session information is used to mark the second session of the Resource Server Yu resource address requests end, the resource address Request end includes resource content request end or intermediate server；

12. according to the method for claim 11, which is characterized in that second session information includes the resource of Internet resources Mark, identification first session information include: with whether the second session information matches

13. according to the method for claim 11, which is characterized in that the method also includes:

Identify whether second session information meets presupposed information rule.

14. according to the method for claim 11, which is characterized in that before receiving network resource request, the method is also Include:

Receive resource address acquisition request；

15. according to the method for claim 14, which is characterized in that the second session information of the generation includes:

16. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor Calculation machine program, which is characterized in that the processor realizes such as claim 1-15 mono- or more when executing the computer program A method.

17. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor The method such as claim 1-15 one or more is realized when execution.