CN110493225A - A kind of request transmission method, device, equipment and readable storage medium storing program for executing - Google Patents
A kind of request transmission method, device, equipment and readable storage medium storing program for executing Download PDFInfo
- Publication number
- CN110493225A CN110493225A CN201910769443.XA CN201910769443A CN110493225A CN 110493225 A CN110493225 A CN 110493225A CN 201910769443 A CN201910769443 A CN 201910769443A CN 110493225 A CN110493225 A CN 110493225A
- Authority
- CN
- China
- Prior art keywords
- request
- fingerprint
- information
- destination request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Collating Specific Patterns (AREA)
Abstract
This application discloses a kind of request transmission methods, comprising: generates destination request depending on the user's operation;According to the build environment information generating device fingerprint of destination request, build environment information is included at least: the font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu information that browser is supported;Destination request and device-fingerprint are transmitted to server-side.Wherein, the font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu information that browser for generating device fingerprint is supported are to have the information of secure safety, so the correctness and safety of device-fingerprint and request data can be ensured, reliable judgment basis can be provided for server-side.Correspondingly, a kind of request transmitting device, equipment and readable storage medium storing program for executing disclosed in the present application, similarly have above-mentioned technique effect.
Description
Technical field
This application involves field of computer technology, in particular to a kind of request transmission method, device, equipment and readable storage
Medium.
Background technique
In the prior art, in order to ensure front end request correctness and safety, corresponding device-fingerprint can be generated,
And device-fingerprint and request data are sent to server-side simultaneously, so that server-side is according to the device-fingerprint decision request received
Whether data are correct.
Wherein, the information that existing device-fingerprint generating mode is used may be tampered or forge, such as: generating device
The information of fingerprint generally comprises: client ip address, client user's proxy information, Referer information, but in actual scene
In, client ip address and Referer information are commonly present forgery behavior.That is, in existing device-fingerprint generating process
In, used client ip address and Referer information may be mistake, therefore will be unable to ensure the device-fingerprint generated
Correctness and safety provide reliable judgment basis so that the safety of request data can not be ensured for server-side.
Therefore, the correctness and safety for how improving request data are those skilled in the art's problems to be solved.
Summary of the invention
In view of this, the application's is designed to provide a kind of request transmission method, device, equipment and readable storage medium
Matter, to improve the correctness and safety of device-fingerprint and request data.Its concrete scheme is as follows:
In a first aspect, this application provides a kind of request transmission methods, comprising:
Destination request is generated depending on the user's operation;
According to the build environment information generating device fingerprint of destination request, build environment information is included at least: browser branch
The font format information and audio-video format information held, audio-video spatial cue, graphical rendering information, locally store information and
Local cpu information;
Destination request and device-fingerprint are transmitted to server-side.
Preferably, destination request and device-fingerprint are transmitted to server-side, comprising:
It is signed, is asked for an autograph to destination request using device-fingerprint;
It will ask for an autograph, destination request and device-fingerprint are transmitted to server-side.
Preferably, it is signed using device-fingerprint to destination request, comprising:
The cryptographic Hash of device-fingerprint is calculated, and is signed using cryptographic Hash to destination request.
Preferably, destination request and device-fingerprint are transmitted to server-side, comprising:
Destination request is encrypted using base64 Encryption Algorithm, obtains target ciphering sequence;
It is signed, is asked for an autograph to target ciphering sequence using the cryptographic Hash of device-fingerprint;
It will ask for an autograph, target ciphering sequence and cryptographic Hash are transmitted to server-side.
Preferably, it is signed using the cryptographic Hash of device-fingerprint to target ciphering sequence, before being asked for an autograph, also
Include:
It is random to generate preset quantity random number;
Using preset quantity random number and ASCII coding target ciphering sequence is shifted respectively, obtain with each
The corresponding accidental enciphering sequence of random number;
Splice accidental enciphering sequence corresponding with each random number, obtains splicing ciphering sequence, and ciphering sequence will be spliced
As target ciphering sequence.
Preferably, obtain splicing ciphering sequence after, further includes:
Splicing ciphering sequence is encrypted using preset base64 sequence, and splicing ciphering sequence is updated to encrypt
Splicing ciphering sequence afterwards.
Preferably, destination request and device-fingerprint are transmitted to before server-side, further includes:
According to the difference of the parameter in the generation parameter of destination request and preset parameter library, calculating user is real user
Probability value;
Judge whether probability value is more than preset threshold value;
If so, executing the step of destination request and device-fingerprint are transmitted to server-side;
If it is not, then blocking the transmission of destination request and device-fingerprint.
Second aspect, this application provides a kind of request transmitting devices, comprising:
Generation module is requested, for generating destination request depending on the user's operation;
Device-fingerprint generation module, for the build environment information generating device fingerprint according to destination request, build environment
Information includes at least: the font format information and audio-video format information of browser support, audio-video spatial cue, figure rendering
Information, locally store information and local cpu information;
Transmission module, for destination request and device-fingerprint to be transmitted to server-side.
The third aspect, this application provides a kind of request transmission devices, comprising:
Memory, for storing computer program;
Processor, for executing the computer program, to realize aforementioned disclosed request transmission method.
Fourth aspect, this application provides a kind of readable storage medium storing program for executing, for saving computer program, wherein the meter
Calculation machine program realizes aforementioned disclosed request transmission method when being executed by processor.
By above scheme it is found that this application provides a kind of request transmission methods, comprising: generate depending on the user's operation
Destination request;According to the build environment information generating device fingerprint of destination request, build environment information is included at least: browser branch
The font format information and audio-video format information held, audio-video spatial cue, graphical rendering information, locally store information and
Local cpu information;Destination request and device-fingerprint are transmitted to server-side.
In the above-mentioned methods, the font lattice that browser is supported are included at least for the build environment information of generating device fingerprint
Formula information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu letter
Breath.Wherein, above- mentioned information are the information for generating the browser of request and carrying, since browser type is limited, and each browsing
The information of device will not be changed arbitrarily, will not be tampered, so these information have reliable safety, so as to ensure equipment
The correctness and safety of fingerprint and request data;It can also be service when device-fingerprint and request data are sent to server-side
End provides reliable judgment basis.
Correspondingly, a kind of request transmitting device, equipment and readable storage medium storing program for executing provided by the present application similarly have above-mentioned
Technical effect.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the first request transmission method flow chart disclosed in the present application;
Fig. 2 is second of request transmission method flow chart disclosed in the present application;
Fig. 3 is the third request transmission method flow chart disclosed in the present application;
Fig. 4 is a kind of request transmitting device schematic diagram disclosed in the present application;
Fig. 5 is a kind of request transmission device schematic diagram disclosed in the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
Currently, the information that existing device-fingerprint generating mode is used may be tampered or forge, and such as: generating device
The information of fingerprint generally comprises: client ip address, client user's proxy information, Referer information, but in actual scene
In, client ip address and Referer information are commonly present forgery behavior.That is, in existing device-fingerprint generating process
In, used client ip address and Referer information may be mistake, therefore will be unable to ensure the device-fingerprint generated
Correctness and safety, so that reliable judgment basis can not be provided for server-side.For this purpose, this application provides a kind of requests
Transmission plan, can ensure the correctness and safety of device-fingerprint, provide reliable judgment basis for server-side.
Shown in Figure 1, the embodiment of the present application discloses the first request transmission method, comprising:
S101, destination request is generated depending on the user's operation;
S102, the build environment information generating device fingerprint according to destination request, build environment information include at least: browsing
The font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information that device is supported
And local cpu information;
S103, destination request and device-fingerprint are transmitted to server-side.
In the present embodiment, destination request and device-fingerprint are transmitted to server-side, comprising: using device-fingerprint to target
Request is signed, and is asked for an autograph;It will ask for an autograph, destination request and device-fingerprint are transmitted to server-side.Wherein, it utilizes
Device-fingerprint signs to destination request, comprising: calculate the cryptographic Hash of device-fingerprint, and using cryptographic Hash to destination request into
Row signature.
It is understood that signing using device-fingerprint to destination request, the peace of request data can further improve
Quan Xing.
In the present embodiment, it according to the difference of the parameter in the generation parameter of destination request and preset parameter library, calculates
User is the probability value of real user;Judge whether probability value is more than preset threshold value;If so, executing destination request and setting
The step of standby fingerprint is transmitted to server-side;If it is not, then blocking the transmission of destination request and device-fingerprint.
It should be noted that local device can be based on user's when user is when front end is based on browser initiation request
Operation generates corresponding request.Wherein, the user for initiating request is real user under normal circumstances, is also possible to be scanner sometimes
Equal analog subscribers.Scanner general execution is crawler operation.
In order to distinguish that active user is analog subscriber or real user, can be carried out based on the generation parameter of current request
Determine.The generation parameter of current request is to initiate the parameter of the browser of request, if active user is real user, then when
The generation parameter of preceding request is the actual parameter of browser;If active user is analog subscriber, then the generation of current request
Parameter by with the actual parameter of browser just difference.Specifically, being stored in the pre-set parameter library of the application various
The actual parameter of browser, therefore the generation parameter of destination request is compared with the parameter in preset parameter library, so that it may
It is true use so as to calculate active user according to the difference to determine the generation parameter of destination request and the difference of actual parameter
The probability value at family.
Such as: the generation parameter of destination request has 5, wherein the parameter in 3 and parameter library is inconsistent, and preset threshold
Value is 60%, then the probability value that active user is real user can be 2 ÷ 5=40%, and 40% less than 60%, so can
Think that active user is analog subscriber, therefore blocks the transmission of destination request.Thus can front end filter out it is some it is non-just
Often request, so as to save computer resource, can also reduce the request treating capacity of server-side, mitigate the pressure of server-side.
It is, of course, also possible to which the analog parameter that various scanners use is stored in advance, it thus can directly compare and currently ask
Whether the generation parameter asked is consistent with analog parameter;If consistent, current request is the request that analog subscriber is initiated, this is blocked to ask
The transmission asked;If inconsistent, the difference according to the parameter in the generation parameter of destination request and preset parameter library, meter are executed
Calculate the probability value that user is real user;Judge whether probability value is more than preset threshold value;If so, execute destination request and
Device-fingerprint is transmitted to the step of server-side;If it is not, the step of then blocking the transmission of destination request and device-fingerprint.
It is set forth below the parameter of some common browsers and scanner, the complete parameter of each browser and scanner can be with
With reference to the prior art, details are not described herein for the present embodiment.
The parameter of different browsers refers to table 1- table 4.
Table 1
Table 2
Table 3
Table 4
It should be noted that in 7 operating system of Windows, representative browser include: Chrome and
Firefox;QupZilla browser based on QtWebEngine;Scanner Burpsuite2.0 be similarly based on Qtwebkit
QtWebEngine.Their certain parameter differences can be found in table 1- table 4.Scanner often utilizes open source browser engine for example
QtWebkit, Phantomjs etc. realize user's simulated operation.As it can be seen that the parameter for the browser that real user uses, being based on
The browser of QtWebEngine and the parameter of Burpsuite2.0 scanner have significant difference.In different operating system,
For the difference of different browsers there are also very much, this specification will not enumerate explanation.
In the present embodiment, the font lattice that browser is supported are included at least for the build environment information of generating device fingerprint
Formula information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu letter
Breath.Wherein, above- mentioned information are the information for generating the browser of request and carrying, since browser type is limited, and each browsing
The information of device will not be changed arbitrarily, will not be tampered, so these information have reliable safety, so as to ensure equipment
The correctness and safety of fingerprint and request data;It can also be service when device-fingerprint and request data are sent to server-side
End provides reliable judgment basis.
Shown in Figure 2, the embodiment of the present application discloses second of request transmission method, comprising:
S201, destination request is generated depending on the user's operation;
S202, the build environment information generating device fingerprint according to destination request, build environment information include at least: browsing
The font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information that device is supported
And local cpu information;
S203, destination request is encrypted using base64 Encryption Algorithm, obtains target ciphering sequence;
S204, random generation preset quantity random number;
S205, using preset quantity random number and ASCII coding target ciphering sequence is shifted respectively, obtain with
The corresponding accidental enciphering sequence of each random number;
S206, splicing accidental enciphering sequence corresponding with each random number, obtain splicing ciphering sequence;
S207, splicing ciphering sequence is encrypted using preset base64 sequence, splicing ciphering sequence is updated to
Encrypted splicing ciphering sequence, and ciphering sequence will be spliced as target ciphering sequence.
S208, it is signed, is asked for an autograph to target ciphering sequence using the cryptographic Hash of device-fingerprint;
S209, will ask for an autograph, the cryptographic Hash of target ciphering sequence and device-fingerprint is transmitted to server-side.
In the present embodiment, before sending destination request, destination request is encrypted, and utilizes device-fingerprint
Cryptographic Hash signs to encrypted destination request, to further ensure the safety of destination request.
Wherein, the base64 Encryption Algorithm in the present embodiment can be replaced other Encryption Algorithm.Utilize preset base64
Sequence encrypts splicing ciphering sequence, can further enhance the safety of destination request.Base64 Encryption Algorithm is to data
When being encrypted, dynamic Fault Sequence can be used and encrypted, also can customize sequence and encrypted.Wherein, dynamic default sequence
The safety of column is lower than the safety of custom list.
In the present embodiment, the encrypting step of S204-S206 description is the customized encrypting step of the present embodiment, in this way may be used
Further increase the safety of destination request.Wherein, preset quantity random number is generated at random, comprising: based on the different time
Stamp is random to generate preset quantity random number.
Wherein, S204-S206 is the encryption carried out based on time and random number, and it is reverse can to increase Encryption Algorithm in this way
Difficulty.Because encrypted result is not fixed when a request issues;Meanwhile server-side can be based between maximum time
Judge whether the request ciphertext received needs to be further processed every difference.If receiving the timestamp of request and sending the request
The difference of timestamp be repeatedly more than maximum time interval (maximum time interval is preset duration), then show that current request is very big
It may be that Replay Attack or attacker are passing through the data packet analysis that malice is distorted and testing in degree.
It is, the difference at time point and request received time point that request issues and the interval set are (i.e.
Maximum time interval) it is compared.For example interval is 5 seconds, requests the time point issued and requests received time point
Difference is 10 seconds, then showing current request largely may be that Replay Attack or attacker are passing through malice and distorting
Data packet analysis test.
When receive request timestamp and send the request timestamp difference be repeatedly more than maximum time interval (most
Big time interval is preset duration), then it can abandon current request.Meanwhile data can be guaranteed using base64 Encryption Algorithm
Integrality, guarantee data server-side will not be caused not identify and handle well because of differences such as character set encodings;base64
Dynamic Fault Sequence can be safeguarded by time synchronization, dynamic Fault Sequence but also the ciphertext generated be it is dynamic, can
Effectively to enhance the difficulty that ciphertext is cracked.
It should be noted that other in the present embodiment realize that step is same as the previously described embodiments or similar, therefore this implementation
Details are not described herein for example.
In the present embodiment, the font lattice that browser is supported are included at least for the build environment information of generating device fingerprint
Formula information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu letter
Breath.Wherein, above- mentioned information are the information for generating the browser of request and carrying, since browser type is limited, and each browsing
The information of device will not be changed arbitrarily, will not be tampered, so these information have reliable safety, so as to ensure equipment
The correctness and safety of fingerprint and request data;It can also be service when device-fingerprint and request data are sent to server-side
End provides reliable judgment basis.Meanwhile request data is transmitted with ciphertext, improves the safety of request data.
Shown in Figure 3, the embodiment of the present application discloses the third request transmission method, comprising:
S301, destination request is generated depending on the user's operation;
S302, the build environment information generating device fingerprint according to destination request, build environment information include at least: browsing
The font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information that device is supported
And local cpu information;
S303, destination request is encrypted using base64 Encryption Algorithm, obtains target ciphering sequence;
S304, random generation preset quantity random number;
S305, using preset quantity random number and ASCII coding target ciphering sequence is shifted respectively, obtain with
The corresponding accidental enciphering sequence of each random number;
S306, splicing accidental enciphering sequence corresponding with each random number, obtain splicing ciphering sequence;
S307, splicing ciphering sequence is encrypted using preset base64 sequence, splicing ciphering sequence is updated to
Encrypted splicing ciphering sequence, and ciphering sequence will be spliced as target ciphering sequence.
S308, it is signed, is asked for an autograph to target ciphering sequence using the cryptographic Hash of device-fingerprint;
S309, according to the difference of the parameter in the generation parameter of destination request and preset parameter library, it is true for calculating user
The probability value of real user;
S310, judge whether probability value is more than preset threshold value;If so, executing S311;If it is not, then executing S312;
S311, will ask for an autograph, the cryptographic Hash of target ciphering sequence and device-fingerprint is transmitted to server-side;
S312, blocking ask for an autograph, the transmission of the cryptographic Hash of target ciphering sequence and device-fingerprint.
Wherein, ASCII coding (American Standard Code for Information Interchange, beauty
State's standard code for information interchange) it is computer code's system based on the Latin alphabet, there is high versatility.
It should be noted that device-fingerprint technology is currently used primarily in user tracking.Using device-fingerprint technology, in business
It can effectively identify user identity, the initiation environment of user's request be judged, and the identity of user is uniquely demarcated,
To judge that user is potential service attacks person or normal user.In webpage, in order to bring body well to user
It tests, at present Ajax (Asynchronous Javascript And XML, asynchronous JavaScript and XML) in the technology of mainstream
It is very widely used.The ajax technology that the XML HTTP Request provided using browser is realized can accomplish asynchronous refresh number
According to, do not block current thread, user experience greatly can be enhanced.
In the present embodiment, the different requests initiated for different browsers, realize the principle of encryption are as follows: directly in webpage
It before all javascript file loads, covers window.XMLHttpRequest object (abbreviation xhr), overriding xhr request
Open and send method.When the xhr that other frames use sends request, so that it may achieve the effect that endorse automatically.Such as
This can will all request the request ciphertext that be rewritten as in the present embodiment for the request that any browser is initiated.
In order to further increase the validity of device-fingerprint, build environment information can also include: browser to Web GL
Whether the support situation of (Web Graphics Library, a kind of 3D drawing technique) can pass through Web RTC (Web Real-
Time Communication, the timely communication technology of webpage) obtain IP address of internal network, DNT (Do Not Track, in browser
Forbid tracking function) fingerprint etc..It is, of course, also possible to include other unlisted information, including information category it is more, dimension
Higher, anti-counterfeit capability is stronger, and the safety of device-fingerprint is higher.
It should be noted that other in the present embodiment realize that step is same as the previously described embodiments or similar, therefore this implementation
Details are not described herein for example.
In the present embodiment, the font lattice that browser is supported are included at least for the build environment information of generating device fingerprint
Formula information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local cpu letter
Breath.Wherein, above- mentioned information are the information for generating the browser of request and carrying, since browser type is limited, and each browsing
The information of device will not be changed arbitrarily, will not be tampered, so these information have reliable safety, so as to ensure equipment
The correctness and safety of fingerprint and request data;It can also be service when device-fingerprint and request data are sent to server-side
End provides reliable judgment basis.Meanwhile request data is transmitted with ciphertext, improves the safety of request data.It can also be
The true or false of front end judgement request can also reduce the request treating capacity of server-side so as to save computer resource, mitigate clothes
The pressure at business end.
A kind of request transmitting device provided by the embodiments of the present application is introduced below, a kind of request described below passes
Defeated device can be cross-referenced with a kind of above-described request transmission method.
Shown in Figure 4, the embodiment of the present application discloses a kind of request transmitting device, comprising:
Generation module 401 is requested, for generating destination request depending on the user's operation;
Device-fingerprint generation module 402 generates ring for the build environment information generating device fingerprint according to destination request
Border information includes at least: the font format information and audio-video format information, audio-video spatial cue, figure wash with watercolours that browser is supported
Contaminate information, locally store information and local cpu information;
Transmission module 403, for destination request and device-fingerprint to be transmitted to server-side.
In a specific embodiment, transmission module includes:
First signature unit is asked for an autograph for being signed using device-fingerprint to destination request;
First transmission unit, for that will ask for an autograph, destination request and device-fingerprint be transmitted to server-side.
In a specific embodiment, signature unit is specifically used for:
The cryptographic Hash of device-fingerprint is calculated, and is signed using cryptographic Hash to destination request.
In a specific embodiment, transmission module includes:
Encryption unit obtains target ciphering sequence for encrypting destination request using base64 Encryption Algorithm;
Second signature unit is signed to target ciphering sequence for the cryptographic Hash using device-fingerprint, is requested
Signature;
Second transmission unit, for that will ask for an autograph, target ciphering sequence and cryptographic Hash be transmitted to server-side.
In a specific embodiment, transmission module further include:
Generation unit, for generating preset quantity random number at random;
Shift unit, for being moved respectively to target ciphering sequence using preset quantity random number and ASCII coding
Position, obtains accidental enciphering sequence corresponding with each random number;
Concatenation unit obtains splicing ciphering sequence, and will for splicing accidental enciphering sequence corresponding with each random number
Splice ciphering sequence as target ciphering sequence.
In a specific embodiment, transmission module further include:
Updating unit for being encrypted using preset base64 sequence to splicing ciphering sequence, and splicing is encrypted
Sequence is updated to encrypted splicing ciphering sequence.
In a specific embodiment, transmitting device is requested further include: further include:
Computing module is calculated for the difference according to the parameter in the generation parameter of destination request and preset parameter library
User is the probability value of real user;
Judgment module, for judging whether probability value is more than preset threshold value;
Execution module then executes the step in transmission module for being more than preset threshold value when probability value;
Module is blocked, for being less than preset threshold value when probability value, then blocks the transmission of destination request and device-fingerprint.
Wherein, previous embodiment can be referred to by closing the more specifical course of work of modules, unit in this present embodiment
Disclosed in corresponding contents, no longer repeated herein.
As it can be seen that present embodiments providing a kind of request transmitting device, comprising: request generation module, device-fingerprint generate mould
Block and transmission module.Destination request is generated by request generation module depending on the user's operation first;Then device-fingerprint generates
Module is included at least according to the build environment information generating device fingerprint of destination request, build environment information: what browser was supported
Font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information and local
CPU information;Last transmission module, for destination request and device-fingerprint to be transmitted to server-side.Divide between such modules
Work cooperation, Each performs its own functions, to ensure the correctness and safety of device-fingerprint, reliable judgement can be provided for server-side
Foundation.
A kind of request transmission device provided by the embodiments of the present application is introduced below, a kind of request described below passes
Transfer device can be cross-referenced with a kind of above-described request transmission method and device.
Shown in Figure 5, the embodiment of the present application discloses a kind of request transmission device, comprising:
Memory 501, for saving computer program;
Processor 502, for executing the computer program, to perform the steps of
Destination request is generated depending on the user's operation;It is raw according to the build environment information generating device fingerprint of destination request
It is included at least at environmental information: the font format information and audio-video format information of browser support, audio-video spatial cue, figure
Shape spatial cue, locally store information and local cpu information;Destination request and device-fingerprint are transmitted to server-side.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
It performs the steps of and is signed using device-fingerprint to destination request, asked for an autograph;It will ask for an autograph, destination request
Server-side is transmitted to device-fingerprint.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
The cryptographic Hash for calculating device-fingerprint is performed the steps of, and is signed using cryptographic Hash to destination request.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
It performs the steps of and encrypts destination request using base64 Encryption Algorithm, obtain target ciphering sequence;Utilize the Kazakhstan of device-fingerprint
Uncommon value signs to target ciphering sequence, is asked for an autograph;It will ask for an autograph, target ciphering sequence and cryptographic Hash are transmitted to
Server-side.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
Perform the steps of random generation preset quantity random number;Using preset quantity random number and ASCII coding respectively to mesh
Mark ciphering sequence is shifted, and accidental enciphering sequence corresponding with each random number is obtained;Splice corresponding with each random number
Accidental enciphering sequence obtains splicing ciphering sequence, and will splice ciphering sequence as target ciphering sequence.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
It performs the steps of and splicing ciphering sequence is encrypted using preset base64 sequence, and splicing ciphering sequence is updated
For encrypted splicing ciphering sequence.
It in the present embodiment, can be specific when the processor executes the computer subprogram saved in the memory
The difference according to the parameter in the generation parameter of destination request and preset parameter library is performed the steps of, it is true for calculating user
The probability value of real user;Judge whether probability value is more than preset threshold value;Destination request and device-fingerprint are passed if so, executing
The step of transporting to server-side;If it is not, then blocking the transmission of destination request and device-fingerprint.
A kind of readable storage medium storing program for executing provided by the embodiments of the present application is introduced below, one kind described below is readable to deposit
Storage media can be cross-referenced with a kind of above-described request transmission method, device and equipment.
A kind of readable storage medium storing program for executing, for saving computer program, wherein when the computer program is executed by processor
It realizes that previous embodiment is disclosed and requests transmission method.Specific steps about this method, which can refer in previous embodiment, to be disclosed
Corresponding contents, no longer repeated herein.
This application involves " first ", " second ", " third ", the (if present)s such as " the 4th " be for distinguishing similar right
As without being used to describe a particular order or precedence order.It should be understood that the data used in this way in the appropriate case can be with
It exchanges, so that the embodiments described herein can be implemented with the sequence other than the content for illustrating or describing herein.In addition,
Term " includes " and " having " and their any deformation, it is intended that cover it is non-exclusive include, for example, containing a system
The process, method or equipment of column step or unit those of are not necessarily limited to be clearly listed step or unit, but may include not having
There are other step or units being clearly listed or intrinsic for these process, methods or equipment.
It should be noted that the description for being related to " first ", " second " etc. in this application is used for description purposes only, and cannot
It is interpreted as its relative importance of indication or suggestion or implicitly indicates the quantity of indicated technical characteristic.Define as a result, " the
One ", the feature of " second " can explicitly or implicitly include at least one of the features.In addition, the skill between each embodiment
Art scheme can be combined with each other, but must be based on can be realized by those of ordinary skill in the art, when technical solution
Will be understood that the combination of this technical solution is not present in conjunction with there is conflicting or cannot achieve when, also not this application claims
Protection scope within.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with it is other
The difference of embodiment, same or similar part may refer to each other between each embodiment.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of readable storage medium storing program for executing well known in field.
Specific examples are used herein to illustrate the principle and implementation manner of the present application, and above embodiments are said
It is bright to be merely used to help understand the present processes and its core concept;At the same time, for those skilled in the art, foundation
The thought of the application, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification is not
It is interpreted as the limitation to the application.
Claims (10)
1. a kind of request transmission method characterized by comprising
Destination request is generated depending on the user's operation;
According to the build environment information generating device fingerprint of the destination request, the build environment information is included at least: browsing
The font format information and audio-video format information, audio-video spatial cue, graphical rendering information, locally store information that device is supported
And local cpu information;
The destination request and the device-fingerprint are transmitted to server-side.
2. request transmission method according to claim 1, which is characterized in that described by the destination request and the equipment
Fingerprint is transmitted to server-side, comprising:
It is signed, is asked for an autograph to the destination request using the device-fingerprint;
By it is described ask for an autograph, the destination request and the device-fingerprint are transmitted to the server-side.
3. request transmission method according to claim 2, which is characterized in that described to utilize the device-fingerprint to the mesh
Mark request is signed, comprising:
The cryptographic Hash of the device-fingerprint is calculated, and is signed using the cryptographic Hash to the destination request.
4. request transmission method according to claim 1, which is characterized in that described by the destination request and the equipment
Fingerprint is transmitted to server-side, comprising:
The destination request is encrypted using base64 Encryption Algorithm, obtains target ciphering sequence;
It is signed, is asked for an autograph to the target ciphering sequence using the cryptographic Hash of the device-fingerprint;
By it is described ask for an autograph, the target ciphering sequence and the cryptographic Hash are transmitted to the server-side.
5. request transmission method according to claim 4, which is characterized in that the cryptographic Hash using the device-fingerprint
It signs to the target ciphering sequence, before being asked for an autograph, further includes:
It is random to generate preset quantity random number;
Using the preset quantity random number and ASCII coding the target ciphering sequence is shifted respectively, obtain with
The corresponding accidental enciphering sequence of each random number;
Splice corresponding with each random number accidental enciphering sequence, obtain splicing ciphering sequence, and by the splicing ciphering sequence
As the target ciphering sequence.
6. request transmission method according to claim 5, which is characterized in that it is described to obtain after splicing ciphering sequence, also
Include:
The splicing ciphering sequence is encrypted using preset base64 sequence, and the splicing ciphering sequence is updated to
Encrypted splicing ciphering sequence.
7. request transmission method described in -6 any one according to claim 1, which is characterized in that described by the destination request
It is transmitted to before server-side with the device-fingerprint, further includes:
According to the difference of the parameter in the generation parameter of the destination request and preset parameter library, it is true for calculating the user
The probability value of user;
Judge whether the probability value is more than preset threshold value;
If so, executing the described the step of destination request and the device-fingerprint are transmitted to server-side;
If it is not, then blocking the transmission of the destination request and the device-fingerprint.
8. a kind of request transmitting device characterized by comprising
Generation module is requested, for generating destination request depending on the user's operation;
Device-fingerprint generation module, for the build environment information generating device fingerprint according to the destination request, the generation
Environmental information includes at least: the font format information and audio-video format information, audio-video spatial cue, figure that browser is supported
Spatial cue, locally store information and local cpu information;
Transmission module, for the destination request and the device-fingerprint to be transmitted to server-side.
9. a kind of request transmission device characterized by comprising
Memory, for storing computer program;
Processor, for executing the computer program, to realize request transmission side as described in any one of claim 1 to 7
Method.
10. a kind of readable storage medium storing program for executing, which is characterized in that for saving computer program, wherein the computer program is located
Reason device realizes request transmission method as described in any one of claim 1 to 7 when executing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910769443.XA CN110493225B (en) | 2019-08-20 | 2019-08-20 | Request transmission method, device, equipment and readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910769443.XA CN110493225B (en) | 2019-08-20 | 2019-08-20 | Request transmission method, device, equipment and readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110493225A true CN110493225A (en) | 2019-11-22 |
CN110493225B CN110493225B (en) | 2021-12-03 |
Family
ID=68552291
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910769443.XA Active CN110493225B (en) | 2019-08-20 | 2019-08-20 | Request transmission method, device, equipment and readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110493225B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111666596A (en) * | 2020-07-10 | 2020-09-15 | 腾讯科技(深圳)有限公司 | Data processing method, device and medium |
CN112073375A (en) * | 2020-08-07 | 2020-12-11 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for power Internet of things client side |
CN112215622A (en) * | 2020-09-18 | 2021-01-12 | 南京欣网互联网络科技有限公司 | Risk prevention and control method and system based on order information |
CN113239308A (en) * | 2021-05-26 | 2021-08-10 | 杭州安恒信息技术股份有限公司 | Page access method, device, equipment and storage medium |
CN114173081A (en) * | 2021-12-13 | 2022-03-11 | 济南大学 | Remote audio and video method and system |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150237038A1 (en) * | 2014-02-18 | 2015-08-20 | Secureauth Corporation | Fingerprint based authentication for single sign on |
CN105430011A (en) * | 2015-12-25 | 2016-03-23 | 杭州朗和科技有限公司 | Method and device for detecting distributed denial of service attack |
CN106446202A (en) * | 2016-09-30 | 2017-02-22 | 福建北卡科技有限公司 | Anti-interference browser fingerprint generation method based on implicit characteristic acquisition |
CN106549925A (en) * | 2015-09-23 | 2017-03-29 | 阿里巴巴集团控股有限公司 | Prevent method, the apparatus and system of cross-site request forgery |
CN106878265A (en) * | 2016-12-21 | 2017-06-20 | 重庆华龙艾迪信息技术有限公司 | A kind of data processing method and device |
CN107426181A (en) * | 2017-06-20 | 2017-12-01 | 竞技世界(北京)网络技术有限公司 | The hold-up interception method and device of malice web access request |
CN109246062A (en) * | 2017-07-11 | 2019-01-18 | 沪江教育科技(上海)股份有限公司 | A kind of authentication method and system based on browser plug-in |
CN109587133A (en) * | 2018-11-30 | 2019-04-05 | 武汉烽火众智智慧之星科技有限公司 | A kind of single-node login system and method |
-
2019
- 2019-08-20 CN CN201910769443.XA patent/CN110493225B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150237038A1 (en) * | 2014-02-18 | 2015-08-20 | Secureauth Corporation | Fingerprint based authentication for single sign on |
CN106549925A (en) * | 2015-09-23 | 2017-03-29 | 阿里巴巴集团控股有限公司 | Prevent method, the apparatus and system of cross-site request forgery |
CN105430011A (en) * | 2015-12-25 | 2016-03-23 | 杭州朗和科技有限公司 | Method and device for detecting distributed denial of service attack |
CN106446202A (en) * | 2016-09-30 | 2017-02-22 | 福建北卡科技有限公司 | Anti-interference browser fingerprint generation method based on implicit characteristic acquisition |
CN106878265A (en) * | 2016-12-21 | 2017-06-20 | 重庆华龙艾迪信息技术有限公司 | A kind of data processing method and device |
CN107426181A (en) * | 2017-06-20 | 2017-12-01 | 竞技世界(北京)网络技术有限公司 | The hold-up interception method and device of malice web access request |
CN109246062A (en) * | 2017-07-11 | 2019-01-18 | 沪江教育科技(上海)股份有限公司 | A kind of authentication method and system based on browser plug-in |
CN109587133A (en) * | 2018-11-30 | 2019-04-05 | 武汉烽火众智智慧之星科技有限公司 | A kind of single-node login system and method |
Non-Patent Citations (1)
Title |
---|
AMIN FAIZ KHADEMI: "Browser Fingerprinting: Analysis, Detection, and Prevention at Runtime", 《HTTPS://QSPACE.LIBRARY.QUEENSU.CA/HANDLE/1974/12604》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111666596A (en) * | 2020-07-10 | 2020-09-15 | 腾讯科技(深圳)有限公司 | Data processing method, device and medium |
CN112073375A (en) * | 2020-08-07 | 2020-12-11 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for power Internet of things client side |
CN112073375B (en) * | 2020-08-07 | 2023-09-26 | 中国电力科学研究院有限公司 | Isolation device and isolation method suitable for client side of electric power Internet of things |
CN112215622A (en) * | 2020-09-18 | 2021-01-12 | 南京欣网互联网络科技有限公司 | Risk prevention and control method and system based on order information |
CN113239308A (en) * | 2021-05-26 | 2021-08-10 | 杭州安恒信息技术股份有限公司 | Page access method, device, equipment and storage medium |
CN113239308B (en) * | 2021-05-26 | 2023-07-18 | 杭州安恒信息技术股份有限公司 | Page access method, device, equipment and storage medium |
CN114173081A (en) * | 2021-12-13 | 2022-03-11 | 济南大学 | Remote audio and video method and system |
Also Published As
Publication number | Publication date |
---|---|
CN110493225B (en) | 2021-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110493225A (en) | A kind of request transmission method, device, equipment and readable storage medium storing program for executing | |
CN105260663B (en) | A kind of safe storage service system and method based on TrustZone technologies | |
CN107770159B (en) | Vehicle accident data recording method and related device and readable storage medium | |
CN111835511A (en) | Data security transmission method and device, computer equipment and storage medium | |
CN110493202A (en) | Log in generation and the verification method, device and server of token | |
CN106899571B (en) | Information interaction method and device | |
WO2017039775A2 (en) | Making cryptographic claims about stored data using an anchoring system | |
CN110175466B (en) | Security management method and device for open platform, computer equipment and storage medium | |
US20080229109A1 (en) | Human-recognizable cryptographic keys | |
CN106411830A (en) | Method for preventing access data from being tampered and mobile terminal | |
CN109756460B (en) | Replay attack prevention method and device | |
CN106897761A (en) | A kind of two-dimensional code generation method and device | |
CN110312054B (en) | Image encryption and decryption method, related device and storage medium | |
CN105847000A (en) | Token generation method and communication system based on same | |
CN112235301B (en) | Access right verification method and device and electronic equipment | |
CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
CN112804133A (en) | Encrypted group chat method and system based on block chain technology | |
CN111246407B (en) | Data encryption and decryption method and device for short message transmission | |
CN111371555A (en) | Signature authentication method and system | |
CN108496194A (en) | A kind of method, server-side and the system of verification terminal legality | |
CN109698806A (en) | A kind of user data method of calibration and system | |
CN111294354A (en) | Signature verification method, apparatus, device and storage medium for distributed environment | |
CN103200179A (en) | Website certification, deployment and identification method | |
CN105791244A (en) | Method, boundary router and system for controlling inter-domain routing change | |
CN117725598A (en) | An Zhuoduan data encryption and decryption method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |