CN110808897A - Proxy access method, user equipment, storage medium, device and system - Google Patents

Proxy access method, user equipment, storage medium, device and system Download PDF

Info

Publication number
CN110808897A
CN110808897A CN201911085146.XA CN201911085146A CN110808897A CN 110808897 A CN110808897 A CN 110808897A CN 201911085146 A CN201911085146 A CN 201911085146A CN 110808897 A CN110808897 A CN 110808897A
Authority
CN
China
Prior art keywords
address
proxy
network request
accessed
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911085146.XA
Other languages
Chinese (zh)
Inventor
吴洪磊
刘洋
周尚武
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sangfor Technologies Co Ltd
Original Assignee
Sangfor Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sangfor Technologies Co Ltd filed Critical Sangfor Technologies Co Ltd
Priority to CN201911085146.XA priority Critical patent/CN110808897A/en
Publication of CN110808897A publication Critical patent/CN110808897A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of intranet access, and discloses a proxy access method, user equipment, a storage medium, a device and a system. Intercepting a current network request initiated by a browser; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the invention performs intranet access through the browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.

Description

Proxy access method, user equipment, storage medium, device and system
Technical Field
The present invention relates to the field of intranet access technologies, and in particular, to a proxy access method, a user equipment, a storage medium, an apparatus, and a system.
Background
For a business or a school, an out-going business employee or a teacher and a student often cannot conveniently access an internal system.
For the access scenario, a traditional Virtual Private Network (VPN) access manner is mostly adopted, and the traditional VPN access manner requires a user to install a client on personal equipment or deploy a browser plug-in before use, however, the deployment process of software is often tedious.
Therefore, there is a technical problem that deployment operation is complicated when an intranet needs to be accessed.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide a proxy access method, user equipment, a storage medium, a device and a system, and aims to solve the technical problem of complex deployment operation when an intranet needs to be accessed.
In order to achieve the above object, the present invention provides a proxy access method, including the following steps:
intercepting a current network request initiated by a browser;
reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server;
rewriting the address to be accessed in the current network request into an address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
Preferably, the rewriting, by a preset Hook script, the address to be accessed in the current network request to the address to be forwarded to obtain the proxy network request includes:
setting accessor attributes of the object, a rewriting method definition and a rewriting constructor function through a preset Hook script so as to carry out dynamic Hook;
and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
Preferably, after intercepting the current network request initiated by the browser, the proxy access method further includes:
judging whether the request type of the intercepted current network request is an address rewriting type or not based on a preset Hook script;
and if the request type is the address rewriting type, executing the step of reading the intercepted address to be accessed in the current network request.
Preferably, after the determining, based on the preset Hook script, whether the request type of the intercepted current network request is an address rewriting type, the proxy access method further includes:
and if the request type is not the address rewriting type, reading the intercepted address to be accessed in the current network request, and accessing the external network server through the address to be accessed.
Preferably, before intercepting the current network request initiated by the browser, the proxy access method further includes:
receiving operation information sent by a proxy server;
and reading a preset Hook script inserted by the proxy server from the running information.
Preferably, before receiving the operation information sent by the proxy server, the proxy access method further includes:
acquiring a current address input by a user in a browser, and displaying a list to be selected corresponding to the current address;
and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
Furthermore, to achieve the above object, the present invention further provides a user equipment, which includes a memory, a processor, and a proxy access program stored in the memory and operable on the processor, wherein the proxy access program is configured to implement the steps of the proxy access method as described above.
Furthermore, to achieve the above object, the present invention further provides a storage medium having stored thereon a proxy access program, which when executed by a processor implements the steps of the proxy access method as described above.
In addition, to achieve the above object, the present invention further provides a proxy access device, including:
the request interception module is used for intercepting the current network request initiated by the browser;
the address reading module is used for reading an address to be accessed in the intercepted current network request, and the address to be accessed corresponds to the intranet server;
the address rewriting module is used for rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and the access module is used for sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
In addition, to achieve the above object, the present invention further provides a proxy access system, including: a proxy server, an intranet server and a user equipment as described above;
the user equipment is connected with the proxy server, and the proxy server is connected with the intranet server.
Preferably, the proxy server is configured to receive a target network request sent by a browser, restore the address to be forwarded in the target network request to the address to be accessed, and send the changed target network request to the intranet server based on the address to be accessed;
the intranet server is used for responding to the changed target network request so as to generate response information;
the proxy server is further configured to receive the response information fed back by the intranet server, insert a preset Hook script into the response information to generate operation information, and send the operation information to the user equipment, so that the user equipment obtains the preset Hook script.
Intercepting a current network request initiated by a browser; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the invention performs intranet access through the browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.
Drawings
FIG. 1 is a schematic diagram of a user equipment architecture of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating an exemplary embodiment of a proxy access method;
FIG. 3 is a schematic diagram of a network architecture according to an embodiment of the proxy access method of the present invention;
FIG. 4 is a flowchart illustrating an agent access method according to another embodiment of the present invention;
FIG. 5 is a flowchart illustrating a proxy access method according to yet another embodiment of the present invention;
FIG. 6 is a schematic diagram of information interaction of yet another embodiment of the proxy access method of the present invention;
fig. 7 is a block diagram of an embodiment of the proxy access device according to the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a user equipment in a hardware operating environment according to an embodiment of the present invention.
As shown in fig. 1, the user equipment may include: a processor 1001, such as a Central Processing Unit (CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), the optional user interface 1003 may also include a standard wired interface and a wireless interface, and the wired interface of the user interface 1003 may be a Universal Serial Bus (USB) interface in the present invention. The network interface 1004 may optionally include a standard wired interface as well as a wireless interface (e.g., WI-FI interface). The Memory 1005 may be a high speed Random Access Memory (RAM); or a stable Memory, such as a Non-volatile Memory (Non-volatile Memory), and may be a disk Memory. The memory 1005 may alternatively be a storage device separate from the processor 1001.
Wherein a browser is operable within the user device.
Those skilled in the art will appreciate that the architecture shown in fig. 1 does not constitute a limitation of the user equipment and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, a memory 1005, which is a kind of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a proxy access program.
In the user equipment shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting peripheral equipment; the user equipment calls the proxy access program stored in the memory 1005 through the processor 1001 and performs the following operations:
intercepting a current network request initiated by a browser;
reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server;
rewriting the address to be accessed in the current network request into an address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
Further, the processor 1001 may call the proxy access program stored in the memory 1005, and also perform the following operations:
setting accessor attributes of the object, a rewriting method definition and a rewriting constructor function through a preset Hook script so as to carry out dynamic Hook;
and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
Further, the processor 1001 may call the proxy access program stored in the memory 1005, and also perform the following operations:
judging whether the request type of the intercepted current network request is an address rewriting type or not based on a preset Hook script;
and if the request type is the address rewriting type, executing the step of reading the intercepted address to be accessed in the current network request.
Further, the processor 1001 may call the proxy access program stored in the memory 1005, and also perform the following operations:
and if the request type is not the address rewriting type, reading the intercepted address to be accessed in the current network request, and accessing the external network server through the address to be accessed.
Further, the processor 1001 may call the proxy access program stored in the memory 1005, and also perform the following operations:
receiving operation information sent by a proxy server;
and reading a preset Hook script inserted by the proxy server from the running information.
Further, the processor 1001 may call the proxy access program stored in the memory 1005, and also perform the following operations:
acquiring a current address input by a user in a browser, and displaying a list to be selected corresponding to the current address;
and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
Intercepting a current network request initiated by a browser in the embodiment; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the embodiment performs intranet access through a browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.
Based on the above hardware structure, an embodiment of the proxy access method of the present invention is provided.
Referring to fig. 2, fig. 2 is a flowchart illustrating an embodiment of a proxy access method according to the present invention.
In one embodiment, the proxy access method comprises the following steps:
step S10: and intercepting the current network request initiated by the browser.
It is understood that the execution subject of the embodiment is a user device, and the user device is an electronic device operable by a user, such as a personal computer or a smart phone. If the user equipment is a personal computer, a certain third-party browser can be operated on the personal computer side, and a current network request is initiated through the third-party browser so as to request data resources or network resources in the intranet server.
Step S20: and reading an address to be accessed in the intercepted current network request, wherein the address to be accessed corresponds to the intranet server.
It should be understood that, since the object to be accessed by the third-party browser is an intranet server, the destination address in the current network request is the address of the intranet server, i.e. the address to be accessed.
Step S30: and rewriting the address to be accessed in the current network request into the address to be forwarded by a preset Hook script so as to obtain the proxy network request.
In a specific implementation, when the network architecture is deployed, a proxy server is added to the user equipment and the intranet server. Referring to the network architecture shown in fig. 3, the user equipment is connected to a proxy server, which is connected to an intranet server. By applying the network architecture, when a third-party browser wants to initiate a current network request, the request is intercepted first, and the user equipment calls a preset Hook (Hook) script deployed in advance in the embodiment to implement address rewriting operation. The address rewriting operation is specifically to modify the destination address of the current network request from the address to be accessed corresponding to the intranet server to the address to be forwarded corresponding to the proxy server, and the modified current network request is the proxy network request.
The Hook function can not only capture the message and control the message first, but also carry out rewriting processing, forcibly finish the transmission of the message and the like.
Step S40: and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
It will be appreciated that, whereas the destination address of the proxy network request is the address to be forwarded corresponding to the proxy server, the proxy network request will be issued by the user equipment to the proxy server side, rather than to the intranet server. The proxy server is used for accessing the intranet server.
Of course, since the target to which the user equipment actually accesses is the intranet server, the intranet access is performed when the proxy server responds to the proxy network request. Specifically, the proxy server performs the address rewriting operation again, and restores the destination address to the address corresponding to the intranet server, so as to send a request to the intranet server side and access the data resource or the network resource in the intranet server.
Therefore, the intranet access is performed through the browser, and a specially-made software client or a browser plug-in cannot be deployed in advance, so that the deployment operation is greatly simplified.
In addition, in the embodiment, the intranet is accessed in a browser mode, the pure webpage VPN is used, the cross-platform characteristic is achieved, and the system can be conveniently used in Windows, Linux, Mac, IOS and Android systems. Among them, Windows, Linux, Mac, IOS, and Android systems are all common system types.
Furthermore, for the access scene of accessing the intranet outside the internet, the method can also be used for performing instrumentation rewriting on the webpage script on the basis of syntax analysis at the server side, processing function call and attribute assignment, and the coping mode does not need to deploy the client side. However, this method also has drawbacks, for example, parsing cannot fully simulate a browser script parsing engine, and cannot support complicated script usage and new grammar well, so that the embodiment is better in operation.
Further, for the access scenario of accessing the intranet outside the home network, address rewriting can be performed completely on the server side, that is, the server replaces Uniform Resource Locator (URL) addresses in all response contents, which also does not require deployment of a client. However, this coping method also has a defect that the replacement operation based on the background can only match the URL address satisfying the rule, and cannot process the URL address formed by variable splicing and function calling. In addition, the rule-based replacement does not take semantics into account, and the script is likely to not operate according to the original logic after the replacement, for example, after the URL replacement, the obtained address of the domain name bar after the replacement is rewritten, but the judgment logic in the script is based on the address before the rewriting, which causes the script to operate according to the original logic. It can be seen that the present embodiment does not have these drawbacks in response of the server, and the present embodiment is superior in operation.
It can be seen that, compared with the two types of access modes for accessing the intranet outside the world, the embodiment is based on the front-end script operation Hook mechanism, different from text replacement without changing the original code, the dynamic Hook is realized by setting the property of the object accessor, the definition of the rewriting method and the rewriting constructor, the invasiveness is low, syntax analysis and URL replacement are not required to be performed in advance, the complicated script usage and new syntax can be shielded, the problem of dynamic URL address splicing can be effectively solved, the code semantics can be restored to the greatest extent, and the normal operation of the program is not influenced.
Specifically, the rewriting of the address to be accessed in the current network request into the address to be forwarded by using a preset Hook script to obtain the proxy network request includes:
setting accessor attributes of the object, a rewriting method definition and a rewriting constructor function through a preset Hook script so as to carry out dynamic Hook;
and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
It can be understood that the dynamic HOOK behavior here is a running behavior of the preset HOOK script, and the running behavior can set the accessor attribute, the rewrite method definition and the rewrite constructor of the object.
Intercepting a current network request initiated by a browser in the embodiment; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the embodiment performs intranet access through a browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.
Referring to fig. 4, fig. 4 is a flowchart illustrating a proxy access method according to another embodiment of the present invention, and based on the embodiment illustrated in fig. 2, a proxy access method according to another embodiment of the present invention is provided.
In yet another embodiment, after the step S10, the proxy access method further includes:
step S101: and judging whether the intercepted request type of the current network request is an address rewriting type or not based on a preset Hook script.
It is understood that, in order to improve the operation efficiency of the address rewriting operation, a distinction process may be performed based on the request type of the intercepted request.
If the request type is the address rewriting type, step S20 is executed.
In a specific implementation, the request type includes an intranet access type, an extranet access type, and the like, and the address rewriting type may be preset as the intranet access type. If the request type of the current network request intercepted this time is an intranet access type, namely an intranet server in the intranet is to be accessed, the subsequent operation is normally carried out.
Further, after the step S101, the proxy access method further includes:
step S201: and if the request type is not the address rewriting type, reading the intercepted address to be accessed in the current network request, and accessing the external network server through the address to be accessed.
Of course, if the request type of the current network request intercepted this time is the extranet access type, and is not the address rewriting type, the network access can be normally performed without performing the address rewriting operation by using the preset Hook script. Therefore, the destination address is directly accessed to obtain the data resource or the network resource in the extranet server.
In the present embodiment, access control is performed on the intercepted request, and specifically, whether to implement the rewrite operation is controlled according to the request type of the intercepted request, so that the operation efficiency of the address rewrite operation can be improved.
Referring to fig. 5, fig. 5 is a flowchart illustrating a proxy access method according to another embodiment of the present invention, and based on the embodiment shown in fig. 2, a proxy access method according to another embodiment of the present invention is provided.
In another embodiment, before the step S10, the proxy access method further includes:
step S102: and receiving the operation information sent by the proxy server.
It can be understood that, in the embodiment of the proxy access method shown in fig. 2, an operation link of formally implementing the preset Hook script is mainly discussed, and the preset Hook script is obtained before formally implementing the preset Hook script to meet the requirement of intranet access.
In a specific implementation, regarding an implementation process of acquiring the preset Hook script, the implementation process is based on a network architecture as shown in fig. 3, and referring to an information interaction process as shown in fig. 6, a browser running in user equipment first initiates a target network request based on a domain name address, where a destination address in the target network request is the domain name address, and the domain name address may be 1-1-1-1.webvpn. The domain name is webvpn.vpn, the intranet address corresponding to the intranet server is 1.1.1.1, and the domain name address corresponds to the proxy server. And then, after domain name extensive resolution is carried out, the target network request is sent to the proxy server. Wherein the proxy server may be a reverse proxy server. Then, the proxy server will perform address reduction on the destination address in the target network request, and reduce the destination address to the intranet address 1.1.1.1, so as to send the request to the intranet server.
It should be understood that after the intranet server responds to the request, the intranet server feeds back a response page to the proxy server, and the response page can be recorded as response information. And the proxy server inserts a preset Hook script into the response page to generate operation information and feeds the operation information back to the browser.
Step S103: and reading a preset Hook script inserted by the proxy server from the running information.
It can be understood that after receiving the running information sent by the proxy server, the preset Hook script inserted in the middle of the proxy server is read from the running information. In the formal implementation, the preset Hook script is called to complete the address rewriting operation, the intranet is accessed on the Web page (Web) without configuration, and the subsequent address rewriting operation is automatically performed by the preset Hook script.
Further, before receiving the operation information sent by the proxy server, the proxy access method further includes:
acquiring a current address input by a user in a browser, and displaying a list to be selected corresponding to the current address;
and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
It can be understood that, for the implementation process of acquiring the preset Hook script, the user is required to input the rewritten domain name address, i.e. 1-1-1-1.webvpn.vpn, during the initial operation, but the rewritten domain name address has poor readability and is not easy to remember. In order to further simplify the input operation, the initial operation of intranet access can be performed in an address selection mode.
In a specific implementation, for the address selection mode, a user may input a current address in a browser; then, a VPN system corresponding to the current address can be logged in, and after the VPN system is authenticated, a to-be-selected list comprising more to-be-selected resources can be displayed, wherein the to-be-selected resources are added by an administrator; the user can select the resource to be accessed from the list to be selected, the corresponding address to be forwarded is determined by clicking the resource to be selected, the address to be forwarded is the rewritten domain name address, and the user does not need to memorize the rewritten domain name address.
Furthermore, in addition to the above-mentioned manner of obtaining the rewritten domain name address, the user can also input a school portal domain name or an enterprise portal domain name and perform authentication, and the user can enter the portal site after the authentication is passed; then, a VPN resource can be added in site resources, the jump address of the VPN resource is the rewritten domain name address, and the intranet can be accessed from the extranet by clicking the address.
In this embodiment, before the preset Hook script is formally implemented to meet the requirement of intranet access, an acquisition mechanism for acquiring the preset Hook script is set, so that the browser can perform subsequent address rewriting operation without sensing.
In addition, an embodiment of the present invention further provides a storage medium, where the storage medium stores a proxy access program, and the proxy access program, when executed by a processor, implements the following operations:
intercepting a current network request initiated by a browser;
reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server;
rewriting the address to be accessed in the current network request into an address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
Further, the agent access program when executed by the processor further performs the following operations:
setting accessor attributes of the object, a rewriting method definition and a rewriting constructor function through a preset Hook script so as to carry out dynamic Hook;
and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
Further, the agent access program when executed by the processor further performs the following operations:
judging whether the request type of the intercepted current network request is an address rewriting type or not based on a preset Hook script;
and if the request type is the address rewriting type, executing the step of reading the intercepted address to be accessed in the current network request.
Further, the agent access program when executed by the processor further performs the following operations:
and if the request type is not the address rewriting type, reading the intercepted address to be accessed in the current network request, and accessing the external network server through the address to be accessed.
Further, the agent access program when executed by the processor further performs the following operations:
receiving operation information sent by a proxy server;
and reading a preset Hook script inserted by the proxy server from the running information.
Further, the agent access program when executed by the processor further performs the following operations:
acquiring a current address input by a user in a browser, and displaying a list to be selected corresponding to the current address;
and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
Intercepting a current network request initiated by a browser in the embodiment; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the embodiment performs intranet access through a browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.
In addition, referring to fig. 7, an embodiment of the present invention further provides a proxy access apparatus, where the proxy access apparatus includes:
and the request intercepting module 10 is used for intercepting the current network request initiated by the browser.
It will be appreciated that the user device is a user operable electronic device, such as a personal computer or smart phone. If the user equipment is a personal computer, a certain third-party browser can be operated on the personal computer side, and a current network request is initiated through the third-party browser so as to request data resources or network resources in the intranet server.
And an address reading module 20, configured to read an address to be accessed in the intercepted current network request, where the address to be accessed corresponds to the intranet server.
It should be understood that, since the object to be accessed by the third-party browser is an intranet server, the destination address in the current network request is the address of the intranet server, i.e. the address to be accessed.
And the address rewriting module 30 is configured to rewrite, by using a preset Hook script, the address to be accessed in the current network request to the address to be forwarded, so as to obtain the proxy network request.
In a specific implementation, when the network architecture is deployed, a proxy server is added to the user equipment and the intranet server. Referring to the network architecture shown in fig. 3, the user equipment is connected to a proxy server, which is connected to an intranet server. By applying the network architecture, when a third-party browser wants to initiate a current network request, the request is intercepted first, and the user equipment calls a preset Hook (Hook) script deployed in advance in the embodiment to implement address rewriting operation. The address rewriting operation is specifically to modify the destination address of the current network request from the address to be accessed corresponding to the intranet server to the address to be forwarded corresponding to the proxy server, and the modified current network request is the proxy network request.
The Hook function can not only capture the message and control the message first, but also carry out rewriting processing, forcibly finish the transmission of the message and the like.
And the access module 40 is configured to send the proxy network request to a proxy server corresponding to the address to be forwarded, so that the proxy server responds to the proxy network request.
It will be appreciated that, whereas the destination address of the proxy network request is the address to be forwarded corresponding to the proxy server, the proxy network request will be issued by the user equipment to the proxy server side, rather than to the intranet server. The proxy server is used for accessing the intranet server.
Of course, since the target to which the user equipment actually accesses is the intranet server, the intranet access is performed when the proxy server responds to the proxy network request. Specifically, the proxy server performs the address rewriting operation again, and restores the destination address to the address corresponding to the intranet server, so as to send a request to the intranet server side and access the data resource or the network resource in the intranet server.
Therefore, the intranet access is performed through the browser, and a specially-made software client or a browser plug-in cannot be deployed in advance, so that the deployment operation is greatly simplified.
In addition, in the embodiment, the intranet is accessed in a browser mode, the pure webpage VPN is used, the cross-platform characteristic is achieved, and the system can be conveniently used in Windows, Linux, Mac, IOS and Android systems. Among them, Windows, Linux, Mac, IOS, and Android systems are all common system types.
Furthermore, for the access scene of accessing the intranet outside the internet, the method can also be used for performing instrumentation rewriting on the webpage script on the basis of syntax analysis at the server side, processing function call and attribute assignment, and the coping mode does not need to deploy the client side. However, this method also has drawbacks, for example, parsing cannot fully simulate a browser script parsing engine, and cannot support complicated script usage and new grammar well, so that the embodiment is better in operation.
Further, for the access scenario of accessing the intranet outside the home network, address rewriting can be performed completely on the server side, that is, the server replaces Uniform Resource Locator (URL) addresses in all response contents, which also does not require deployment of a client. However, this coping method also has a defect that the replacement operation based on the background can only match the URL address satisfying the rule, and cannot process the URL address formed by variable splicing and function calling. In addition, the rule-based replacement does not take semantics into account, and the script is likely to not operate according to the original logic after the replacement, for example, after the URL replacement, the obtained address of the domain name bar after the replacement is rewritten, but the judgment logic in the script is based on the address before the rewriting, which causes the script to operate according to the original logic. It can be seen that the present embodiment does not have these drawbacks in response of the server, and the present embodiment is superior in operation.
It can be seen that, compared with the two types of access modes for accessing the intranet outside the world, the embodiment is based on the front-end script operation Hook mechanism, different from text replacement without changing the original code, the dynamic Hook is realized by setting the property of the object accessor, the definition of the rewriting method and the rewriting constructor, the invasiveness is low, syntax analysis and URL replacement are not required to be performed in advance, the complicated script usage and new syntax can be shielded, the problem of dynamic URL address splicing can be effectively solved, the code semantics can be restored to the greatest extent, and the normal operation of the program is not influenced.
Intercepting a current network request initiated by a browser in the embodiment; reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server; rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request; and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request. Obviously, the embodiment performs intranet access through a browser, thereby avoiding the compatibility problem on different systems; special software clients or browser plug-ins do not need to be deployed in advance, so that deployment operation is greatly simplified, and the technical problem of complex deployment operation when an intranet needs to be accessed is solved.
In an embodiment, the address rewriting module 30 is further configured to set an accessor attribute, a rewriting method definition, and a rewriting constructor of an object through a preset Hook script, so as to perform dynamic Hook; and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
It can be understood that the dynamic HOOK behavior here is a running behavior of the preset HOOK script, and the running behavior can set the accessor attribute, the rewrite method definition and the rewrite constructor of the object.
In one embodiment, the proxy access device further comprises:
the first access control module is used for judging whether the intercepted request type of the current network request is an address rewriting type or not based on a preset Hook script; and if the request type is the address rewriting type, executing the step of reading the intercepted address to be accessed in the current network request.
In one embodiment, the proxy access device further comprises:
and the second access control module is used for reading the intercepted address to be accessed in the current network request and accessing the extranet server through the address to be accessed if the request type is not the address rewriting type.
In one embodiment, the proxy access device further comprises:
the script acquisition module is used for receiving the running information sent by the proxy server; and reading a preset Hook script inserted by the proxy server from the running information.
In one embodiment, the proxy access device further comprises:
the address determination module is used for acquiring a current address input by a user in a browser and displaying a list to be selected corresponding to the current address; and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
Other embodiments or specific implementation manners of the proxy access device according to the present invention may refer to the above method embodiments, and are not described herein again.
In addition, an embodiment of the present invention further provides a proxy access system, where the proxy access system includes: the system comprises a proxy server, an intranet server and the user equipment;
the user equipment is connected with the proxy server, and the proxy server is connected with the intranet server.
Further, the proxy server is configured to receive a target network request sent by a browser, restore the address to be forwarded in the target network request to the address to be accessed, and send the changed target network request to the intranet server based on the address to be accessed;
it can be understood that, referring to the information interaction process shown in fig. 6, a browser running in the user equipment will first initiate a target network request based on a generic domain name address, where a destination address in the target network request is the generic domain name address, and the generic domain name address may be 1-1-1-1.webvpn. The domain name is webvpn.vpn, the intranet address corresponding to the intranet server is 1.1.1.1, and the domain name address corresponds to the proxy server. Then, after domain name resolution, the target network request is sent to the proxy server. Wherein the proxy server may be a reverse proxy server.
It should be understood that, after receiving the target network request sent by the browser, the proxy server will send the request to the intranet server by setting the domain name address, i.e. the address to be forwarded, to be the intranet address 1.1.1.1, i.e. the address to be accessed.
And the intranet server is used for responding to the changed target network request so as to generate response information.
It should be understood that after the intranet server responds to the request, the intranet server feeds back a response page to the proxy server, and the response page can be recorded as response information.
The proxy server is further configured to receive the response information fed back by the intranet server, insert a preset Hook script into the response information to generate operation information, and send the operation information to the user equipment, so that the user equipment obtains the preset Hook script.
It can be understood that the proxy server inserts a preset Hook script into the response page to generate the running information, and feeds the running information back to the browser. After receiving the operation information sent by the proxy server, the browser reads out a preset Hook script inserted in the middle of the proxy server from the operation information. In the formal implementation, the preset Hook script is called to complete the address rewriting operation, the intranet is accessed on the Web page (Web) without configuration, and the subsequent address rewriting operation is automatically performed by the preset Hook script.
In this embodiment, before the preset Hook script is formally implemented to meet the requirement of intranet access, an acquisition mechanism for acquiring the preset Hook script is set, so that the browser can perform subsequent address rewriting operation without sensing.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The use of the words first, second, third, etc. do not denote any order, but rather the words first, second, third, etc. are to be interpreted as names.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as a read-only memory, a RAM, a magnetic disk, and an optical disk), and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A proxy access method, characterized in that the proxy access method comprises the steps of:
intercepting a current network request initiated by a browser;
reading an intercepted address to be accessed in the current network request, wherein the address to be accessed corresponds to the intranet server;
rewriting the address to be accessed in the current network request into an address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
2. The proxy access method of claim 1, wherein the rewriting the address to be accessed in the current network request into the address to be forwarded by a preset Hook script to obtain the proxy network request comprises:
setting accessor attributes of the object, a rewriting method definition and a rewriting constructor function through a preset Hook script so as to carry out dynamic Hook;
and rewriting the address to be accessed in the current network request into the address to be forwarded based on the dynamic Hook behavior of the preset Hook script so as to obtain the proxy network request.
3. The proxy access method of claim 1, wherein after intercepting the current web request initiated by the browser, the proxy access method further comprises:
judging whether the request type of the intercepted current network request is an address rewriting type or not based on a preset Hook script;
and if the request type is the address rewriting type, executing the step of reading the intercepted address to be accessed in the current network request.
4. The proxy access method of claim 3, wherein after determining whether the request type of the intercepted current network request is an address rewriting type based on a preset Hook script, the proxy access method further comprises:
and if the request type is not the address rewriting type, reading the intercepted address to be accessed in the current network request, and accessing the external network server through the address to be accessed.
5. The proxy access method of claim 1, wherein prior to intercepting the current web request initiated by the browser, the proxy access method further comprises:
receiving operation information sent by a proxy server;
and reading a preset Hook script inserted by the proxy server from the running information.
6. The proxy access method according to claim 5, wherein before receiving the operation information transmitted from the proxy server, the proxy access method further comprises:
acquiring a current address input by a user in a browser, and displaying a list to be selected corresponding to the current address;
and determining an address to be forwarded from the list to be selected, and accessing a proxy server corresponding to the address to be forwarded to obtain the operation information fed back by the proxy server.
7. A user equipment, the user equipment comprising: memory, a processor and a proxy access program stored on the memory and executable on the processor, the proxy access program when executed by the processor implementing the steps of the proxy access method according to any one of claims 1 to 6.
8. A storage medium having stored thereon a proxy access program which, when executed by a processor, implements the steps of the proxy access method of any one of claims 1 to 6.
9. A proxy access device, the proxy access device comprising:
the request interception module is used for intercepting the current network request initiated by the browser;
the address reading module is used for reading an address to be accessed in the intercepted current network request, and the address to be accessed corresponds to the intranet server;
the address rewriting module is used for rewriting the address to be accessed in the current network request into the address to be forwarded through a preset Hook script so as to obtain a proxy network request;
and the access module is used for sending the proxy network request to a proxy server corresponding to the address to be forwarded so that the proxy server responds to the proxy network request.
10. A proxy access system, characterized in that the proxy access system comprises: a proxy server, an intranet server, and the user equipment of claim 7;
the user equipment is connected with the proxy server, and the proxy server is connected with the intranet server.
CN201911085146.XA 2019-11-06 2019-11-06 Proxy access method, user equipment, storage medium, device and system Pending CN110808897A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911085146.XA CN110808897A (en) 2019-11-06 2019-11-06 Proxy access method, user equipment, storage medium, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911085146.XA CN110808897A (en) 2019-11-06 2019-11-06 Proxy access method, user equipment, storage medium, device and system

Publications (1)

Publication Number Publication Date
CN110808897A true CN110808897A (en) 2020-02-18

Family

ID=69501483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911085146.XA Pending CN110808897A (en) 2019-11-06 2019-11-06 Proxy access method, user equipment, storage medium, device and system

Country Status (1)

Country Link
CN (1) CN110808897A (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111355720A (en) * 2020-02-25 2020-06-30 深信服科技股份有限公司 Method, system and equipment for accessing intranet by application and computer storage medium
CN111475314A (en) * 2020-04-03 2020-07-31 深信服科技股份有限公司 Network request processing method, device, equipment and storage medium
CN111683086A (en) * 2020-06-05 2020-09-18 北京百度网讯科技有限公司 Network data processing method and device, electronic equipment and storage medium
CN111885217A (en) * 2020-07-21 2020-11-03 深信服科技股份有限公司 Data communication method, device, equipment and storage medium
CN112087819A (en) * 2020-09-10 2020-12-15 上海连尚网络科技有限公司 Information request method, equipment and computer readable medium
CN112269959A (en) * 2020-11-19 2021-01-26 北京有竹居网络技术有限公司 Display content control method and device, readable medium and electronic equipment
CN112272158A (en) * 2020-09-16 2021-01-26 厦门网宿有限公司 Data proxy method, system and proxy server
CN112491927A (en) * 2020-12-15 2021-03-12 厦门市美亚柏科信息股份有限公司 Method and system for bypassing network port shielding
CN112565484A (en) * 2021-02-19 2021-03-26 北京翼辉信息技术有限公司 Method, system and storage medium for accessing local area network equipment by domain name seamless roaming
CN113194099A (en) * 2021-04-30 2021-07-30 网宿科技股份有限公司 Data proxy method and proxy server
CN113204730A (en) * 2021-05-19 2021-08-03 网宿科技股份有限公司 Resource acquisition method, webvpn proxy server, system and server
CN113364741A (en) * 2021-05-17 2021-09-07 网宿科技股份有限公司 Application access method and proxy server
CN114036369A (en) * 2021-10-20 2022-02-11 北京鲸鲮信息系统技术有限公司 Method, apparatus, device, medium and product for browser to access application
CN114301648A (en) * 2021-12-20 2022-04-08 汇承金融科技服务(南京)有限公司 Data configuration method and device, storage medium and electronic device
CN113204730B (en) * 2021-05-19 2024-06-07 网宿科技股份有限公司 Resource acquisition method, webvpn proxy server, system and server

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902485A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Rewriting method of reversal Web agent link
US20110072489A1 (en) * 2009-09-23 2011-03-24 Gilad Parann-Nissany Methods, devices, and media for securely utilizing a non-secured, distributed, virtualized network resource with applications to cloud-computing security and management
CN102638580A (en) * 2012-03-30 2012-08-15 奇智软件(北京)有限公司 Webpage information processing method and webpage information processing device
CN105721387A (en) * 2014-12-01 2016-06-29 北京蓝光引力网络股份有限公司 Method for preventing network hijack
CN107566200A (en) * 2016-06-30 2018-01-09 阿里巴巴集团控股有限公司 A kind of monitoring method, apparatus and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902485A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Rewriting method of reversal Web agent link
US20110072489A1 (en) * 2009-09-23 2011-03-24 Gilad Parann-Nissany Methods, devices, and media for securely utilizing a non-secured, distributed, virtualized network resource with applications to cloud-computing security and management
CN102638580A (en) * 2012-03-30 2012-08-15 奇智软件(北京)有限公司 Webpage information processing method and webpage information processing device
CN105721387A (en) * 2014-12-01 2016-06-29 北京蓝光引力网络股份有限公司 Method for preventing network hijack
CN107566200A (en) * 2016-06-30 2018-01-09 阿里巴巴集团控股有限公司 A kind of monitoring method, apparatus and system

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111355720A (en) * 2020-02-25 2020-06-30 深信服科技股份有限公司 Method, system and equipment for accessing intranet by application and computer storage medium
CN111475314A (en) * 2020-04-03 2020-07-31 深信服科技股份有限公司 Network request processing method, device, equipment and storage medium
CN111475314B (en) * 2020-04-03 2024-02-27 深信服科技股份有限公司 Processing method, device, equipment and storage medium for network request
CN111683086A (en) * 2020-06-05 2020-09-18 北京百度网讯科技有限公司 Network data processing method and device, electronic equipment and storage medium
CN111683086B (en) * 2020-06-05 2022-11-01 北京百度网讯科技有限公司 Network data processing method and device, electronic equipment and storage medium
CN111885217A (en) * 2020-07-21 2020-11-03 深信服科技股份有限公司 Data communication method, device, equipment and storage medium
CN111885217B (en) * 2020-07-21 2023-11-07 深信服科技股份有限公司 Data communication method, device, equipment and storage medium
CN112087819B (en) * 2020-09-10 2022-05-10 上海连尚网络科技有限公司 Information request method, equipment and computer readable medium
CN112087819A (en) * 2020-09-10 2020-12-15 上海连尚网络科技有限公司 Information request method, equipment and computer readable medium
CN112272158A (en) * 2020-09-16 2021-01-26 厦门网宿有限公司 Data proxy method, system and proxy server
CN112269959A (en) * 2020-11-19 2021-01-26 北京有竹居网络技术有限公司 Display content control method and device, readable medium and electronic equipment
CN112269959B (en) * 2020-11-19 2024-05-24 北京有竹居网络技术有限公司 Control method and device for display content, readable medium and electronic equipment
CN112491927B (en) * 2020-12-15 2022-12-02 厦门市美亚柏科信息股份有限公司 Method and system for bypassing network port shielding
CN112491927A (en) * 2020-12-15 2021-03-12 厦门市美亚柏科信息股份有限公司 Method and system for bypassing network port shielding
CN112565484A (en) * 2021-02-19 2021-03-26 北京翼辉信息技术有限公司 Method, system and storage medium for accessing local area network equipment by domain name seamless roaming
CN113194099A (en) * 2021-04-30 2021-07-30 网宿科技股份有限公司 Data proxy method and proxy server
CN113364741A (en) * 2021-05-17 2021-09-07 网宿科技股份有限公司 Application access method and proxy server
CN113204730A (en) * 2021-05-19 2021-08-03 网宿科技股份有限公司 Resource acquisition method, webvpn proxy server, system and server
CN113204730B (en) * 2021-05-19 2024-06-07 网宿科技股份有限公司 Resource acquisition method, webvpn proxy server, system and server
CN114036369A (en) * 2021-10-20 2022-02-11 北京鲸鲮信息系统技术有限公司 Method, apparatus, device, medium and product for browser to access application
CN114036369B (en) * 2021-10-20 2024-04-30 北京字节跳动网络技术有限公司 Method, device, equipment, medium and product for accessing application by browser
CN114301648A (en) * 2021-12-20 2022-04-08 汇承金融科技服务(南京)有限公司 Data configuration method and device, storage medium and electronic device
CN114301648B (en) * 2021-12-20 2023-08-22 汇承金融科技服务(南京)有限公司 Data configuration method and device, storage medium and electronic device

Similar Documents

Publication Publication Date Title
CN110808897A (en) Proxy access method, user equipment, storage medium, device and system
CN109325195B (en) Rendering method and system for browser, computer device and computer storage medium
CN107133180B (en) Dynamic page testing method, testing device and storage medium
CN107688529B (en) Component debugging method and device
CN105718313A (en) Application operation method and device
CN110955409B (en) Method and device for creating resources on cloud platform
CN111355720B (en) Method, system and equipment for accessing intranet by application and computer storage medium
CN109446801B (en) Method, device, server and storage medium for detecting simulator access
CN111767109A (en) H5 page display method and device based on terminal application and readable storage medium
CN112988605A (en) Method and device for realizing WEB application automatic test
CN111666199B (en) Debugging method executed on intelligent terminal and software debugger
CN111737614A (en) Page display method and device, electronic equipment and storage medium
CN113268277A (en) Web-based client access method and terminal equipment
CN111367518A (en) Page layout method and device, computing equipment and computer storage medium
CN110321507B (en) Browser cross-domain communication method and device
CN109951549B (en) Network page access method and device and computer readable storage medium
CN111880789A (en) Page rendering method, device, server and computer-readable storage medium
CN110874278A (en) Embedding method of external system, workflow system, device and storage medium
CN110737861A (en) webpage data processing method, device, equipment and storage medium
CN115268841B (en) Data management method, device, electronic equipment and storage medium
CN107391132B (en) Method, device and equipment for target App to execute preset action
CN111338928A (en) Chrome-based browser testing method and device
CN114915565A (en) Method and system for debugging network
CN104123140A (en) Method and device for managing application programs of mobile terminal
CN111614676B (en) Login method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination