CN111666514A - Data processing method and device for realizing cross-domain request at webpage end and related equipment - Google Patents
Data processing method and device for realizing cross-domain request at webpage end and related equipment Download PDFInfo
- Publication number
- CN111666514A CN111666514A CN202010350615.2A CN202010350615A CN111666514A CN 111666514 A CN111666514 A CN 111666514A CN 202010350615 A CN202010350615 A CN 202010350615A CN 111666514 A CN111666514 A CN 111666514A
- Authority
- CN
- China
- Prior art keywords
- request
- service
- address
- server
- domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 36
- 230000004044 response Effects 0.000 claims abstract description 49
- 238000012545 processing Methods 0.000 claims abstract description 37
- 238000000034 method Methods 0.000 claims abstract description 24
- 238000004590 computer program Methods 0.000 claims description 21
- 238000004458 analytical method Methods 0.000 claims description 9
- 238000004806 packaging method and process Methods 0.000 claims description 4
- 230000006870 function Effects 0.000 description 14
- 230000008569 process Effects 0.000 description 10
- 230000003993 interaction Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
- G06F16/9566—URL specific, e.g. using aliases, detecting broken or misspelled links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a data processing method, a data processing device, computer equipment and a storage medium for realizing a cross-domain request at a webpage end, which are applied to the technical field of computers and used for improving the expansibility and the safety of realizing the cross-domain request at the webpage end. The method provided by the invention comprises the following steps: receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, wherein the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-established dedicated channel; analyzing the address variable carried by the head of the service request message; obtaining the value of the address variable to obtain a target request address; the service request message is forwarded to a server of a domain name pointed by the target request address through the proxy service; and when a response message returned by the server pointed by the target request address is received, the response message is sent to the client by using the dedicated channel through the proxy service.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a data processing method and apparatus for implementing a cross-domain request at a web page, a computer device, and a storage medium.
Background
In the process of processing network data requests, based on safety considerations, browsers are all provided with homologous strategies, namely non-homologous interface requests are not allowed, and when a protocol, a domain name and a port number used between a requester and a server are different, the requester and the server are determined to be non-homologous. For example, a front page with a URL of "http:// www.baidu.com" requests some backend interface provided by "http:// weibo. com", for example: http:// weibo.com/getUserInfo queries the microblog user information interface, and such cross-domain requests are not allowed by the browser.
The cross-domain request is a real problem that almost every front-end developer needs to face, because in project building, how much access is needed to other systems, and under the current situation that front and back ends are separated, for example, a front-end project is deployed on a server A, a domain name is http:// a.com, a back-end project is deployed on a server B, a domain name is http:// b.com, a front-end page on the server A needs to call an interface on the server B, so that the front-end page is not allowed by a browser, and an error can be prompted by directly calling the browser.
For the limitation of non-homologous cross-domain requests of a browser, the traditional method cross-domain solutions are as follows:
(1) a Cross-domain resource sharing strategy CORS (Cross-origin resource sharing), namely setting permission for the access of a server A on a server B, belonging to active set friend access, but being easy to be faked by hackers to access the server A;
(2) because the similar img and script tags are not limited by cross-domain in the browser, a back-end interface can be modified to return a script format of script, the content is a function for returning JS, the really returned information is taken as a function parameter, when the script is loaded and completed on a front-end page on an A server by using the script src which is http:// b.com.getUserInfo' >/script >, the browser automatically runs the content of the script, and the content of the script is a function with an actual parameter, which is equivalent to the fact that the browser takes the real information returned by the back end, but the mode is feasible, and the back end is required to write more useless codes;
(3) a server for forwarding a page request is built in a node + express mode, and cross-domain requests sent by pages with all domain names are set on the built server through a star and are allowed to be forwarded, so that cross-domain access requests from web pages to the server are achieved. However, the communication channel between the page created in this way and the proxy server is common, on one hand, the security of the requested data cannot be guaranteed, and on the other hand, the proxy server can only be used for forwarding, which is not beneficial to the function extension of project implementation.
Disclosure of Invention
The embodiment of the invention provides a data processing method, a data processing device, computer equipment and a storage medium for realizing a cross-domain request at a webpage end, and aims to solve the technical problem that the prior art cannot realize the cross-domain request on the premise of ensuring data security.
A data processing method for realizing cross-domain request at a webpage end comprises the following steps:
receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, wherein the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-established dedicated channel;
analyzing the address variable carried by the head of the service request message;
obtaining the value of the address variable to obtain a target request address;
the service request message is forwarded to a server of a domain name pointed by the target request address through the proxy service;
and when a response message returned by the server pointed by the target request address is received, the response message is sent to the client by using the dedicated channel through the proxy service.
A data processing device for realizing cross-domain request at a webpage end comprises:
the receiving module is used for receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, wherein the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-established dedicated channel;
the analysis module is used for analyzing the address variable carried by the head of the service request message;
the address acquisition module is used for acquiring the value of the address variable to obtain a target request address;
a forwarding module, configured to forward the service request packet to a server of a domain name to which the target request address refers through the proxy service;
and the sending module is used for sending the response message to the client by utilizing the exclusive channel through the proxy service when receiving the response message returned by the server pointed by the target request address.
A computer device comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor implements the steps of the data processing method for implementing cross-domain request at the webpage end when executing the computer program.
A computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the steps of the data processing method for implementing a cross-domain request on a web page side.
The data processing method, the device, the computer equipment and the storage medium for realizing the cross-domain request of the webpage end, receive a service request message initiated by a webpage from a client through a pre-deployed proxy service, the proxy service is deployed on a server with the same domain name as the webpage, because the proxy service on the server receives the service request message through a pre-established dedicated channel, the transmitted data has higher security, then an address variable carried by the head of the service request message is analyzed, the value of the address variable is obtained, a target request address is obtained, the service request message is forwarded to the server of the domain name indicated by the target request address through the proxy service to realize the cross-domain forwarding, when a response message returned by the server indicated by the target request address is received, the response message is sent to the client through the dedicated channel by the proxy service, the communication interaction between the webpage client and the server of the domain name pointed by the target request address is realized, and the communication safety is high.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
FIG. 1 is a schematic diagram of an application environment of a data processing method for implementing a cross-domain request at a web page end according to an embodiment of the present invention;
FIG. 2 is a flowchart of a data processing method for implementing a cross-domain request on a web page side according to an embodiment of the present invention;
FIG. 3 is a flowchart of a data processing method for implementing a cross-domain request on a web page side according to another embodiment of the present invention;
FIG. 4 is a flowchart of step 105 in a data processing method for implementing a cross-domain request on a web page side according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a data processing apparatus for implementing a cross-domain request at a web page end according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a computer device according to an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The data processing method for realizing the cross-domain request at the webpage end can be applied to the application environment shown in fig. 1, wherein a server A communicates with a client device and a server B through a network. The client devices include, but are not limited to, various personal computers, notebook computers, smart phones, tablet computers, portable wearable devices, and the like. Server a and server B may be implemented as separate servers or as a server cluster of multiple servers.
In an embodiment, as shown in fig. 2, a data processing method for implementing a cross-domain request at a web page end is provided, which is described by taking the application of the method to a server a in fig. 1 as an example, and includes the following steps:
s101, receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, wherein the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-created dedicated channel.
In one embodiment, the step of deploying the proxy service on the server comprises:
configuring the name of a packet management tool and the address of a middleware contained in the service request message, wherein the packet management tool is, for example, npm management tool, the middleware can be understood as a server for forwarding the service request message, and the middleware plays a role in intermediate forwarding;
analyzing the data part of the service request message through a packet management tool corresponding to the name of the packet management tool to obtain the address of the middleware and a target request address;
and when the address of the middleware is the same as the address of the local terminal, configuring the processing mode after the service request message is analyzed into a mode of forwarding the service request message to the server of the domain name indicated by the analyzed target request address.
One usage scenario according to the present embodiment is for example: creating an app.js file, inputting a programming code of the proxy service in the app.js file, specifically including introducing a package management tool express npm package, introducing a message content analysis npm package, requesting a npm package by a server-side network, analyzing middleware by using a URL in message content, and starting the proxy service on a server through a nodeapp.js command. The method comprises the steps of monitoring requests sent by all webpage clients with domain names A, obtaining the message content of the request, obtaining the actual target address of the request for request forwarding, forwarding the request on a server, and returning the state of success or failure in forwarding to the client.
In one embodiment, the step of deploying the proxy service on the server further comprises:
the port number for listening to the service request message may be configured, for example, the port number for listening to the service request message may be configured to be "3000".
S102, analyzing the address variable carried by the head of the service request message.
In one embodiment, the address variable included in the header of the service request message may be denoted by destUrl.
S103, obtaining the value of the address variable to obtain the target request address.
In this embodiment, the target request address is encapsulated in the header of the service request message, but not in the body part of the service request message, so that the request parameter submitted by the developer is prevented from selecting the same parameter as the address variable, and the value of the request parameter submitted by the developer is prevented from covering the target request address included in the address variable. On one hand, response timeout caused by the fact that the server cannot acquire the target request address actually included by the address variable can be avoided, and on the other hand, the processing capacity of the server for realizing cross-domain requests can be improved.
S104, the service request message is forwarded to the server of the domain name pointed by the target request address through the proxy service.
The server for the domain name to which the target request address refers is server B in fig. 1.
In one embodiment, the step of deploying the proxy service on the server further comprises:
and configuring a state code fed back to the client when the service request message is unsuccessfully forwarded.
Wherein the configured status code is, for example, "500".
One usage scenario according to the present embodiment is for example: the method includes the steps that a front-end page of http:// www.baidu.com from a client requests an interface http:// weibo.com for inquiring microblog user information, the interface http:// weibo.com/getUserInfo provided by the client is forbidden to directly access a user information interface of a microblog by the client page based on a security consideration strategy, a proxy service can be deployed in advance on a server which is the same as a domain name of the front-end page, namely a hundredth server, in order to solve the problem, a dedicated channel is built between the proxy service and the client page and used for receiving a service request message of the front-end page of the domain name for requesting to access the microblog server, a target request address is analyzed from the head of the service request message, and the service request message is forwarded to the microblog server, so that cross-domain request message forwarding processing is achieved.
And S105, when receiving a response message returned by the server indicated by the target request address, sending the response message to the client by using the dedicated channel through the proxy service.
In one embodiment, the data processing method for implementing the cross-domain request at the web page further includes:
when the server forwarding the service request packet to the domain name pointed by the target request address fails, a first status code is fed back to the client, and the first status code is, for example, "500";
when the response message is failed to be sent to the client by using the dedicated channel, a second state code, such as "600", is fed back to the server.
The data processing method for implementing a cross-domain request at a web page end provided by this embodiment receives a service request packet initiated from a client through a web page through a pre-deployed proxy service, the proxy service is deployed on a server having the same domain name as the web page, the proxy service on the server receives the service request packet through a pre-created dedicated channel, so that the transmitted data has higher security, then analyzes an address variable carried by a header of the service request packet, obtains a value of the address variable, obtains a target request address, and forwards the service request packet to a server of the domain name indicated by the target request address through the proxy service to implement cross-domain forwarding, and when receiving a response packet returned by the server indicated by the target request address, sends the response packet to the client through the dedicated channel by the proxy service, the communication interaction between the webpage client and the server of the domain name pointed by the target request address is realized, the expansibility is high, and the communication safety is high.
Fig. 3 is a flowchart of a data processing method for implementing a cross-domain request by a web page in another embodiment of the present invention, and the data processing method for implementing a cross-domain request by a web page in another embodiment of the present invention is described in detail below with reference to fig. 3, as shown in fig. 3, the data processing method for implementing a cross-domain request by a web page further includes the following steps S301 to S303 on the basis of the above steps S101 to S104.
S301, when a response message returned by the server pointed by the target request address is received, the service data contained in the response message is analyzed.
In one embodiment, the service data is generally stored in the body part of the response message, and the service data can be obtained by parsing the body part of the response message.
S302, the analyzed service data is encrypted, and the encrypted service data is packaged into the response message.
S303, sending the encrypted response packet to the client through the dedicated channel by using the proxy service.
In one embodiment, the format of the request command is configured at the request initiating end, and the request receiving end parses a request URL (Uniform Resource Locator) included in the request command to identify an object that the dedicated channel allows to communicate, according to an implementation scenario of this embodiment, for example:
the request sent by the front-end page is in the format:
request (http:// a.com/proxy, head, data), where http:// a.com/proxy is a Request URL, a communication object allowed by a dedicated channel pointed by the URL is fixed (no unauthorized user modification is allowed), the head specifies a target address of the Request, and the content generally includes:
header:{
"destUrl": http:// b. com/xxxx the destUrl field here cannot be changed
};
The data parameter is the message content required by the actual request address http:// b.com/xxxx;
the request is split in two, first to the http:// a. com/proxy path, which is the route on the proxy server, which processes the request and forwards and responds to the actual routing address by obtaining the destUrl field in the header.
The proxy service on the server provided by the embodiment performs data interaction with the client through the pre-created dedicated channel, so that the data processing authority of the user on the server is higher, the service data in the response message can be encrypted, the service data of the user can be prevented from being stolen, and the security of data transmission is improved.
Fig. 4 is a flowchart of step 105 in the data processing method for implementing a cross-domain request on the web page side in an embodiment of the present invention, and as shown in fig. 4, on the basis that the data processing method for implementing a cross-domain request on the web page side includes steps S101 to S104, step S105 further includes the following steps S401 to S403.
S401, analyzing the request parameters contained in the response message.
In one embodiment, the request parameter may exist in a header of the response message or in a body portion of the response message, and optionally, the step further includes parsing all request parameters contained in the response message.
S402, judging whether the request parameters contain preset request parameters to be signed, and if yes, carrying out signing processing on the corresponding request parameters.
In one embodiment, the preset request parameter to be signed may be preset artificially, and optionally, the data processing method for implementing the cross-domain request at the web page further includes:
receiving a request parameter to be signed input by a user;
and storing the received request parameter in a database list as the preset request parameter to be signed.
S403, encapsulating the request parameter for signing processing in the response message.
In the http request interaction process, request parameters are transmitted in the form of URL or request body, and due to the openness of the http request, the request parameters are easily intercepted and tampered, the proxy service on the server provided in this embodiment performs data interaction with the client through a pre-created dedicated channel, so that the data processing authority of the user on the server is higher, the sensitive request parameters are signed, then the receiver is requested to check the request parameters, it is ensured that the two signatures are the same, the service logic processing is allowed to be performed only after the check is passed, and the request parameters are prevented from being intercepted and tampered.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In an embodiment, a data processing apparatus for implementing a cross-domain request at a web page end is provided, where the data processing apparatus for implementing the cross-domain request at the web page end corresponds to the data processing method for implementing the cross-domain request at the web page end in the above embodiment one to one. As shown in fig. 5, the data processing apparatus 100 for implementing a cross-domain request at a web page side includes a receiving module 11, a parsing module 12, an address obtaining module 13, a forwarding module 14, and a sending module 15. The functional modules are explained in detail as follows:
the receiving module 11 is configured to receive a service request packet initiated by a web page from a client through a pre-deployed proxy service, where the proxy service is deployed on a server having the same domain name as the web page, and the proxy service on the server receives the service request packet through a pre-created dedicated channel.
And the analysis module 12 is configured to analyze an address variable carried in the header of the service request packet.
And an address obtaining module 13, configured to obtain a value of the address variable to obtain a target request address.
And a forwarding module 14, configured to forward the service request packet to the server of the domain name indicated by the target request address through the proxy service.
The sending module 15 is configured to send, when receiving a response packet returned by the server indicated by the target request address, the response packet to the client through the proxy service by using the dedicated channel.
The data processing apparatus for implementing a cross-domain request at a web page end provided in this embodiment receives a service request packet initiated from a client through a web page through a pre-deployed proxy service, where the proxy service is deployed on a server having the same domain name as the web page, and because the proxy service on the server receives the service request packet through a pre-created dedicated channel, the transmitted data has higher security, and then analyzes an address variable carried in a header of the service request packet, obtains a value of the address variable, obtains a target request address, and forwards the service request packet to a server having the domain name indicated by the target request address through the proxy service to implement cross-domain forwarding, and when receiving a response packet returned by the server indicated by the target request address, sends the response packet to the client through the dedicated channel by the proxy service, the communication interaction between the webpage client and the server of the domain name pointed by the target request address is realized, and the communication safety is high.
In one embodiment, the data processing apparatus 100 for implementing a cross-domain request on the web page side further includes:
a first configuration module, configured to configure the name of the packet management tool and the address of the middleware included in the service request message;
the analysis unit is used for analyzing the data part of the service request message through a packet management tool corresponding to the name of the packet management tool to obtain the address of the middleware;
and the second configuration module is used for configuring the processing mode after the service request message is analyzed into a mode of forwarding the service request message to the server of the domain name pointed by the analyzed target request address when the address of the middleware is the same as the address of the home terminal.
In one embodiment, the data processing apparatus 100 for implementing a cross-domain request on the web page side further includes an encryption module;
the analysis module is also used for analyzing the service data contained in the response message;
the encryption module is used for encrypting the analyzed service data and packaging the encrypted service data into the response message;
the sending module 15 is specifically configured to send the encrypted response message to the client through the dedicated channel by using the proxy service.
In the embodiment, the proxy service on the server performs data interaction with the client through the pre-created dedicated channel, so that the data processing authority of the user on the server is higher, the service data in the response message can be encrypted, the service data of the user can be prevented from being stolen, and the security of data transmission is improved.
In one embodiment, the data processing apparatus 100 for implementing a cross-domain request at the web page further includes a determining module and a tagging module:
the analysis module is also used for analyzing the request parameters contained in the response message;
the judging module is used for judging whether the request parameters contain preset request parameters to be signed, and if so, the corresponding request parameters are signed;
and the tagging module is used for packaging the request parameter subjected to tagging in the response message.
In the http request interaction process, request parameters are transmitted in the form of URL or request body, and due to the openness of the http request, the request parameters are easily intercepted and tampered, the proxy service on the server provided in this embodiment performs data interaction with the client through a pre-created dedicated channel, so that the data processing authority of the user on the server is higher, the sensitive request parameters are signed, then the receiver is requested to check the request parameters, it is ensured that the two signatures are the same, the service logic processing is allowed to be performed only after the check is passed, and the request parameters are prevented from being intercepted and tampered.
Optionally, the data processing apparatus for implementing a cross-domain request at the web page side further includes:
the parameter receiving module is used for receiving a request parameter to be signed input by a user;
and the parameter storage module is used for storing the received request parameter in a database list as the preset request parameter to be signed.
Wherein the meaning of "first" and "second" in the above modules/units is only to distinguish different modules/units, and is not used to define which module/unit has higher priority or other defining meaning. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or modules is not necessarily limited to those steps or modules explicitly listed, but may include other steps or modules not explicitly listed or inherent to such process, method, article, or apparatus, and such that a division of modules presented in this application is merely a logical division and may be implemented in a practical application in a further manner.
For specific limitations of the data processing apparatus for implementing the cross-domain request at the web page side, reference may be made to the above limitations of the data processing method for implementing the cross-domain request at the web page side, and details are not described here. All modules in the data processing device for realizing the cross-domain request at the webpage end can be completely or partially realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing data involved in the data processing method for realizing the cross-domain request at the webpage end. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to realize a data processing method for realizing cross-domain request at a webpage end.
In one embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor executes the computer program to implement the steps of the data processing method for implementing a cross-domain request on a web page side in the foregoing embodiments, such as the steps 101 to 105 shown in fig. 2 and other extensions of the method and related steps. Alternatively, the processor, when executing the computer program, implements the functions of the modules/units of the data processing apparatus for implementing the cross-domain request at the web page side in the above embodiments, such as the modules 11 to 16 shown in fig. 5. To avoid repetition, further description is omitted here.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like which is the control center for the computer device and which connects the various parts of the overall computer device using various interfaces and lines.
The memory may be used to store the computer programs and/or modules, and the processor may implement various functions of the computer device by running or executing the computer programs and/or modules stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, video data, etc.) created according to the use of the cellular phone, etc.
The memory may be integrated in the processor or may be provided separately from the processor.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the data processing method for implementing a cross-domain request on a web page side in the above embodiments, such as the extensions of step 101 to step 105 and other extensions and related steps of the method shown in fig. 2. Alternatively, the computer program, when executed by the processor, implements the functions of the modules/units of the data processing apparatus for implementing the cross-domain request at the web page side in the above embodiments, such as the functions of the modules 11 to 15 shown in fig. 5. To avoid repetition, further description is omitted here.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.
Claims (10)
1. A data processing method for realizing cross-domain request at a webpage end is characterized by comprising the following steps:
receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, wherein the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-established dedicated channel;
analyzing an address variable carried by the head of the service request message;
obtaining the value of the address variable to obtain a target request address;
forwarding the service request message to a server of a domain name pointed by the target request address through the proxy service;
and when a response message returned by the server pointed by the target request address is received, the response message is sent to the client by using the dedicated channel through the proxy service.
2. The data processing method for implementing a cross-domain request on the web page side according to claim 1, wherein the step of deploying the proxy service on the server comprises:
configuring the name of a packet management tool and the address of the middleware contained in the service request message;
analyzing the data part of the service request message through a packet management tool corresponding to the name of the packet management tool to obtain the address of the middleware;
and when the address of the middleware is the same as the address of the home terminal, configuring the processing mode after the service request message is analyzed into a mode of forwarding the service request message to a server of the domain name indicated by the analyzed target request address.
3. The data processing method for implementing a cross-domain request at a web page end according to claim 1, wherein when receiving a response packet returned by the server indicated by the target request address, the method further comprises:
analyzing the service data contained in the response message;
and encrypting the analyzed service data, and packaging the encrypted service data into the response message.
4. The data processing method for implementing a cross-domain request at a web page end according to claim 1, wherein when receiving a response packet returned by the server indicated by the target request address, the method further comprises:
analyzing the request parameters contained in the response message;
judging whether the request parameters contain preset request parameters to be signed, if so, carrying out signing processing on the corresponding request parameters;
and encapsulating the request parameter of the tagging processing in the response message.
5. The data processing method for realizing the cross-domain request at the webpage end according to any one of claims 1 to 4, wherein the method further comprises the following steps:
when the server forwarding the service request message to the domain name pointed by the target request address fails, feeding back a first status code to the client;
and when the response message is failed to be sent to the client by using the exclusive channel, feeding back a second state code to the server.
6. A data processing apparatus for implementing a cross-domain request at a web page side, the apparatus comprising:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a service request message initiated by a webpage from a client through a pre-deployed proxy service, the proxy service is deployed on a server with the same domain name as the webpage, and the proxy service on the server receives the service request message through a pre-established dedicated channel;
the analysis module is used for analyzing the address variable carried by the head of the service request message;
the address acquisition module is used for acquiring the value of the address variable to obtain a target request address;
a forwarding module, configured to forward the service request packet to a server of a domain name to which the target request address refers through the proxy service;
and the sending module is used for sending the response message to the client by using the dedicated channel through the proxy service when receiving the response message returned by the server pointed by the target request address.
7. The data processing apparatus for implementing a cross-domain request on a web page side according to claim 6, wherein the apparatus further comprises:
a first configuration module, configured to configure a name of a packet management tool and an address of a middleware included in the service request packet;
the analysis unit is used for analyzing the data part of the service request message through a packet management tool corresponding to the name of the packet management tool to obtain the address of the middleware;
and the second configuration module is used for configuring the processing mode after the service request message is analyzed into a mode of forwarding the service request message to the server of the domain name indicated by the analyzed target request address when the address of the middleware is the same as the address of the home terminal.
8. The data processing device for implementing the cross-domain request at the webpage end according to claim 6 or 7, wherein the device further comprises an encryption module;
the analysis module is also used for analyzing the service data contained in the response message;
the encryption module is used for encrypting the analyzed service data and packaging the encrypted service data into the response message.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the data processing method for implementing a cross-domain request at a web site according to any one of claims 1 to 5 when executing the computer program.
10. A computer-readable storage medium, which stores a computer program, wherein the computer program, when executed by a processor, implements the steps of the data processing method for implementing a cross-domain request at a web site according to any one of claims 1 to 5.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010350615.2A CN111666514A (en) | 2020-04-28 | 2020-04-28 | Data processing method and device for realizing cross-domain request at webpage end and related equipment |
| PCT/CN2020/118003 WO2021218018A1 (en) | 2020-04-28 | 2020-09-27 | Data processing method and apparatus for implementing cross-domain request at webpage end, and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010350615.2A CN111666514A (en) | 2020-04-28 | 2020-04-28 | Data processing method and device for realizing cross-domain request at webpage end and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111666514A true CN111666514A (en) | 2020-09-15 |
Family
ID=72382885
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010350615.2A Pending CN111666514A (en) | 2020-04-28 | 2020-04-28 | Data processing method and device for realizing cross-domain request at webpage end and related equipment |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN111666514A (en) |
| WO (1) | WO2021218018A1 (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112417355A (en) * | 2020-11-27 | 2021-02-26 | 深圳市和讯华谷信息技术有限公司 | Data interaction method, device and equipment based on long-connection single channel and storage medium |
| CN112612984A (en) * | 2020-12-03 | 2021-04-06 | 北京道亨软件股份有限公司 | Cross-domain forwarding proxy method and device |
| CN112653760A (en) * | 2020-12-22 | 2021-04-13 | 平安银行股份有限公司 | Cross-server file transmission method and device, electronic equipment and storage medium |
| CN113050992A (en) * | 2021-03-09 | 2021-06-29 | 瀚云科技有限公司 | Register address obtaining method, device, terminal and readable storage medium |
| CN113407383A (en) * | 2021-06-30 | 2021-09-17 | 迈普通信技术股份有限公司 | Main/standby system switching method and device, server and main/standby system |
| CN113419785A (en) * | 2021-06-29 | 2021-09-21 | 宝宝巴士股份有限公司 | Method and terminal for solving cross-domain security problem when WebView loads local page |
| WO2021218018A1 (en) * | 2020-04-28 | 2021-11-04 | 平安科技(深圳)有限公司 | Data processing method and apparatus for implementing cross-domain request at webpage end, and related device |
| CN113783972A (en) * | 2021-07-26 | 2021-12-10 | 福建野小兽健康科技有限公司 | Server domain name switching method and device |
| CN113839865A (en) * | 2021-11-30 | 2021-12-24 | 北京鲸鲮信息系统技术有限公司 | Management method and system for cross-domain call service |
| CN113992645A (en) * | 2021-12-23 | 2022-01-28 | 飞狐信息技术(天津)有限公司 | Request processing method and device, electronic equipment and storage medium |
| CN114172837A (en) * | 2021-12-16 | 2022-03-11 | 中国建设银行股份有限公司 | Information sharing method, device, apparatus, system, storage medium, and program product |
| CN114285659A (en) * | 2021-12-28 | 2022-04-05 | 深圳市酷开网络科技股份有限公司 | Reverse proxy method, device, equipment and storage medium |
| CN114363294A (en) * | 2020-09-27 | 2022-04-15 | 华为云计算技术有限公司 | Tenant server management method, device and system |
| CN114844693A (en) * | 2022-04-27 | 2022-08-02 | 深圳云创数安科技有限公司 | Lightweight communication data encryption method, device, equipment and storage medium |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114006935B (en) * | 2020-07-14 | 2023-11-21 | 成都鼎桥通信技术有限公司 | Private network terminal network access method, device and equipment |
| CN114051059B (en) * | 2021-11-10 | 2023-08-18 | 银联商务股份有限公司 | IDC transaction cross-domain decision method of remote double-activity system |
| CN114422166B (en) * | 2021-12-01 | 2024-08-16 | 奇安信科技集团股份有限公司 | Webpage access method and device, electronic equipment, medium and product |
| CN114510283B (en) * | 2021-12-23 | 2024-08-06 | 贝壳找房(北京)科技有限公司 | Page loading method and device, electronic equipment and storage medium |
| CN114422494A (en) * | 2022-01-18 | 2022-04-29 | 嘉兴优尼信息科技有限公司 | Request merging processing method for cross-country weak network environment |
| CN114513349A (en) * | 2022-01-29 | 2022-05-17 | 中国人民财产保险股份有限公司 | Method and device for determining source of micro-service requester |
| CN114640718B (en) * | 2022-03-18 | 2023-06-23 | 阿里云计算有限公司 | Data processing method and device based on data processing system |
| CN115086429B (en) * | 2022-05-16 | 2024-02-13 | 鼎捷软件股份有限公司 | Request integration system and request integration method |
| CN115150377B (en) * | 2022-07-06 | 2024-09-13 | 上海即科智能技术集团有限公司 | Simulation interface calling and processing method and device |
| CN115225717A (en) * | 2022-07-19 | 2022-10-21 | 杭州安恒信息技术股份有限公司 | Request management method, device, equipment and storage medium |
| CN116016167B (en) * | 2022-12-05 | 2024-09-03 | 中国建设银行股份有限公司 | Message processing method, device, storage medium and equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104065688A (en) * | 2013-03-22 | 2014-09-24 | 深圳市腾讯计算机系统有限公司 | Method for calling underlayer services and device thereof |
| CN104410711A (en) * | 2014-12-15 | 2015-03-11 | 北京国双科技有限公司 | Cross-domain network resource request method and device for client |
| CN105634904A (en) * | 2016-01-19 | 2016-06-01 | 深圳前海达闼云端智能科技有限公司 | SSLVPN proxy method, server, client and processing method thereof |
| CN107948329A (en) * | 2018-01-03 | 2018-04-20 | 湖南麓山云数据科技服务有限公司 | A kind of cross-domain processing method and system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9503501B2 (en) * | 2012-09-17 | 2016-11-22 | Salesforce.Com, Inc. | Cross domain in-browser proxy |
| US9697188B2 (en) * | 2013-11-15 | 2017-07-04 | Instart Logic, Inc. | Method to enable cross-origin resource sharing from a webpage inside a private network |
| CN111666514A (en) * | 2020-04-28 | 2020-09-15 | 平安科技(深圳)有限公司 | Data processing method and device for realizing cross-domain request at webpage end and related equipment |
-
2020
- 2020-04-28 CN CN202010350615.2A patent/CN111666514A/en active Pending
- 2020-09-27 WO PCT/CN2020/118003 patent/WO2021218018A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104065688A (en) * | 2013-03-22 | 2014-09-24 | 深圳市腾讯计算机系统有限公司 | Method for calling underlayer services and device thereof |
| CN104410711A (en) * | 2014-12-15 | 2015-03-11 | 北京国双科技有限公司 | Cross-domain network resource request method and device for client |
| CN105634904A (en) * | 2016-01-19 | 2016-06-01 | 深圳前海达闼云端智能科技有限公司 | SSLVPN proxy method, server, client and processing method thereof |
| CN107948329A (en) * | 2018-01-03 | 2018-04-20 | 湖南麓山云数据科技服务有限公司 | A kind of cross-domain processing method and system |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021218018A1 (en) * | 2020-04-28 | 2021-11-04 | 平安科技(深圳)有限公司 | Data processing method and apparatus for implementing cross-domain request at webpage end, and related device |
| CN114363294B (en) * | 2020-09-27 | 2024-03-15 | 华为云计算技术有限公司 | Management method, device and system of tenant server |
| CN114363294A (en) * | 2020-09-27 | 2022-04-15 | 华为云计算技术有限公司 | Tenant server management method, device and system |
| CN112417355B (en) * | 2020-11-27 | 2023-09-05 | 深圳市和讯华谷信息技术有限公司 | Data interaction method, device, equipment and storage medium based on long connection single channel |
| CN112417355A (en) * | 2020-11-27 | 2021-02-26 | 深圳市和讯华谷信息技术有限公司 | Data interaction method, device and equipment based on long-connection single channel and storage medium |
| CN112612984A (en) * | 2020-12-03 | 2021-04-06 | 北京道亨软件股份有限公司 | Cross-domain forwarding proxy method and device |
| CN112653760A (en) * | 2020-12-22 | 2021-04-13 | 平安银行股份有限公司 | Cross-server file transmission method and device, electronic equipment and storage medium |
| CN112653760B (en) * | 2020-12-22 | 2023-03-24 | 平安银行股份有限公司 | Cross-server file transmission method and device, electronic equipment and storage medium |
| CN113050992A (en) * | 2021-03-09 | 2021-06-29 | 瀚云科技有限公司 | Register address obtaining method, device, terminal and readable storage medium |
| CN113419785A (en) * | 2021-06-29 | 2021-09-21 | 宝宝巴士股份有限公司 | Method and terminal for solving cross-domain security problem when WebView loads local page |
| CN113419785B (en) * | 2021-06-29 | 2023-10-13 | 宝宝巴士股份有限公司 | Method and terminal for solving cross-domain security problem when WebView loads local page |
| CN113407383A (en) * | 2021-06-30 | 2021-09-17 | 迈普通信技术股份有限公司 | Main/standby system switching method and device, server and main/standby system |
| CN113407383B (en) * | 2021-06-30 | 2024-02-09 | 迈普通信技术股份有限公司 | Main and standby system switching method and device, server and main and standby system |
| CN113783972A (en) * | 2021-07-26 | 2021-12-10 | 福建野小兽健康科技有限公司 | Server domain name switching method and device |
| CN113839865A (en) * | 2021-11-30 | 2021-12-24 | 北京鲸鲮信息系统技术有限公司 | Management method and system for cross-domain call service |
| CN113839865B (en) * | 2021-11-30 | 2022-03-01 | 北京鲸鲮信息系统技术有限公司 | Management method and system for cross-domain call service |
| CN114172837A (en) * | 2021-12-16 | 2022-03-11 | 中国建设银行股份有限公司 | Information sharing method, device, apparatus, system, storage medium, and program product |
| CN113992645B (en) * | 2021-12-23 | 2022-03-01 | 飞狐信息技术(天津)有限公司 | Request processing method and device, electronic equipment and storage medium |
| CN113992645A (en) * | 2021-12-23 | 2022-01-28 | 飞狐信息技术(天津)有限公司 | Request processing method and device, electronic equipment and storage medium |
| CN114285659A (en) * | 2021-12-28 | 2022-04-05 | 深圳市酷开网络科技股份有限公司 | Reverse proxy method, device, equipment and storage medium |
| CN114285659B (en) * | 2021-12-28 | 2024-05-24 | 深圳市酷开网络科技股份有限公司 | Reverse proxy method, device, equipment and storage medium |
| CN114844693A (en) * | 2022-04-27 | 2022-08-02 | 深圳云创数安科技有限公司 | Lightweight communication data encryption method, device, equipment and storage medium |
| CN114844693B (en) * | 2022-04-27 | 2024-03-26 | 深圳云创数安科技有限公司 | Lightweight communication data encryption method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021218018A1 (en) | 2021-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111666514A (en) | Data processing method and device for realizing cross-domain request at webpage end and related equipment | |
| CN110781482B (en) | Login method, login device, computer equipment and storage medium | |
| CN110224996A (en) | Network Access Method, device, computer equipment and the storage medium of application program | |
| CN108718347B (en) | Domain name resolution method, system, device and storage medium | |
| CN108243188B (en) | Interface access, interface call and interface verification processing method and device | |
| CN106559405B (en) | Portal authentication method and equipment | |
| CN111193716A (en) | Service data calling method and device, computer equipment and storage medium | |
| CN113992642B (en) | Flow auditing method, device and related equipment of gateway proxy server | |
| CN111917900A (en) | Request processing method and device for domain name proxy | |
| CN112468540A (en) | Data distribution method, device and medium based on cloud platform | |
| CN112685669A (en) | Page rendering method and system | |
| CN112202795A (en) | Data processing method, gateway equipment and medium | |
| WO2014094240A1 (en) | Internet application interaction method, device and system | |
| US10225358B2 (en) | Page push method, device, server and system | |
| WO2023273693A1 (en) | Dynamic loading method and apparatus for signature algorithm, and device and storage medium | |
| CN115297098A (en) | Edge service acquisition method and device, edge computing system, medium and equipment | |
| CN112492004A (en) | Method, device, system and storage medium for establishing local communication link | |
| CN109614188B (en) | Page online help method and device, computer equipment and storage medium | |
| CN108259477B (en) | Network access control method and device based on SDN and computer equipment | |
| US20210195418A1 (en) | A technique for authenticating data transmitted over a cellular network | |
| US9602588B2 (en) | Transmission of data streams between a terminal device and a security module | |
| CN110022332B (en) | Hypertext transfer security protocol proxy method, device, equipment and medium | |
| CN113596105B (en) | Content acquisition method, edge node and computer readable storage medium | |
| CN115225652B (en) | Method and system for determining edge service platform, electronic equipment and storage medium | |
| CN114978748A (en) | Login control method and device, readable storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |