CN115052037A - Client detection method, device, storage medium and equipment - Google Patents

Client detection method, device, storage medium and equipment Download PDF

Info

Publication number
CN115052037A
CN115052037A CN202210965557.3A CN202210965557A CN115052037A CN 115052037 A CN115052037 A CN 115052037A CN 202210965557 A CN202210965557 A CN 202210965557A CN 115052037 A CN115052037 A CN 115052037A
Authority
CN
China
Prior art keywords
target
name
request
domain name
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210965557.3A
Other languages
Chinese (zh)
Other versions
CN115052037B (en
Inventor
林起开
景博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sohu New Power Information Technology Co ltd
Original Assignee
Beijing Sohu New Power Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sohu New Power Information Technology Co ltd filed Critical Beijing Sohu New Power Information Technology Co ltd
Priority to CN202210965557.3A priority Critical patent/CN115052037B/en
Publication of CN115052037A publication Critical patent/CN115052037A/en
Application granted granted Critical
Publication of CN115052037B publication Critical patent/CN115052037B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The application discloses a client detection method, a device, a storage medium and equipment, wherein the method comprises the following steps: calling a preset agent tool, and intercepting each network request sent to a server by a client; determining a target domain name and a target interface name based on request parameters contained in each network request and a preset keyword dictionary; after receiving a detection command input by a user, acquiring a code engineering name corresponding to a target domain name from a first mapping relation table; acquiring a code module name corresponding to the target interface name from the second mapping relation table; and generating a client detection result based on the code engineering name corresponding to the target domain name and the code module name corresponding to the target interface name. The method can realize the analysis of the bottom logic of the client, does not need to manually use a special test tool to check the network request of the client, and obviously improves the checking efficiency of the network request, thereby effectively reducing the time cost required by the detection process of the client.

Description

客户端检测方法、装置、存储介质和设备Client detection method, apparatus, storage medium and device

技术领域technical field

本申请涉及应用开发领域,尤其涉及一种客户端检测方法、装置、存储介质和设备。The present application relates to the field of application development, and in particular, to a client detection method, apparatus, storage medium and device.

背景技术Background technique

在应用开发领域中,需要测试对客户端(例如手机应用等)进行业务测试,以确保客户端提供的服务功能符合规定要求(例如网络监管部门下发的隐私收集要求)。现阶段所采用的客户端检测方式普遍为:人工使用专门的检测工具,对客户端进行抓包测试,具体的,逐一检查客户端的网络请求,并分析网络请求是否符合规定要求,若网络请求不符合规定要求,则将生成网络请求的代码工程标识为违规代码。受限于人力因素,以及海量网络请求的业务场景,客户端的检测过程需花费大量时间成本。In the field of application development, it is necessary to conduct business tests on clients (such as mobile phone applications, etc.) to ensure that the service functions provided by the clients meet the specified requirements (such as the privacy collection requirements issued by the network supervision department). The client detection methods adopted at this stage are generally as follows: manually use special detection tools to perform packet capture tests on the clients. Specifically, check the network requests of the clients one by one, and analyze whether the network requests meet the specified requirements. If the network requests do not meet the specified requirements, If the specified requirements are met, the code engineering that generates the network request will be identified as violating code. Limited by human factors and business scenarios with massive network requests, the detection process of the client takes a lot of time and cost.

发明内容SUMMARY OF THE INVENTION

本申请提供了一种客户端检测方法、装置、存储介质和设备,目的在于减少客户端检测过程所需的时间成本。The present application provides a client detection method, apparatus, storage medium and device, which aim to reduce the time cost required for the client detection process.

为了实现上述目的,本申请提供了以下技术方案:In order to achieve the above purpose, the application provides the following technical solutions:

一种客户端检测方法,包括:A client detection method, comprising:

调用预设代理工具,截获客户端发送给服务端的各个网络请求;Call the preset proxy tool to intercept each network request sent by the client to the server;

基于各个所述网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称;Determine the target domain name and target interface name based on the request parameters contained in each of the network requests and the preset keyword dictionary;

在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称;After receiving the detection command input by the user, obtain the code project name corresponding to the target domain name from the preconfigured first mapping table;

从预先配置的第二映射关系表中,获取与所述目标接口名称对应的代码模块名称;Obtain the code module name corresponding to the target interface name from the preconfigured second mapping table;

基于与所述目标域名对应的代码工程名称、与所述目标接口名称对应的代码模块名称,生成客户端检测结果。The client detection result is generated based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

可选的,所述网络请求包括网络地址以及多个请求参数,所述网络地址包括域名和接口名称;Optionally, the network request includes a network address and multiple request parameters, and the network address includes a domain name and an interface name;

所述基于各个所述网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称,包括:The target domain name and target interface name are determined based on the request parameters contained in each of the network requests and the preset keyword dictionary, including:

对于每个所述网络请求,从所述网络请求所包含的各个请求参数中,筛选出符合预设条件的请求参数,标识为目标请求参数;所述预设条件为:请求参数包含有预设关键字字典中的关键字;For each of the network requests, the request parameters that meet the preset conditions are screened out from the various request parameters included in the network request, and are identified as target request parameters; the preset conditions are: the request parameters include preset conditions keywords in the keyword dictionary;

将包含有至少一个所述目标请求参数的网络请求,标识为目标网络请求;Identifying a network request containing at least one of the target request parameters as a target network request;

将所述目标网络请求中网络地址所示的域名,标识为目标域名;The domain name shown in the network address in the target network request is identified as the target domain name;

将所述目标网络请求中网络地址所示的接口名称,标识为目标接口名称。The interface name indicated by the network address in the target network request is identified as the target interface name.

可选的,所述将所述目标网络请求中网络地址所示的接口名称,标识为目标接口名称之后,还包括:Optionally, after identifying the interface name shown by the network address in the target network request as the target interface name, the method further includes:

基于所述目标网络请求中所包含的目标请求参数、目标域名以及目标接口名称,构建检索结果文件;Build a retrieval result file based on the target request parameter, target domain name and target interface name contained in the target network request;

按照预设文件存储路径,将所述检索结果文件保存到本地数据库中。According to the preset file storage path, the retrieval result file is saved in the local database.

可选的,所述在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称,包括:Optionally, after receiving the detection command input by the user, obtain the code project name corresponding to the target domain name from the preconfigured first mapping table, including:

在接收到用户输入的检测命令后,从所述本地数据库中获取所述检索结果文件,并对所述检索结果文件进行解析,得到所述目标域名、所述目标接口名称;After receiving the detection command input by the user, obtain the retrieval result file from the local database, and parse the retrieval result file to obtain the target domain name and the target interface name;

从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称。Obtain the code project name corresponding to the target domain name from the preconfigured first mapping relationship table.

可选的,所述基于与所述目标域名对应的代码工程名称、与所述目标接口名称对应的代码模块名称,生成客户端检测结果之后,还包括:Optionally, after generating the client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name, the method further includes:

通过预设件向所述用户展示所述客户端检测结果。The client detection result is displayed to the user through a preset component.

一种客户端检测装置,包括:A client detection device, comprising:

请求获取单元,用于调用预设代理工具,截获客户端发送给服务端的各个网络请求;a request acquisition unit, used to call a preset proxy tool to intercept each network request sent by the client to the server;

确定单元,用于基于各个所述网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称;a determining unit, configured to determine the target domain name and the target interface name based on the request parameters contained in each of the network requests and the preset keyword dictionary;

第一获取单元,用于在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称;a first obtaining unit, configured to obtain the code project name corresponding to the target domain name from the preconfigured first mapping relationship table after receiving the detection command input by the user;

第二获取单元,用于从预先配置的第二映射关系表中,获取与所述目标接口名称对应的代码模块名称;a second obtaining unit, configured to obtain the code module name corresponding to the target interface name from the preconfigured second mapping table;

结果生成单元,用于基于与所述目标域名对应的代码工程名称、与所述目标接口名称对应的代码模块名称,生成客户端检测结果。A result generating unit, configured to generate a client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

可选的,所述网络请求包括网络地址以及多个请求参数,所述网络地址包括域名和接口名称;Optionally, the network request includes a network address and multiple request parameters, and the network address includes a domain name and an interface name;

所述确定单元具体用于:The determining unit is specifically used for:

对于每个所述网络请求,从所述网络请求所包含的各个请求参数中,筛选出符合预设条件的请求参数,标识为目标请求参数;所述预设条件为:请求参数包含有预设关键字字典中的关键字;For each of the network requests, the request parameters that meet the preset conditions are screened out from the various request parameters included in the network request, and are identified as target request parameters; the preset conditions are: the request parameters include preset conditions keywords in the keyword dictionary;

将包含有至少一个所述目标请求参数的网络请求,标识为目标网络请求;Identifying a network request containing at least one of the target request parameters as a target network request;

将所述目标网络请求中网络地址所示的域名,标识为目标域名;The domain name shown in the network address in the target network request is identified as the target domain name;

将所述目标网络请求中网络地址所示的接口名称,标识为目标接口名称。The interface name indicated by the network address in the target network request is identified as the target interface name.

可选的,所述确定单元还用于:Optionally, the determining unit is also used for:

基于所述目标网络请求中所包含的目标请求参数、目标域名以及目标接口名称,构建检索结果文件;Build a retrieval result file based on the target request parameter, target domain name and target interface name contained in the target network request;

按照预设文件存储路径,将所述检索结果文件保存到本地数据库中。According to the preset file storage path, the retrieval result file is saved in the local database.

一种计算机可读存储介质,所述计算机可读存储介质包括存储的程序,其中,所述程序执行所述的客户端检测方法。A computer-readable storage medium comprising a stored program, wherein the program executes the client detection method.

一种客户端检测设备,包括:处理器、存储器和总线;所述处理器与所述存储器通过所述总线连接;A client detection device, comprising: a processor, a memory and a bus; the processor and the memory are connected through the bus;

所述存储器用于存储程序,所述处理器用于运行程序,其中,所述程序运行时执行所述的客户端检测方法。The memory is used for storing a program, and the processor is used for running the program, wherein the client detection method is executed when the program is running.

本申请提供的技术方案,调用预设代理工具,截获客户端发送给服务端的各个网络请求。基于各个网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称。在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与目标域名对应的代码工程名称。从预先配置的第二映射关系表中,获取与目标接口名称对应的代码模块名称。基于与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,生成客户端检测结果。本申请基于网络请求、预设关键字字典、第一映射关系表和第二映射关系,确定与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,可实现对客户端的底层逻辑的有效检查,无需人为使用专门测试工具对客户端所生成的网络请求进行检查,网络请求的检查效率得到明显提高,从而有效减少客户端检测过程所需的时间成本。The technical solution provided by the present application calls a preset proxy tool to intercept each network request sent by the client to the server. Based on the request parameters included in each network request and the preset keyword dictionary, the target domain name and the target interface name are determined. After receiving the detection command input by the user, the code project name corresponding to the target domain name is acquired from the preconfigured first mapping relationship table. The code module name corresponding to the target interface name is obtained from the preconfigured second mapping relationship table. Based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name, the client detection result is generated. This application determines the code project name corresponding to the target domain name and the code module name corresponding to the target interface name based on the network request, the preset keyword dictionary, the first mapping relationship table and the second mapping relationship, which can realize the underlying logic of the client There is no need to manually use special testing tools to check the network requests generated by the client, and the efficiency of checking network requests is significantly improved, thereby effectively reducing the time and cost of the client detection process.

附图说明Description of drawings

为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the following briefly introduces the accompanying drawings required for the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments of the present application. For those of ordinary skill in the art, other drawings can also be obtained based on these drawings without any creative effort.

图1a为本申请实施例提供的一种客户端检测方法的流程示意图;FIG. 1a is a schematic flowchart of a client detection method provided by an embodiment of the present application;

图1b为本申请实施例提供的一种客户端检测方法的流程示意图;FIG. 1b is a schematic flowchart of a client detection method provided by an embodiment of the present application;

图2为本申请实施例提供的另一种客户端检测方法的流程示意图;FIG. 2 is a schematic flowchart of another client detection method provided by an embodiment of the present application;

图3为本申请实施例提供的一种客户端检测装置的架构示意图。FIG. 3 is a schematic structural diagram of a client detection apparatus according to an embodiment of the present application.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

如图1a和图1b所示,为本申请实施例提供的一种客户端检测方法的流程示意图,包括如下步骤:As shown in FIG. 1a and FIG. 1b, a schematic flowchart of a client detection method provided by an embodiment of the present application includes the following steps:

S101:调用预设代理工具,截获客户端发送给服务端的各个网络请求。S101: Invoke a preset proxy tool to intercept each network request sent by the client to the server.

其中,预设代理工具包括但不限于为:Mitmproxy。The preset proxy tools include but are not limited to: Mitmproxy.

在本申请实施例中,网络请求包括网络地址(俗称为url地址)、多个请求参数、每个请求参数的参数值。此外,网络地址包括域名和接口名称。In this embodiment of the present application, the network request includes a network address (commonly referred to as a url address), multiple request parameters, and a parameter value of each request parameter. In addition, the network address includes the domain name and interface name.

一般来讲,网络请求的类型包括get请求和post请求,具体的,以post请求为例,post请求所包含的信息具体为:Generally speaking, the types of network requests include get requests and post requests. Specifically, taking the post request as an example, the information contained in the post request is as follows:

https://api.tv.sohu.com/v4/album/isDanmu.jsongid=x010740202ff141a6c1b3607200029c9c8e45d4f3ac3&mnc=-2&sver=8.9.71&area_code=3901&sysver=9&ua=Mozilla/5.0(Linux;Android9;PAR-AL00Build/HUAWEIPAR-AL00;wv)AppleWebKit/537.36(KHTML,likeGecko)Version/4.0Chrome/79.0.3945.116MobileSafari/537.36SohuVideoMobile/8.9.71(Platform/AndroidPhone;Android/9)&ssl=1&poid=1&tid=1&vid=7313687&uid=fefd8577-ffcc-1ba5-b37b-5dbfff78c8743d&ipcode=3901&site=1&partner=1006034759&api_key=9854b2afa779e1a6bff1962447a09dbd&has_barrage=1&appid=107402&abmode=1A_35A_43A_71A_79B_75A_87B_91A_9998B&plat=6&aid=9729417。https://api.tv.sohu.com/v4/album/isDanmu.jsongid=x010740202ff141a6c1b3607200029c9c8e45d4f3ac3&mnc=-2&sver=8.9.71&area_code=3901&sysver=9&ua=Mozilla/5.0(Linux;Android9;PAR-ALv00Build/HUAWEIPAR )AppleWebKit/537.36(KHTML,likeGecko)Version/4.0Chrome/79.0.3945.116MobileSafari/537.36SohuVideoMobile/8.9.71(Platform/AndroidPhone;Android/9)&ssl=1&poid=1&tid=1&vid=7313687&uid=fefd8577-ffcc-1ba5- b37b-5dbfff78c8743d&ipcode=3901&site=1&partner=1006034759&api_key=9854b2afa779e1a6bff1962447a09dbd&has_barrage=1&appid=107402&abmode=1A_35A_43A_71A_79B_75A_87B_91A_9998B&plat=6&aid=9729417。

在上述具体示例中,https://api.tv.sohu.com/v4/album/isDanmu.json代表网络地址,诸如gid、mnc、sver等位于“=”之前的字符串,均代表请求参数,相应的,诸如x010740202ff141a6c1b3607200029c9c8e45d4f3ac3、-2、8.9.71、等位于“=”之后的字符串,均代表请求参数的参数值。以mnc=-2为例,mnc代表请求参数,-2代表mnc的参数值。此外,album以及isDanmu均代表接口名称,api.tv.sohu代表域名。In the above specific example, https://api.tv.sohu.com/v4/album/isDanmu.json represents the network address, and strings such as gid, mnc, sver, etc. before "=" all represent request parameters. Correspondingly, strings such as x010740202ff141a6c1b3607200029c9c8e45d4f3ac3, -2, 8.9.71, etc. after "=" all represent the parameter value of the request parameter. Take mnc=-2 as an example, mnc represents the request parameter, and -2 represents the parameter value of mnc. In addition, album and isDanmu both represent the interface name, and api.tv.sohu represents the domain name.

需要说明的是,上述具体实现过程仅仅用于举例说明。It should be noted that the above-mentioned specific implementation process is only used for illustration.

S102:对于每个网络请求,从网络请求所包含的各个请求参数中,筛选出符合预设条件的请求参数,标识为目标请求参数。S102: For each network request, from each request parameter included in the network request, filter out request parameters that meet preset conditions, and identify them as target request parameters.

其中,预设条件为:请求参数包含有预设关键字字典中的关键字。The preset condition is: the request parameter contains the keywords in the preset keyword dictionary.

具体的,假设预设关键字字典所包含的关键字为:mnc以及sver,此外,网络请求所包含的请求参数为:gid、mnc、sver、vid。明显的,网络请求包含有目标关键字mnc以及sver。Specifically, it is assumed that the keywords contained in the preset keyword dictionary are: mnc and sver, and the request parameters contained in the network request are: gid, mnc, sver, and vid. Obviously, the network request contains the target keywords mnc and sver.

需要说明的是,上述具体实现过程仅仅用于举例说明。It should be noted that the above-mentioned specific implementation process is only used for illustration.

S103:将包含有至少一个目标请求参数的网络请求,标识为目标网络请求。S103: Identify the network request including at least one target request parameter as the target network request.

S104:将目标网络请求中网络地址所示的域名,标识为目标域名。S104: Identify the domain name indicated by the network address in the target network request as the target domain name.

S105:将目标网络请求中网络地址所示的接口名称,标识为目标接口名称。S105: Identify the interface name indicated by the network address in the target network request as the target interface name.

S106:基于目标网络请求中所包含的目标请求参数、目标域名以及目标接口名称,构建检索结果文件。S106: Construct a retrieval result file based on the target request parameter, target domain name and target interface name included in the target network request.

S107:按照预设文件存储路径,将检索结果文件保存到本地数据库中。S107: Save the retrieval result file in the local database according to the preset file storage path.

其中,预设文件存储路径可由技术人员根据实际情况进行设置,本申请实施例不做限定。The preset file storage path may be set by a technician according to the actual situation, which is not limited in the embodiment of the present application.

S108:在接收到用户输入的检测命令后,从本地数据库中获取检索结果文件,并对检索结果文件进行解析,得到目标域名、目标接口名称。S108: After receiving the detection command input by the user, obtain the retrieval result file from the local database, and parse the retrieval result file to obtain the target domain name and the target interface name.

S109:从预先配置的第一映射关系表中,获取与目标域名对应的代码工程名称。S109: Acquire the code project name corresponding to the target domain name from the preconfigured first mapping relationship table.

其中,第一映射关系表包括多个域名,以及与每个域名对应的代码工程名称。Wherein, the first mapping relationship table includes a plurality of domain names, and a code project name corresponding to each domain name.

一般来讲,不同的代码工程名称均归属于不同的代码工程。所谓的代码工程,即为客户端提供服务功能的底层逻辑,例如,接口服务工程为客户端提供接口服务功能的底层逻辑。Generally speaking, different code project names belong to different code projects. The so-called code engineering refers to the underlying logic of providing service functions for clients. For example, the interface service engineering provides the underlying logic of interface service functions for clients.

S110:从预先配置的第二映射关系表中,获取与目标接口名称对应的代码模块名称。S110: Acquire the code module name corresponding to the target interface name from the preconfigured second mapping relationship table.

其中,第二映射关系表包括多个接口名称,以及与每个接口名称对应的代码模块名称。Wherein, the second mapping relationship table includes a plurality of interface names, and a code module name corresponding to each interface name.

一般来讲,不同的代码模块名称归属于不同的代码模块。所谓的代码模块,即为客户端提供单一用途功能的方法逻辑,例如,视频播放模块为提供视频播放功能的方法逻辑。Generally speaking, different code module names belong to different code modules. The so-called code module is the method logic that provides a single-purpose function for the client, for example, the video playback module is the method logic that provides the video playback function.

S111:基于与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,生成客户端检测结果。S111: Generate a client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

S112:通过预设界面向用户展示客户端检测结果。S112: Display the client detection result to the user through a preset interface.

综上所述,本实施例基于网络请求、预设关键字字典、第一映射关系表和第二映射关系,确定与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,可实现对客户端的底层逻辑的有效检查,无需人为使用专门测试工具对客户端所生成的网络请求进行检查,网络请求的检查效率得到明显提高,从而有效减少客户端检测过程所需的时间成本。To sum up, in this embodiment, the code project name corresponding to the target domain name and the code module name corresponding to the target interface name are determined based on the network request, the preset keyword dictionary, the first mapping relationship table and the second mapping relationship. Effective inspection of the underlying logic of the client is realized without the need to manually use special testing tools to inspect the network requests generated by the client, and the inspection efficiency of network requests is significantly improved, thereby effectively reducing the time and cost of the client detection process.

需要说明的是,上述实施例提及的S102,为本申请实施例所示客户端检测方法的一种可选的实现方式。此外,上述实施例提及的S112,也为本申请实施例所示客户端检测方法的一种可选的实现方式。为此,上述实施例提及的流程,可以概括为图2所示的方法。It should be noted that, S102 mentioned in the foregoing embodiment is an optional implementation manner of the client detection method shown in the embodiment of the present application. In addition, S112 mentioned in the above embodiment is also an optional implementation manner of the client detection method shown in the embodiment of the present application. For this reason, the processes mentioned in the above embodiments can be summarized as the method shown in FIG. 2 .

如图2所示,为本申请实施例提供的另一种客户端检测方法的流程示意图,包括如下步骤:As shown in FIG. 2, a schematic flowchart of another client detection method provided by an embodiment of the present application includes the following steps:

S201:调用预设代理工具,截获客户端发送给服务端的各个网络请求。S201: Call a preset proxy tool to intercept each network request sent by the client to the server.

S202:基于各个网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称。S202: Determine the target domain name and the target interface name based on the request parameters included in each network request and the preset keyword dictionary.

S203:在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与目标域名对应的代码工程名称。S203: After receiving the detection command input by the user, obtain the code project name corresponding to the target domain name from the preconfigured first mapping relationship table.

S204:从预先配置的第二映射关系表中,获取与目标接口名称对应的代码模块名称。S204: Acquire the code module name corresponding to the target interface name from the preconfigured second mapping table.

S205:基于与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,生成客户端检测结果。S205: Generate a client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

综上所述,本实施例基于网络请求、预设关键字字典、第一映射关系表和第二映射关系,确定与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,可实现对客户端的底层逻辑的有效检查,无需人为使用专门测试工具对客户端所生成的网络请求进行检查,网络请求的检查效率得到明显提高,从而有效减少客户端检测过程所需的时间成本。To sum up, in this embodiment, the code project name corresponding to the target domain name and the code module name corresponding to the target interface name are determined based on the network request, the preset keyword dictionary, the first mapping relationship table and the second mapping relationship. Effective inspection of the underlying logic of the client is realized without the need to manually use special testing tools to inspect the network requests generated by the client, and the inspection efficiency of network requests is significantly improved, thereby effectively reducing the time and cost of the client detection process.

与上述本申请实施例提供的客户端检测方法相对应,本申请实施例还提供了一种客户端检测装置。Corresponding to the client detection method provided by the above embodiments of the present application, the embodiments of the present application further provide a client detection apparatus.

如图3所示,为本申请实施例提供的一种客户端检测装置的架构示意图,包括:As shown in FIG. 3 , a schematic diagram of the architecture of a client detection apparatus provided by an embodiment of the present application includes:

请求获取单元100,用于调用预设代理工具,截获客户端发送给服务端的各个网络请求。The request obtaining unit 100 is configured to call a preset proxy tool to intercept each network request sent by the client to the server.

确定单元200,用于基于各个网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称。The determining unit 200 is configured to determine the target domain name and the target interface name based on the request parameters included in each network request and the preset keyword dictionary.

可选的,网络请求包括网络地址以及多个请求参数,网络地址包括域名和接口名称。Optionally, the network request includes a network address and multiple request parameters, and the network address includes a domain name and an interface name.

确定单元200具体用于:对于每个网络请求,从网络请求所包含的各个请求参数中,筛选出符合预设条件的请求参数,标识为目标请求参数;预设条件为:请求参数包含有预设关键字字典中的关键字;将包含有至少一个目标请求参数的网络请求,标识为目标网络请求;将目标网络请求中网络地址所示的域名,标识为目标域名;将目标网络请求中网络地址所示的接口名称,标识为目标接口名称。The determining unit 200 is specifically configured to: for each network request, from various request parameters included in the network request, filter out the request parameters that meet the preset conditions, and identify them as target request parameters; the preset conditions are: the request parameters include preset conditions. Set the keyword in the keyword dictionary; mark the network request containing at least one target request parameter as the target network request; mark the domain name shown by the network address in the target network request as the target domain name; mark the network request in the target network request as the target domain name The interface name indicated by the address, identified as the target interface name.

确定单元200还用于:基于目标网络请求中所包含的目标请求参数、目标域名以及目标接口名称,构建检索结果文件;按照预设文件存储路径,将检索结果文件保存到本地数据库中。The determining unit 200 is further configured to: construct a retrieval result file based on the target request parameters, target domain name and target interface name included in the target network request; and store the retrieval result file in a local database according to a preset file storage path.

第一获取单元300,用于在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与目标域名对应的代码工程名称。The first obtaining unit 300 is configured to obtain the code project name corresponding to the target domain name from the preconfigured first mapping relationship table after receiving the detection command input by the user.

可选的,第一获取单元300具体用于:在接收到用户输入的检测命令后,从本地数据库中获取检索结果文件,并对检索结果文件进行解析,得到目标域名、目标接口名称;从预先配置的第一映射关系表中,获取与目标域名对应的代码工程名称。Optionally, the first obtaining unit 300 is specifically configured to: after receiving the detection command input by the user, obtain the retrieval result file from the local database, and parse the retrieval result file to obtain the target domain name and target interface name; In the configured first mapping relationship table, the code project name corresponding to the target domain name is obtained.

第二获取单元400,用于从预先配置的第二映射关系表中,获取与目标接口名称对应的代码模块名称。The second obtaining unit 400 is configured to obtain the code module name corresponding to the target interface name from the preconfigured second mapping relationship table.

结果生成单元500,用于基于与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,生成客户端检测结果。The result generating unit 500 is configured to generate a client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

结果展示单元600,用于通过预设件向用户展示客户端检测结果。The result display unit 600 is configured to display the client detection result to the user through a preset component.

综上所述,本实施例基于网络请求、预设关键字字典、第一映射关系表和第二映射关系,确定与目标域名对应的代码工程名称、与目标接口名称对应的代码模块名称,可实现对客户端的底层逻辑的有效检查,无需人为使用专门测试工具对客户端所生成的网络请求进行检查,网络请求的检查效率得到明显提高,从而有效减少客户端检测过程所需的时间成本。To sum up, in this embodiment, the code project name corresponding to the target domain name and the code module name corresponding to the target interface name are determined based on the network request, the preset keyword dictionary, the first mapping relationship table and the second mapping relationship. Effective inspection of the underlying logic of the client is realized without the need to manually use special testing tools to inspect the network requests generated by the client, and the inspection efficiency of network requests is significantly improved, thereby effectively reducing the time and cost of the client detection process.

本申请还提供了一种计算机可读存储介质,计算机可读存储介质包括存储的程序,其中,程序执行上述本申请提供的客户端检测方法。The present application also provides a computer-readable storage medium, where the computer-readable storage medium includes a stored program, wherein the program executes the client detection method provided by the present application.

本申请还提供了一种客户端检测设备,包括:处理器、存储器和总线。处理器与存储器通过总线连接,存储器用于存储程序,处理器用于运行程序,其中,程序运行时执行上述本申请提供的客户端检测方法,包括如下步骤:The present application also provides a client detection device, including: a processor, a memory and a bus. The processor and the memory are connected through a bus, the memory is used for storing the program, and the processor is used for running the program, wherein, when the program is running, the above-mentioned client detection method provided by the present application is executed, including the following steps:

调用预设代理工具,截获客户端发送给服务端的各个网络请求;Call the preset proxy tool to intercept each network request sent by the client to the server;

基于各个所述网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称;Determine the target domain name and target interface name based on the request parameters contained in each of the network requests and the preset keyword dictionary;

在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称;After receiving the detection command input by the user, obtain the code project name corresponding to the target domain name from the preconfigured first mapping table;

从预先配置的第二映射关系表中,获取与所述目标接口名称对应的代码模块名称;Obtain the code module name corresponding to the target interface name from the preconfigured second mapping table;

基于与所述目标域名对应的代码工程名称、与所述目标接口名称对应的代码模块名称,生成客户端检测结果。The client detection result is generated based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name.

具体的,在上述实施例的基础上,所述网络请求包括网络地址以及多个请求参数,所述网络地址包括域名和接口名称;Specifically, on the basis of the above embodiment, the network request includes a network address and a plurality of request parameters, and the network address includes a domain name and an interface name;

所述基于各个所述网络请求中所包含的请求参数,以及预设关键字字典,确定目标域名、目标接口名称,包括:The target domain name and target interface name are determined based on the request parameters contained in each of the network requests and the preset keyword dictionary, including:

对于每个所述网络请求,从所述网络请求所包含的各个请求参数中,筛选出符合预设条件的请求参数,标识为目标请求参数;所述预设条件为:请求参数包含有预设关键字字典中的关键字;For each of the network requests, the request parameters that meet the preset conditions are screened out from the various request parameters included in the network request, and are identified as target request parameters; the preset conditions are: the request parameters include preset conditions keywords in the keyword dictionary;

将包含有至少一个所述目标请求参数的网络请求,标识为目标网络请求;Identifying a network request containing at least one of the target request parameters as a target network request;

将所述目标网络请求中网络地址所示的域名,标识为目标域名;The domain name shown in the network address in the target network request is identified as the target domain name;

将所述目标网络请求中网络地址所示的接口名称,标识为目标接口名称。The interface name indicated by the network address in the target network request is identified as the target interface name.

具体的,在上述实施例的基础上,所述将所述目标网络请求中网络地址所示的接口名称,标识为目标接口名称之后,还包括:Specifically, on the basis of the above-mentioned embodiment, after identifying the interface name shown by the network address in the target network request as the target interface name, the method further includes:

基于所述目标网络请求中所包含的目标请求参数、目标域名以及目标接口名称,构建检索结果文件;Build a retrieval result file based on the target request parameter, target domain name and target interface name contained in the target network request;

按照预设文件存储路径,将所述检索结果文件保存到本地数据库中。According to the preset file storage path, the retrieval result file is saved in the local database.

具体的,在上述实施例的基础上,所述在接收到用户输入的检测命令后,从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称,包括:Specifically, on the basis of the above embodiment, after receiving the detection command input by the user, the code project name corresponding to the target domain name is obtained from the pre-configured first mapping table, including:

在接收到用户输入的检测命令后,从所述本地数据库中获取所述检索结果文件,并对所述检索结果文件进行解析,得到所述目标域名、所述目标接口名称;After receiving the detection command input by the user, obtain the retrieval result file from the local database, and parse the retrieval result file to obtain the target domain name and the target interface name;

从预先配置的第一映射关系表中,获取与所述目标域名对应的代码工程名称。Obtain the code project name corresponding to the target domain name from the preconfigured first mapping relationship table.

具体的,在上述实施例的基础上,所述基于与所述目标域名对应的代码工程名称、与所述目标接口名称对应的代码模块名称,生成客户端检测结果之后,还包括:Specifically, on the basis of the above embodiment, after generating the client detection result based on the code project name corresponding to the target domain name and the code module name corresponding to the target interface name, the method further includes:

通过预设件向所述用户展示所述客户端检测结果。The client detection result is displayed to the user through a preset component.

本申请实施例方法所述的功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算设备可读取存储介质中。基于这样的理解,本申请实施例对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该软件产品存储在一个存储介质中,包括若干指令用以使得一台计算设备(可以是个人计算机,服务器,移动计算设备或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器、随机存取存储器、磁碟或者光盘等各种可以存储程序代码的介质。If the functions described in the methods of the embodiments of the present application are implemented in the form of software functional units and sold or used as independent products, they may be stored in a readable storage medium of a computing device. Based on this understanding, the part of the embodiments of the present application that contribute to the prior art or the part of the technical solution may be embodied in the form of a software product, and the software product is stored in a storage medium and includes several instructions to make a A computing device (which may be a personal computer, a server, a mobile computing device, or a network device, etc.) executes all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: a U disk, a removable hard disk, a read-only memory, a random access memory, a magnetic disk or an optical disk and other media that can store program codes.

本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其它实施例的不同之处,各个实施例之间相同或相似部分互相参见即可。The various embodiments in this specification are described in a progressive manner, and each embodiment focuses on the differences from other embodiments, and the same or similar parts between the various embodiments may be referred to each other.

对所公开的实施例的上述说明,使本领域专业技术人员能够实现或使用本申请。对这些实施例的多种修改对本领域的专业技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本申请的精神或范围的情况下,在其它实施例中实现。因此,本申请将不会被限制于本文所示的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。The above description of the disclosed embodiments enables any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the present application. Therefore, this application is not intended to be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A client detection method, comprising:
calling a preset agent tool, and intercepting each network request sent to a server by a client;
determining a target domain name and a target interface name based on request parameters contained in each network request and a preset keyword dictionary;
after receiving a detection command input by a user, acquiring a code engineering name corresponding to the target domain name from a pre-configured first mapping relation table;
acquiring a code module name corresponding to the target interface name from a second mapping relation table configured in advance;
and generating a client detection result based on the code engineering name corresponding to the target domain name and the code module name corresponding to the target interface name.
2. The method of claim 1, wherein the network request comprises a network address and a plurality of request parameters, wherein the network address comprises a domain name and an interface name;
the determining a target domain name and a target interface name based on the request parameters contained in each network request and a preset keyword dictionary includes:
for each network request, screening out request parameters meeting preset conditions from all request parameters contained in the network request, and identifying the request parameters as target request parameters; the preset conditions are as follows: the request parameter comprises a keyword in a preset keyword dictionary;
identifying a network request containing at least one of the target request parameters as a target network request;
identifying the domain name shown by the network address in the target network request as a target domain name;
and identifying the interface name shown by the network address in the target network request as a target interface name.
3. The method of claim 2, wherein after identifying the interface name indicated by the network address in the target network request as the target interface name, further comprising:
constructing a retrieval result file based on a target request parameter, a target domain name and a target interface name contained in the target network request;
and storing the retrieval result file into a local database according to a preset file storage path.
4. The method according to claim 3, wherein after receiving a detection command input by a user, acquiring a code engineering name corresponding to the target domain name from a first mapping relation table configured in advance, comprises:
after receiving a detection command input by a user, acquiring the retrieval result file from the local database, and analyzing the retrieval result file to obtain the target domain name and the target interface name;
and acquiring the code engineering name corresponding to the target domain name from a first mapping relation table configured in advance.
5. The method according to claim 1, wherein after generating the client detection result based on the code engineering name corresponding to the target domain name and the code module name corresponding to the target interface name, further comprising:
and displaying the client detection result to the user through a preset piece.
6. A client detection apparatus, comprising:
the request acquisition unit is used for calling a preset proxy tool and intercepting each network request sent to the server by the client;
the determining unit is used for determining a target domain name and a target interface name based on request parameters contained in each network request and a preset keyword dictionary;
the first obtaining unit is used for obtaining a code engineering name corresponding to the target domain name from a first mapping relation table configured in advance after receiving a detection command input by a user;
a second obtaining unit, configured to obtain, from a second mapping relationship table configured in advance, a code module name corresponding to the target interface name;
and the result generation unit is used for generating a client detection result based on the code engineering name corresponding to the target domain name and the code module name corresponding to the target interface name.
7. The apparatus of claim 6, wherein the network request comprises a network address and a plurality of request parameters, the network address comprising a domain name and an interface name;
the determining unit is specifically configured to:
for each network request, screening out request parameters meeting preset conditions from all request parameters contained in the network request, and identifying the request parameters as target request parameters; the preset conditions are as follows: the request parameter comprises a keyword in a preset keyword dictionary;
identifying a network request containing at least one target request parameter as a target network request;
identifying the domain name shown by the network address in the target network request as a target domain name;
and identifying the interface name shown by the network address in the target network request as a target interface name.
8. The apparatus of claim 7, wherein the determining unit is further configured to:
constructing a retrieval result file based on a target request parameter, a target domain name and a target interface name contained in the target network request;
and storing the retrieval result file into a local database according to a preset file storage path.
9. A computer-readable storage medium, characterized in that the computer-readable storage medium comprises a stored program, wherein the program performs the client detection method of any one of claims 1 to 5.
10. A client detection device, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing a program, and the processor is used for executing the program, wherein the program executes the client detection method according to any one of claims 1 to 5.
CN202210965557.3A 2022-08-12 2022-08-12 Client detection method, device, storage medium and equipment Active CN115052037B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210965557.3A CN115052037B (en) 2022-08-12 2022-08-12 Client detection method, device, storage medium and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210965557.3A CN115052037B (en) 2022-08-12 2022-08-12 Client detection method, device, storage medium and equipment

Publications (2)

Publication Number Publication Date
CN115052037A true CN115052037A (en) 2022-09-13
CN115052037B CN115052037B (en) 2022-12-27

Family

ID=83166561

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210965557.3A Active CN115052037B (en) 2022-08-12 2022-08-12 Client detection method, device, storage medium and equipment

Country Status (1)

Country Link
CN (1) CN115052037B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117492823A (en) * 2023-12-29 2024-02-02 珠海格力电器股份有限公司 Code acquisition method, device, electronic equipment and readable storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104700029A (en) * 2013-12-04 2015-06-10 中国移动通信集团广东有限公司 On-line detecting method, device and server for software
US20170041340A1 (en) * 2014-04-11 2017-02-09 Hdiv Security, S.L. Detection of manipulation of applications
CN109542758A (en) * 2018-09-29 2019-03-29 中国平安人寿保险股份有限公司 Application program fault-tolerant ability test method, device, computer readable storage medium
US20190141064A1 (en) * 2014-04-17 2019-05-09 Shape Security, Inc. Detecting attacks against a server computer based on characterizing user interactions with the client computing device
CN110351259A (en) * 2019-06-28 2019-10-18 深圳数位传媒科技有限公司 A kind of method and device obtaining APP authentication information based on network packet capturing
CN113489672A (en) * 2021-05-21 2021-10-08 浙江大学 Network sniffing-based REST interface specification packaging system
CN113726945A (en) * 2021-08-03 2021-11-30 贵州电子商务云运营有限责任公司 Cell phone app data automatic acquisition method based on frida framework
CN114168945A (en) * 2021-12-09 2022-03-11 绿盟科技集团股份有限公司 Method and device for detecting potential risk of sub-domain name

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104700029A (en) * 2013-12-04 2015-06-10 中国移动通信集团广东有限公司 On-line detecting method, device and server for software
US20170041340A1 (en) * 2014-04-11 2017-02-09 Hdiv Security, S.L. Detection of manipulation of applications
US20190141064A1 (en) * 2014-04-17 2019-05-09 Shape Security, Inc. Detecting attacks against a server computer based on characterizing user interactions with the client computing device
CN109542758A (en) * 2018-09-29 2019-03-29 中国平安人寿保险股份有限公司 Application program fault-tolerant ability test method, device, computer readable storage medium
CN110351259A (en) * 2019-06-28 2019-10-18 深圳数位传媒科技有限公司 A kind of method and device obtaining APP authentication information based on network packet capturing
CN113489672A (en) * 2021-05-21 2021-10-08 浙江大学 Network sniffing-based REST interface specification packaging system
CN113726945A (en) * 2021-08-03 2021-11-30 贵州电子商务云运营有限责任公司 Cell phone app data automatic acquisition method based on frida framework
CN114168945A (en) * 2021-12-09 2022-03-11 绿盟科技集团股份有限公司 Method and device for detecting potential risk of sub-domain name

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
文伟平等: "一种基于Android内核的APP敏感行为检测方法及实现", 《信息网络安全》 *
爱加密: "爱加密移动应用个人信息安全检测平台", 《HTTPS://MP.WEIXIN.QQ.COM/S/VWKNK5M5EX2EBT2ULLQG8G》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117492823A (en) * 2023-12-29 2024-02-02 珠海格力电器股份有限公司 Code acquisition method, device, electronic equipment and readable storage medium
CN117492823B (en) * 2023-12-29 2024-04-05 珠海格力电器股份有限公司 Code acquisition method, device, electronic equipment and readable storage medium

Also Published As

Publication number Publication date
CN115052037B (en) 2022-12-27

Similar Documents

Publication Publication Date Title
CN110378749B (en) Client similarity assessment method, device, terminal equipment and storage medium
CN107391359B (en) Service testing method and device
JP2021163475A (en) Log-based mashup code generation
CN109828920A (en) A kind of log analysis method, device and computer readable storage medium
CN107368407B (en) Information processing method and device
CN114626069A (en) Threat modeling method and device
CN110347573B (en) Application program analysis method, device, electronic device, and computer-readable medium
CN115052037B (en) Client detection method, device, storage medium and equipment
CN112433936A (en) Test method, test device and storage medium
CN113656326B (en) Program testing method, device, computer system and storage medium
CN114356703A (en) Root cause analysis method and device
WO2025045227A1 (en) Application program compliance verification method and apparatus, electronic device and storage medium
CN111046393B (en) Vulnerability information uploading method and device, terminal equipment and storage medium
CN112561690A (en) Method, system, equipment and storage medium for testing credit card staging service interface
CN111552634A (en) Method and device for testing front-end system and storage medium
CN112380115A (en) Regression testing method and device, electronic equipment and storage medium
CN108377357B (en) Visual platform call method and device
CN110347597A (en) Interface test method, device, storage medium and the mobile terminal of picture servers
CN115454819A (en) Test method, device, equipment and storage medium of blockchain cross-chain system
CN115022201A (en) A data processing function testing method, device, equipment and storage medium
CN114942887A (en) Program safety testing method, device, equipment and medium
CN112036899B (en) Method, device and electronic device for providing service information
CN106649343B (en) Network data information processing method and equipment
CN113515401A (en) Positioning debugging method, system, electronic equipment and medium for abnormal transactions
CN115470095A (en) A test method, system, electronic equipment and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant