CN116015955A - Configurable method for verifying validity security of uploading file in application system - Google Patents

Configurable method for verifying validity security of uploading file in application system Download PDF

Info

Publication number
CN116015955A
CN116015955A CN202310006939.8A CN202310006939A CN116015955A CN 116015955 A CN116015955 A CN 116015955A CN 202310006939 A CN202310006939 A CN 202310006939A CN 116015955 A CN116015955 A CN 116015955A
Authority
CN
China
Prior art keywords
file
verification
uploading
uploaded
attribute
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310006939.8A
Other languages
Chinese (zh)
Other versions
CN116015955B (en
Inventor
周竞亮
徐承
郭晓松
宋云飞
熊仁都
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Three Gorges High Technology Information Technology Co ltd
China Three Gorges Corp
Original Assignee
Three Gorges High Technology Information Technology Co ltd
China Three Gorges Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Three Gorges High Technology Information Technology Co ltd, China Three Gorges Corp filed Critical Three Gorges High Technology Information Technology Co ltd
Priority to CN202310006939.8A priority Critical patent/CN116015955B/en
Publication of CN116015955A publication Critical patent/CN116015955A/en
Application granted granted Critical
Publication of CN116015955B publication Critical patent/CN116015955B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a design method for configurably verifying the validity and the safety of an uploading file in an application system, which comprises the following steps: registering an application system to be used in a configuration service center, acquiring an interface certificate, and configuring a file verification rule of a related interface according to the requirement of a service uploading file; respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates; when the user invokes the related function to upload the file, the file is verified through the corresponding verification rule and the user-configured custom rule. Therefore, the file uploading verification distributed at each business system and each function is concentrated to the configuration service center, and the configurable and centralized uploading file verification service is realized, so that the validity and the safety of the uploading file in the network are reliably, consistently and maintainably verified.

Description

Configurable method for verifying validity security of uploading file in application system
Technical Field
The invention relates to the technical field of uploading files, in particular to a configurable design method for verifying the legality and safety of uploading files in an application system.
Background
Conventional file upload verification functions are typically distributed at various functions of various business systems, requiring manual modification of code to change upload logic when business changes require new file types to be provided or old file types to be reduced. Meanwhile, as the file uploading function has a great relation to the security of the system, the file uploading function is easy to become a key object of network attack, and the scattered file verification mode is easy to cause the phenomena of non-standardization and omission on the security verification rule.
Disclosure of Invention
The invention provides a design method for configurably verifying the validity and the safety of an uploading file in an application system, which aims to solve the problems in the prior art.
In order to achieve the above purpose, the present invention provides the following technical solutions:
the configurable method for verifying the validity security of the uploading file in the application system comprises the following steps:
s101: registering an application system to be used in a configuration service center, acquiring an interface certificate, and configuring a file verification rule of a related interface according to the requirement of a service uploading file;
s102: respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates;
s103: when the user invokes the related function to upload the file, the file is verified through the corresponding verification rule and the user-configured custom rule.
Wherein, the step S101 includes:
s1011: providing a file verification service interface for an application system based on token verification, and registering the application system needing to call the service in a configuration center by a user to generate a unique certificate, wherein the unique certificate is stored in the application system;
s1012: and acquiring verification rule configuration of the file through the application object, the function point object and the verification rule object.
Wherein, the step S102 includes:
s1021: the client file uploading module and the server file uploading module verify the uploaded file according to the verification rule associated with the function point object;
s1022: when a user uploads a file through a client file uploading module, reading the function point configuration attribute and a client verification rule from a configuration service center according to the unique identification of the function point;
s1023: and dynamically generating a rendering front end uploading component according to the function point configuration attribute, and after a user selects a file to be uploaded, primarily checking the file according to the configured client verification rule and providing error information when the verification rule is not met.
Wherein, the step S103 includes:
s1031: when a user uploads a file through a server-side file uploading module, primarily checking the file to be uploaded;
s1032: reading the relevant verification item of the configuration center according to the unique identification of the functional point, and continuing to further verify the file from the server;
s1033: and automatically limiting the number of the files and the requests which are simultaneously uploaded, and automatically suspending and restarting the requests based on the message queue when the server file uploading module receives a plurality of requests simultaneously.
Wherein, the step S1012 includes:
in the verification rule configuration process of acquiring the file through the application object, the application object takes the ID as a unique identification attribute, and comprises a description of user management application, an application name, an application address and an application interface authorization credential, and the user judges whether to start and use the file verification service through application object management.
Wherein, the step S1012 further includes:
in the verification rule configuration process of acquiring a file through a function point object, the function point object takes an ID as a unique identification attribute and comprises a user-configurable function description attribute and an attribution system attribute, wherein the function description attribute basically describes the purpose of a file uploading function of the verification rule to be configured, and the attribution system attribute is used for associating an application system registered in a configuration center and realizing interface authorization;
the function point object stores the type of specific uploading component that the user needs to use, including: drag, pop-up, and partially customizable style configurations including: size, background color, foreground color, animation effects, border style, shading style, and title.
Wherein, the step S1012 further includes:
in the verification rule configuration process of acquiring the file through the verification rule object, the verification rule object is associated with the function point object, the function point object ID and the index attribute of the verification rule object are used as the unique identification of the verification rule, and the unique identification comprises: configurable file type attributes, file type encoding attributes, file size upper limit attributes, whether valid attributes.
The file type attribute and the file type coding attribute value are in one-to-one correspondence, and the selectable value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer;
whether the effective attribute is a binary variable, whether the current rule is started or not is marked, and whether the effective attribute is used for providing corresponding historical record and backward compatibility when the type of the available file of the system is changed and deleted.
Wherein, the step S1031 includes:
when the file to be uploaded is subjected to preliminary verification, firstly checking whether the file name of the file to be uploaded contains illegal characters, then verifying whether the capacity of the file to be uploaded is too small or too large, and finally limiting the file name length of the file to be uploaded to be not more than 255 bytes to ensure that the file to be uploaded accords with the limitations of certain operating systems.
Wherein, after the step S1033, the method includes:
generating a verification result after the verification of the file to be uploaded is completed, wherein the verification result comprises verification success and verification failure, and performing complete storage operation on a request log of the verification result;
and returning a message of a verification result after the verification of the uploaded file is completed, and providing complete abnormal information.
Compared with the prior art, the invention has the following advantages:
a configurable design method for verifying validity and security of an uploading file in an application system comprises the following steps: registering an application system to be used in a configuration service center, acquiring an interface certificate, and configuring a file verification rule of a related interface according to the requirement of a service uploading file; respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates; when the user invokes the related function to upload the file, the file is verified through the corresponding verification rule and the user-configured custom rule. Therefore, the file uploading verification distributed at each business system and each function is concentrated to the configuration service center, and the configurable and centralized uploading file verification service is realized, so that the validity and the safety of the uploading file in the network are reliably, consistently and maintainably verified.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
The technical scheme of the invention is further described in detail through the drawings and the embodiments.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a flow chart of a configurable design method for verifying the validity and security of an uploading file in an application system in an embodiment of the invention;
FIG. 2 is a flow chart of a configuration of a document verification rule implemented by a configuration service center in an embodiment of the present invention;
fig. 3 is a flowchart of file uploading by the client file uploading module in the embodiment of the invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
The embodiment of the invention provides a design method for configurably verifying the validity and the security of an uploading file in an application system, referring to fig. 1 to 3, comprising the following steps:
s101: registering an application system to be used in a configuration service center, acquiring an interface certificate, and configuring a file verification rule of a related interface according to the requirement of a service uploading file;
s102: respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates;
s103: when the user invokes the related function to upload the file, the file is verified through the corresponding verification rule and the user-configured custom rule.
The working principle of the technical scheme is as follows: registering an application system to be used in a configuration service center, acquiring an interface API credential, configuring a file verification rule of a related interface according to the requirement of a service uploading file, and configuring the file verification rule of the related interface in the configuration service center comprises: a file type white list and a corresponding file size, and starting related rules; respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates; when the user file is uploaded, the client file uploading module is used for verifying the configuration service center verification rule, the server file uploading module is used for verifying the configuration service center verification rule, performing secondary verification on the uploaded file information and the file stream and performing other necessary safety verification, returning user result information after the file verification is completed, and forwarding the file to a service system for subsequent processing.
The beneficial effects of the technical scheme are as follows: the design method mainly comprises the steps of configuring a center service, a client file uploading module, a server file uploading module and a set of rules for verifying the legitimacy and the safety of the file, and the method mainly comprises the following steps: registering an application system to be used in a configuration service center to obtain an interface credential; newly adding verification rule configuration information of related function points according to the requirement of a service uploading file; respectively introducing file uploading modules at service codes of a client and a server, and configuring interface certificates; and then when the user invokes the related function to upload the file, the inherent verification rule of the method and the user-configured custom rule are applied to verify the file. Therefore, the file uploading verification distributed at each business system and each function is concentrated to the configuration service center, and the configurable and centralized uploading file verification service is realized, so that the validity and the safety of the uploading file in the network are reliably, consistently and maintainably verified.
In another embodiment, the step S101 includes:
s1011: providing a file verification service interface for an application system based on token verification, and registering the application system needing to call the service in a configuration center by a user to generate a unique certificate, wherein the unique certificate is stored in the application system;
s1012: and acquiring verification rule configuration of the file through the application object, the function point object and the verification rule object.
The working principle of the technical scheme is as follows: based on the configuration service center, the configuration of the file verification rule is realized, and each application system is authorized to inquire the verification rule. Application interface authorization: the configuration center service provides a file verification service interface for the application system based on token verification, a user registers the application system needing to call the service in the configuration center, and a unique credential is generated to store the application system, and the credential is carried every time the configuration center service is accessed to ensure that the access is authorized. And (3) verifying rule configuration: and the application object, the function point object and the verification rule object are used for realizing verification rule configuration of the file, and the client file uploading module and the server file uploading module verify the uploaded file according to the verification rule associated with the function point object.
The beneficial effects of the technical scheme are as follows: providing a file verification service interface for an application system based on token verification, and registering the application system needing to call the service in a configuration center by a user to generate a unique certificate, wherein the unique certificate is stored in the application system; and acquiring verification rule configuration of the file through the application object, the function point object and the verification rule object. The manager can conveniently inquire related configuration, better history record and backward compatibility are provided, and abnormal situations of mismatch of the system file types and the configuration are prevented.
In another embodiment, the step S102 includes:
s1021: the client file uploading module and the server file uploading module verify the uploaded file according to the verification rule associated with the function point object;
s1022: when a user uploads a file through a client file uploading module, reading the function point configuration attribute and a client verification rule from a configuration service center according to the unique identification of the function point;
s1023: and dynamically generating a rendering front end uploading component according to the function point configuration attribute, and after a user selects a file to be uploaded, primarily checking the file according to the configured client verification rule and providing error information when the verification rule is not met.
The working principle of the technical scheme is as follows: when a user uploads a file through the client file uploading module, the function point configuration attribute and the client verification rule are read from the configuration service center according to the unique identification of the function point, a rendering front uploading component is dynamically generated according to the function point configuration attribute, the file is preliminarily verified according to the configured client verification rule after the user selects the file to be uploaded, and error information which does not accord with the verification rule is provided.
The beneficial effects of the technical scheme are as follows: when a user uploads a file through a client file uploading module, reading the function point configuration attribute and a client verification rule from a configuration service center according to the unique identification of the function point; and dynamically generating a rendering front end uploading component according to the function point configuration attribute, and after a user selects a file to be uploaded, primarily checking the file according to the configured client verification rule and providing error information when the verification rule is not met. Therefore, the file uploading verification distributed at each business system and each function is concentrated to the configuration service center, and the configurable and centralized uploading file verification service is realized, so that the validity and the safety of the uploading file in the network are reliably, consistently and maintainably verified.
In another embodiment, the step S103 includes:
s1031: when a user uploads a file through a server-side file uploading module, primarily checking the file to be uploaded;
s1032: reading the relevant verification item of the configuration center according to the unique identification of the functional point, and continuing to further verify the file from the server;
s1033: and automatically limiting the number of the files and the requests which are simultaneously uploaded, and automatically suspending and restarting the requests based on the message queue when the server file uploading module receives a plurality of requests simultaneously.
The working principle of the technical scheme is as follows: when a user uploads a file through a server side file uploading module, performing preliminary verification, reading a relevant verification item of a configuration center according to a unique identification of a functional point, and continuing further verification on the file from a server side, wherein the further verification comprises verification on a file name, a suffix name and a Content-Type; analyzing and verifying the file coding type by using a file stream analyzer; verifying the consistency of the file type information and the file stream coding information; automatically limiting the number of files and requests which are simultaneously uploaded. The request processing is automatically suspended and restarted based on the message queue when the uploading module receives multiple requests simultaneously.
The beneficial effects of the technical scheme are as follows: when a user uploads a file through a server-side file uploading module, primarily checking the file to be uploaded; reading the relevant verification item of the configuration center according to the unique identification of the functional point, and continuing to further verify the file from the server; and automatically limiting the number of the files and the requests which are simultaneously uploaded, and automatically suspending and restarting the requests based on the message queue when the server file uploading module receives a plurality of requests simultaneously. Therefore, the file uploading verification distributed at each business system and each function is concentrated to the configuration service center, and the configurable and centralized uploading file verification service is realized, so that the validity and the safety of the uploading file in the network are reliably, consistently and maintainably verified.
In another embodiment, the step S1012 includes:
in the verification rule configuration process of acquiring the file through the application object, the application object takes the ID as a unique identification attribute, and comprises a description of user management application, an application name, an application address and an application interface authorization credential, and the user judges whether to start and use the file verification service through application object management.
The working principle of the technical scheme is as follows: the application object takes the ID as a unique identification attribute and comprises descriptions of applications which can be managed by a user, including application names, application addresses and the like and application interface authorization credentials, and the user can manage whether to start and use file verification services through the application object.
The beneficial effects of the technical scheme are as follows: in the verification rule configuration process of acquiring the file through the application object, the application object takes the ID as a unique identification attribute, and comprises a description of user management application, an application name, an application address and an application interface authorization credential, and the user judges whether to start and use the file verification service through application object management. Therefore, the validity and the safety of the uploading files in the network are reliably, consistently and maintainably verified.
In another embodiment, the step S1012 further includes:
in the verification rule configuration process of acquiring a file through a function point object, the function point object takes an ID as a unique identification attribute and comprises a user-configurable function description attribute and an attribution system attribute, wherein the function description attribute basically describes the purpose of a file uploading function of the verification rule to be configured, and the attribution system attribute is used for associating an application system registered in a configuration center and realizing interface authorization;
the function point object stores the type of specific uploading component that the user needs to use, including: drag, pop-up, and partially customizable style configurations including: size, background color, foreground color, animation effects, border style, shading style, and title.
The working principle of the technical scheme is as follows: the function point object takes the ID as a unique identification attribute and comprises a user-configurable function description attribute and a home system attribute; the function description attribute basically describes the purpose of the file uploading function of the verification rule to be configured, so that an administrator can conveniently inquire about related configuration; the attribute of the home system is used for associating the application system registered in the configuration center and is used for realizing interface authorization; the function point object also stores the type of specific uploading component that the user needs to use, including: drag, pop-up, and partially customizable style configurations: size, background color, foreground color, animation effects, border style, shading style, title.
The beneficial effects of the technical scheme are as follows: in the verification rule configuration process of acquiring a file through a function point object, the function point object takes an ID as a unique identification attribute and comprises a user-configurable function description attribute and an attribution system attribute, wherein the function description attribute basically describes the purpose of a file uploading function of the verification rule to be configured, and the attribution system attribute is used for associating an application system registered in a configuration center and realizing interface authorization; the function point object stores the type of specific uploading component that the user needs to use, including: drag, pop-up, and partially customizable style configurations including: size, background color, foreground color, animation effects, border style, shading style, and title. Thereby facilitating the inquiry of the relevant configuration by the administrator and realizing the interface authorization of the application system.
In another embodiment, the step S1012 further includes:
in the verification rule configuration process of acquiring the file through the verification rule object, the verification rule object is associated with the function point object, the function point object ID and the index attribute of the verification rule object are used as the unique identification of the verification rule, and the unique identification comprises: configurable file type attributes, file type encoding attributes, file size upper limit attributes, whether valid attributes.
The working principle of the technical scheme is as follows: the verification rule object is related to the function point object, the function point object ID and the index attribute of the function point object are used together as the unique identifier of the verification rule, and the function point object comprises a configurable file type attribute, a file type coding attribute, a file size upper limit attribute and a valid attribute, wherein the file type attribute corresponds to a file type coding attribute value one by one, and an optional value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer and is used for limiting the file size; whether the effective attribute is a binary variable or not, and whether the current rule is started or not is marked, so that when the available file types of the system are changed and deleted, better historical records and backward compatibility are provided, and abnormal situations of mismatch between the file types and the configuration of the system are prevented.
The beneficial effects of the technical scheme are as follows: in the verification rule configuration process of acquiring the file through the verification rule object, the verification rule object is associated with the function point object, the function point object ID and the index attribute of the verification rule object are used as the unique identification of the verification rule, and the unique identification comprises: configurable file type attributes, file type encoding attributes, file size upper limit attributes, whether valid attributes. When the available file types of the system are changed and deleted, better history record and backward compatibility are provided, and abnormal situations of mismatch of the file types and the configuration of the system are prevented.
In another embodiment, the unique identification includes: the configurable file type attribute, the file type coding attribute, the file size upper limit attribute and the valid attribute are in one-to-one correspondence, and the selectable value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer;
whether the effective attribute is a binary variable, whether the current rule is started or not is marked, and whether the effective attribute is used for providing corresponding historical record and backward compatibility when the type of the available file of the system is changed and deleted.
The working principle of the technical scheme is as follows: the file type attribute corresponds to the file type coding attribute value one by one, and the selectable value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer and is used for limiting the file size; whether the effective attribute is a binary variable or not, and whether the current rule is started or not is marked, so that when the available file types of the system are changed and deleted, better historical records and backward compatibility are provided, and abnormal situations of mismatch between the file types and the configuration of the system are prevented.
The beneficial effects of the technical scheme are as follows: the file type attribute corresponds to the file type coding attribute value one by one, and the selectable value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer; whether the effective attribute is a binary variable, whether the current rule is started or not is marked, and whether the effective attribute is used for providing better historical record and backward compatibility when the type of the system available file is changed and deleted, so that abnormal situations of mismatch between the type of the system file and the configuration are prevented.
In another embodiment, the step S1031 includes:
when the file to be uploaded is subjected to preliminary verification, firstly checking whether the file name of the file to be uploaded contains illegal characters, then verifying whether the capacity of the file to be uploaded is too small or too large, and finally limiting the file name length of the file to be uploaded to be not more than 255 bytes to ensure that the file to be uploaded accords with the limitations of certain operating systems.
The working principle of the technical scheme is as follows: when the file to be uploaded is subjected to preliminary verification, firstly checking whether the file name of the file to be uploaded contains illegal characters, then verifying whether the capacity of the file to be uploaded is too small or too large, and finally limiting the file name length of the file to be uploaded to be not more than 255 bytes to ensure that the file to be uploaded accords with the limitations of certain operating systems.
The beneficial effects of the technical scheme are as follows: when the file to be uploaded is subjected to preliminary verification, firstly checking whether the file name of the file to be uploaded contains illegal characters, then verifying whether the capacity of the file to be uploaded is too small or too large, and finally limiting the file name length of the file to be uploaded to be not more than 255 bytes to ensure that the file to be uploaded accords with the limitations of certain operating systems. The size of the file is limited by the validation.
In another embodiment, the step S1033 includes:
generating a verification result after the verification of the file to be uploaded is completed, wherein the verification result comprises verification success and verification failure, and performing complete storage operation on a request log of the verification result;
and returning a message of a verification result after the verification of the uploaded file is completed, and providing complete abnormal information.
The working principle of the technical scheme is as follows: generating a verification result after the verification of the file to be uploaded is completed, wherein the verification result comprises verification success and verification failure, and performing complete storage operation on a request log of the verification result; and returning a message of a verification result after the verification of the uploaded file is completed, and providing complete abnormal information.
Before uploading a file, the configuration center service receives a client request and authentication identity, and refuses a user request if authentication fails; if the verification is passed, judging whether the uploaded file is an encrypted file, if so, reading and sending information such as a data block ciphertext and a file spectrum of the file by a quotient, and receiving the data block ciphertext and the file spectrum by a client; after uploading a file, a client sends a data downloading request to a key server to acquire a slicing level key of the client, each key server verifies the identity of a client user a priori, reads the slicing level key, sends the slicing level key to the client user through a secure channel, receives the slicing level key, and recovers the file level key based on a secret sharing scheme; the client user obtains a file spectrum from the application system, obtains a file-level key from the distributed key server, decrypts the data block-level key by using the file-level key, decrypts a data block by using the block-level key to obtain a plaintext, and finally recovers the uploaded file.
In the file uploading process, the security of the current file is detected through the file uploading module, and the formula of the security of the file is as follows:
Figure BDA0004036017210000101
wherein P is expressed as a security value of the uploaded file, c i,j And representing the jth slicing level key in the ith key service end, wherein m represents m key service ends in the current system, and n represents n slicing level keys in the current key service end.
And the validity and the safety of the current uploading file are judged by acquiring the safety value of the uploading file, the standardization of the safety verification rule is improved, and the configurable and centralized uploading file verification service is realized.
The beneficial effects of the technical scheme are as follows: generating a verification result after the verification of the file to be uploaded is completed, wherein the verification result comprises verification success and verification failure, and performing complete storage operation on a request log of the verification result; and returning a message of a verification result after the verification of the uploaded file is completed, and providing complete abnormal information. The file uploading verification distributed at each business system and each function is concentrated to the configuration center, so that configurable and centralized uploading file verification service is realized, and the validity, the safety and the maintainability of uploading files in the network are verified reliably and consistently.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (10)

1. The configurable method for verifying the validity security of the uploading file in the application system is characterized by comprising the following steps:
s101: registering an application system to be used in a configuration service center, acquiring an interface certificate, and configuring a file verification rule of a related interface according to the requirement of a service uploading file;
s102: respectively introducing file uploading modules into the client service codes and the server service codes to obtain the client file uploading modules and the server file uploading modules, and configuring interface certificates;
s103: when the user invokes the related function to upload the file, the file is verified through the corresponding verification rule and the user-configured custom rule.
2. The method for configurably verifying security of validity of an uploaded file in an application according to claim 1, wherein the step S101 comprises:
s1011: providing a file verification service interface for an application system based on token verification, and registering the application system needing to call the service in a configuration center by a user to generate a unique certificate, wherein the unique certificate is stored in the application system;
s1012: and acquiring verification rule configuration of the file through the application object, the function point object and the verification rule object.
3. The method for configurably verifying security of validity of an uploaded file in an application according to claim 1, wherein the step S102 comprises:
s1021: the client file uploading module and the server file uploading module verify the uploaded file according to the verification rule associated with the function point object;
s1022: when a user uploads a file through a client file uploading module, reading the function point configuration attribute and a client verification rule from a configuration service center according to the unique identification of the function point;
s1023: and dynamically generating a rendering front end uploading component according to the function point configuration attribute, and after a user selects a file to be uploaded, primarily checking the file according to the configured client verification rule and providing error information when the verification rule is not met.
4. The method for configurably verifying security of validity of an uploaded file in an application according to claim 1, wherein the step S103 comprises:
s1031: when a user uploads a file through a server-side file uploading module, primarily checking the file to be uploaded;
s1032: reading the relevant verification item of the configuration center according to the unique identification of the functional point, and continuing to further verify the file from the server;
s1033: and automatically limiting the number of the files and the requests which are simultaneously uploaded, and automatically suspending and restarting the requests based on the message queue when the server file uploading module receives a plurality of requests simultaneously.
5. The method for configurably verifying security of validity of an uploaded file in an application according to claim 2, wherein the step S1012 comprises:
in the verification rule configuration process of acquiring the file through the application object, the application object takes the ID as a unique identification attribute, and comprises a description of user management application, an application name, an application address and an application interface authorization credential, and the user judges whether to start and use the file verification service through application object management.
6. The method for configurably verifying security of validity of an uploaded file in an application according to claim 2, wherein the step S1012 further comprises:
in the verification rule configuration process of acquiring a file through a function point object, the function point object takes an ID as a unique identification attribute and comprises a user-configurable function description attribute and an attribution system attribute, wherein the function description attribute basically describes the purpose of a file uploading function of the verification rule to be configured, and the attribution system attribute is used for associating an application system registered in a configuration center and realizing interface authorization;
the function point object stores the type of specific uploading component that the user needs to use, including: drag, pop-up, and partially customizable style configurations including: size, background color, foreground color, animation effects, border style, shading style, and title.
7. The method for configurably verifying security of validity of an uploaded file in an application according to claim 2, wherein the step S1012 further comprises:
in the verification rule configuration process of acquiring the file through the verification rule object, the verification rule object is associated with the function point object, the function point object ID and the index attribute of the verification rule object are used as the unique identification of the verification rule, and the unique identification comprises: configurable file type attributes, file type encoding attributes, file size upper limit attributes, whether valid attributes.
8. The method for configurably verifying security of uploading files in an application system of claim 7, comprising:
the file type attribute corresponds to the file type coding attribute value one by one, and the selectable value set is stored and maintained in a dictionary mode; the upper limit attribute of the file size is integer;
whether the effective attribute is a binary variable, whether the current rule is started or not is marked, and whether the effective attribute is used for providing corresponding historical record and backward compatibility when the type of the available file of the system is changed and deleted.
9. The method for configurably verifying security of validity of an uploaded file in an application according to claim 4, wherein the step S1031 comprises:
when the file to be uploaded is subjected to preliminary verification, firstly checking whether the file name of the file to be uploaded contains illegal characters, then verifying whether the capacity of the file to be uploaded is too small or too large, finally limiting the file name length of the file to be uploaded to be not more than 255 bytes, and ensuring that the file to be uploaded accords with the limitation of a corresponding operating system.
10. The method for configurably verifying security of validity of an uploaded file in an application according to claim 4, wherein the step S1033 comprises:
generating a verification result after the verification of the file to be uploaded is completed, wherein the verification result comprises verification success and verification failure, and performing complete storage operation on a request log of the verification result;
and returning a message of a verification result after the verification of the uploaded file is completed, and providing complete abnormal information.
CN202310006939.8A 2023-01-04 2023-01-04 Configurable method for verifying validity security of uploading file in application system Active CN116015955B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310006939.8A CN116015955B (en) 2023-01-04 2023-01-04 Configurable method for verifying validity security of uploading file in application system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310006939.8A CN116015955B (en) 2023-01-04 2023-01-04 Configurable method for verifying validity security of uploading file in application system

Publications (2)

Publication Number Publication Date
CN116015955A true CN116015955A (en) 2023-04-25
CN116015955B CN116015955B (en) 2023-12-01

Family

ID=86024457

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310006939.8A Active CN116015955B (en) 2023-01-04 2023-01-04 Configurable method for verifying validity security of uploading file in application system

Country Status (1)

Country Link
CN (1) CN116015955B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116881952A (en) * 2023-09-07 2023-10-13 北京亿赛通科技发展有限责任公司 Encryption and decryption method and system based on file stream

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547445A (en) * 2018-11-27 2019-03-29 北京酷我科技有限公司 A kind of method and system that verifying client network requests are legal
CN110413582A (en) * 2019-07-07 2019-11-05 上海鸿翼软件技术股份有限公司 A kind of trans-regional data synchronous system based on business rule
WO2020015190A1 (en) * 2018-07-18 2020-01-23 平安科技(深圳)有限公司 Method for generating business rule, electronic device, and readable storage medium
WO2020130797A1 (en) * 2018-12-21 2020-06-25 Mimos Berhad Method of preparing virtual machine, method of managing downloading and uploading files at virtual machine and system therefor
CN112104646A (en) * 2020-09-14 2020-12-18 福建天晴在线互动科技有限公司 Method and system for safety transmission of app data interface
CN113517985A (en) * 2021-07-09 2021-10-19 中国建设银行股份有限公司 File data processing method and device, electronic equipment and computer readable medium
CN113704724A (en) * 2021-11-01 2021-11-26 天津南大通用数据技术股份有限公司 Method for realizing database login authentication based on Kerberos mechanism
CN113905038A (en) * 2021-09-29 2022-01-07 平安普惠企业管理有限公司 Data reporting method, device, equipment and storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020015190A1 (en) * 2018-07-18 2020-01-23 平安科技(深圳)有限公司 Method for generating business rule, electronic device, and readable storage medium
CN109547445A (en) * 2018-11-27 2019-03-29 北京酷我科技有限公司 A kind of method and system that verifying client network requests are legal
WO2020130797A1 (en) * 2018-12-21 2020-06-25 Mimos Berhad Method of preparing virtual machine, method of managing downloading and uploading files at virtual machine and system therefor
CN110413582A (en) * 2019-07-07 2019-11-05 上海鸿翼软件技术股份有限公司 A kind of trans-regional data synchronous system based on business rule
CN112104646A (en) * 2020-09-14 2020-12-18 福建天晴在线互动科技有限公司 Method and system for safety transmission of app data interface
CN113517985A (en) * 2021-07-09 2021-10-19 中国建设银行股份有限公司 File data processing method and device, electronic equipment and computer readable medium
CN113905038A (en) * 2021-09-29 2022-01-07 平安普惠企业管理有限公司 Data reporting method, device, equipment and storage medium
CN113704724A (en) * 2021-11-01 2021-11-26 天津南大通用数据技术股份有限公司 Method for realizing database login authentication based on Kerberos mechanism

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116881952A (en) * 2023-09-07 2023-10-13 北京亿赛通科技发展有限责任公司 Encryption and decryption method and system based on file stream
CN116881952B (en) * 2023-09-07 2023-11-24 北京亿赛通科技发展有限责任公司 Encryption and decryption method and system based on file stream

Also Published As

Publication number Publication date
CN116015955B (en) 2023-12-01

Similar Documents

Publication Publication Date Title
US20220078017A1 (en) Authorized Data Sharing Using Smart Contracts
US20040006693A1 (en) System and method for providing secure communication between computer systems
CN110417863B (en) Method and device for generating identity identification code and method and device for authenticating identity
CN112188493B (en) Authentication method, system and related equipment
CN111783075A (en) Authority management method, device and medium based on secret key and electronic equipment
CN112671720B (en) Token construction method, device and equipment for cloud platform resource access control
CN108632241B (en) Unified login method and device for multiple application systems
CN103875211A (en) Internet account management method, manager, server, and system
CN111669402B (en) Encrypted communication method, device, equipment and storage medium
CN111818088A (en) Authorization mode management method and device, computer equipment and readable storage medium
CN116015955B (en) Configurable method for verifying validity security of uploading file in application system
CN112511316B (en) Single sign-on access method and device, computer equipment and readable storage medium
CN113726522A (en) Internet of things equipment processing method and device based on block chain
CN115842680B (en) Network identity authentication management method and system
CN111880919A (en) Data scheduling method, system and computer equipment
CN110737884A (en) cross-platform terminal authorization management method and system
CN108846671B (en) Online secure transaction method and system based on block chain
CN110602132A (en) Data encryption and decryption processing method
CN110650014B (en) Signature authentication method, system, equipment and storage medium based on hessian protocol
CN113810415B (en) Method for host account operation and maintenance free through fort machine
CN113434824B (en) Software service authorization management method, device, equipment and storage medium
CN114202840B (en) Authentication control method, device and medium
CN111404794B (en) CAN bus network sharing system and method based on virtualization
CN114371882A (en) Unified configuration management method, system, device and storage medium for applications
JP2000207362A (en) Network system and its user authenticating method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant