CN106850751B - Data uploading method and device - Google Patents
Data uploading method and device Download PDFInfo
- Publication number
- CN106850751B CN106850751B CN201611219424.2A CN201611219424A CN106850751B CN 106850751 B CN106850751 B CN 106850751B CN 201611219424 A CN201611219424 A CN 201611219424A CN 106850751 B CN106850751 B CN 106850751B
- Authority
- CN
- China
- Prior art keywords
- cookies
- length
- domain name
- complete
- file destination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The present invention provides a kind of data uploading method and device, belongs to field of computer technology.This method comprises: locally obtaining the corresponding Cookies of any domain name for any domain name under any browser;Determine the corresponding Cookies length of Cookies got;According to Cookies length, the corresponding complete Cookies of any domain name is obtained;Complete Cookies and file destination are uploaded to server.The present invention determines the corresponding Cookies length of Cookies got by locally obtaining the corresponding Cookies of any domain name.According to Cookies length, the corresponding complete Cookies of any domain name is obtained.File destination is filtered, complete Cookies and file destination are uploaded to server.It is imperfect so as to avoid causing data to upload because Cookies is too long since the corresponding complete Cookies of any domain name can be obtained according in the Cookies locally got.Subsequent server can carry out subscriber authentication according to the complete Cookies of upload, to be unlikely to lead to authentication failed due to Cookies is not complete or Cookies loses completely.
Description
Technical field
The present invention relates to field of computer technology, more particularly, to a kind of data uploading method and device.
Background technique
When Cookies is that user browses web sites, the text of the text in subscriber computer hard disk or memory is placed in by Web server
Part, it can recorde the information such as user name, password, the webpage browsed and the residence time of user.When user logs in again
When the website, the relevant information of user is learnt by reading the Cookies file in computer in website, so that it may make corresponding
Movement, for example, the page show welcome sign, or allow user do not have to input username and password just directly log in etc..
Since Cookies has user property, thus in the transmitting file on Web server (such as video or audio file), it can be simultaneously
Cookies is carried to allow Web server to verify user identity.Based on above content, existing data uploading method master
If by directly acquiring the corresponding Cookies of domain name under browser, the Cookies that will acquire and file are uploaded to service
Device.
In the implementation of the present invention, the existing technology has at least the following problems for discovery: due in the case where obtaining browser
When the corresponding Cookies of domain name, Cookies physical length may be more than the permitted maximum Cookies length of browser, from
And can force to weed out the Cookies content exceeded when Cookies is too long, so that Cookies uncomplete content in upload procedure
Or Cookies loses completely, and then it is imperfect to cause data to upload.
Summary of the invention
The present invention provide a kind of data uploading method for overcoming the above problem or at least being partially solved the above problem and
Device.
According to an aspect of the present invention, a kind of data uploading method is provided, this method comprises:
For any domain name under any browser, the corresponding Cookies of any domain name is locally being obtained;
Determine the corresponding Cookies length of Cookies got;
According to Cookies length, the corresponding complete Cookies of any domain name is obtained;
Complete Cookies and file destination are uploaded to server.
According to another aspect of the present invention, a kind of data uploading device is provided, which includes:
First obtains module, for for any domain name under any browser, locally obtaining, any domain name to be corresponding
Cookies;
Determining module, for determining the corresponding Cookies length of Cookies got;
Second obtains module, for obtaining the corresponding complete Cookies of any domain name according to Cookies length;
Uploading module, for complete Cookies and file destination to be uploaded to server.
The technical solution that the application proposes has the benefit that
By locally obtaining the corresponding Cookies of any domain name, the corresponding Cookies of Cookies got is determined
Length.According to Cookies length, the corresponding complete Cookies of any domain name is obtained.It will be on complete Cookies and file destination
Reach server.Since the corresponding complete Cookies of any domain name can be obtained according in the Cookies locally got, thus
Avoid causes data upload imperfect because Cookies is too long.Subsequent server can be used according to the complete Cookies of upload
Family authentication, to be unlikely to lead to authentication failed due to Cookies is not complete or Cookies loses completely.
Detailed description of the invention
Fig. 1 is a kind of flow diagram of data uploading method of the embodiment of the present invention;
Fig. 2 is a kind of flow diagram of data uploading method of the embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of data uploading device of the embodiment of the present invention.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below
Example is not intended to limit the scope of the invention for illustrating the present invention.
It, usually can be by Cookies together with file destination in order to verify user identity when uploading data to server
It is sent to server.Wherein, file destination can be video file or audio file, and the present embodiment and subsequent embodiment be not to mesh
The type for marking file makees specific limit.Existing data uploading method is mainly corresponding by directly acquiring domain name under browser
Cookies, the Cookies that will acquire and file are directly uploaded to server.
Since when uploading data, the physical length of Cookies may be more than the permitted maximum Cookies of browser
Length causes to get to can force to weed out the Cookies content exceeded when obtaining local Cookies
Cookies uncomplete content is lost completely.Correspondingly, the Cookies content uploaded in subsequent upload procedure may not also it is complete or
It loses, is uploaded so as to cause data imperfect completely.
For the problems of the prior art, the embodiment of the invention provides a kind of data uploading methods.Referring to Fig. 1, this reality
The method flow for applying example offer includes: 101, for any domain name under any browser, and locally obtaining, any domain name is corresponding
Cookies;102, the corresponding Cookies length of Cookies got is determined;103, it according to Cookies length, obtains and appoints
The corresponding complete Cookies of one domain name;104, complete Cookies and file destination are uploaded to server.
It should be noted that due to being usually the corresponding Cookies of a certain domain name under a certain browser, and this implementation
Example and subsequent embodiment are also to upload to a Cookies, so that the present embodiment and subsequent embodiment are mainly for one kind
The Cookies of a domain name under browser, is illustrated its upload procedure.During actual implementation, under any browser
Any domain name data can be uploaded using the method in the present embodiment and subsequent embodiment.
Wherein, the browser type that the present embodiment and subsequent embodiment are related to can be Google's browser, IE browser, fire
In fox browser or Opera browser any one etc., the present embodiment and subsequent embodiment are not especially limited this.Separately
Outside, domain name can be domain name, the domain name of music website or the domain name of shopping website etc. of video website, the present embodiment and subsequent reality
It applies example and also specific limit is not made to domain name type.
Method provided in an embodiment of the present invention, by locally obtaining the corresponding Cookies of any domain name, determination is got
The corresponding Cookies length of Cookies.According to Cookies length, the corresponding complete Cookies of any domain name is obtained.It will be complete
Whole Cookies and file destination are uploaded to server.Since any domain name can be obtained according in the Cookies locally got
Corresponding complete Cookies, it is imperfect so as to avoid causing data to upload because Cookies is too long.Subsequent server can basis
The complete Cookies uploaded carries out subscriber authentication, to be unlikely to because Cookies is not complete or Cookies loses completely
And lead to authentication failed.
As a kind of alternative embodiment, the corresponding Cookies length of Cookies got is determined, comprising:
Determine the quantity of predetermined symbol in the Cookies got;
Corresponding Cookies length is determined according to the quantity of predetermined symbol.
As a kind of alternative embodiment, corresponding Cookies length is determined according to the quantity of predetermined symbol, comprising:
Obtained numerical value after the quantity of predetermined symbol is added 1, as the corresponding Cookies long of Cookies got
Degree.
The corresponding complete Cookies of any domain name is obtained according to Cookies length as a kind of alternative embodiment, is wrapped
It includes:
For any domain name, the permitted maximum Cookies length of any browser is obtained;
Maximum Cookies length is compared with Cookies length;
According to comparison result, the corresponding complete Cookies of any domain name is obtained.
The corresponding complete Cookies of any domain name is obtained according to comparison result as a kind of alternative embodiment, comprising:
When Cookies length and maximum Cookies equal length, the corresponding server of Xiang Renyi domain name requests any domain
The corresponding complete Cookies of name;
When Cookies length and maximum Cookies length are unequal, the Cookies that will acquire is as any domain name
Corresponding complete Cookies.
As a kind of alternative embodiment, complete Cookies and file destination are uploaded to before server, further includes:
File destination is filtered.
As a kind of alternative embodiment, file destination is filtered, comprising:
Detect whether file destination is default file type;
When file destination is not default file type, stop uploading file destination.
As a kind of alternative embodiment, file destination is filtered, comprising:
Whether the size of detection file destination is greater than preset threshold;
When the size of file destination is greater than preset threshold, stop uploading file destination.
As a kind of alternative embodiment, complete Cookies and file destination are uploaded to server, comprising:
According to file destination, the coding of preset format is generated;
According to the type of any browser, coding and complete Cookies are uploaded to server.
All the above alternatives can form alternative embodiment of the invention using any combination, herein no longer
It repeats one by one.
Based on the content in above-mentioned Fig. 1 corresponding embodiment, the embodiment of the invention provides a kind of data uploading methods.Referring to
Fig. 2, this method comprises: 201, for any domain name under any browser, locally obtaining, any domain name is corresponding
Cookies;202, the corresponding Cookies length of Cookies got is determined;203, it according to Cookies length, obtains any
The corresponding complete Cookies of domain name;204, file destination is filtered;205, complete Cookies and file destination are uploaded
To server.
Wherein, 201, for any domain name under any browser, the corresponding Cookies of any domain name is locally being obtained.
For ease of description, the present embodiment uploaded data by taking any one domain name under any kind browser as an example
Journey is illustrated.The present embodiment does not limit specifically in the mode for locally obtaining the corresponding Cookies of any domain name, including but
It is not limited to: by calling preset interface, locally obtaining the corresponding Cookies of any domain name.
Wherein, preset interface can be html interface, and the present embodiment is not especially limited this.Specifically, the present embodiment
Corresponding Flash program can obtain the Cookies of domain name under browser by calling html interface.The process can refer to as
Lower code (1):
ExternalInterface.call(function(){return window.document.cookie});
In above-mentioned code (1), Window refers to that browser window, Document are browser window documents.
Cookies is typically stored in browser window document.
Wherein, 202, the determining corresponding Cookies length of Cookies got.
Cookies is usually the text file being made of character string one by one, so that Cookies has corresponding Cookies
Length, i.e. the character string number for including in Cookies.The present embodiment is not to the determining corresponding Cookies of Cookies got
The mode of length specifically limits, including but not limited to: determining the quantity of predetermined symbol in the Cookies got;According to pre-
If the quantity of symbol determines corresponding Cookies length.
Wherein, predetermined symbol can be not especially limited this with branch, the present embodiment.Single character string in Cookies
Be split by predetermined symbol, to be traversed to Cookies, it may be determined that the number of predetermined symbol in Cookies, can between
Ground connection knows the item number of character string in Cookies, so as to determine Cookies length.
The present embodiment does not determine that the mode of corresponding Cookies length specifically limits to the quantity according to predetermined symbol,
Including but not limited to: obtained numerical value after the quantity of predetermined symbol is added 1, it is corresponding as the Cookies got
Cookies length.
For example, by taking predetermined symbol is branch as an example.Since the last item character string is followed by no branch in Cookies
, to add 1 on the basis of branch quantity, obtained numerical value is the corresponding Cookies long of Cookies got
Degree.
Wherein, 203, according to Cookies length, the corresponding complete Cookies of any domain name is obtained.
By the content in Fig. 1 corresponding embodiment it is found that the physical length of Cookies may due to when uploading data
Maximum Cookies length permitted more than browser, to can force to weed out to exceed when obtaining local Cookies
Cookies content, cause the Cookies uncomplete content got or completely lose.Therefore, this step is primarily to avoid
Such case occurs, to obtain complete Cookies.
The present embodiment not to according to Cookies length, make specifically by the mode for obtaining the corresponding complete Cookies of any domain name
It limits, including but not limited to: for any domain name, obtaining the permitted maximum Cookies length of any browser;It will be maximum
Cookies length is compared with Cookies length;According to comparison result, the corresponding complete Cookies of any domain name is obtained.
Since the permitted maximum Cookies length of the browser of each type is all different, thus in above-mentioned mistake
Need to obtain the information of browser in journey, i.e. browser mark and the permitted maximum Cookies length of the type browser.
For example, the IE7 and IE8 of Microsoft, which increase cookie, is limited to each domain name 50.The each domain name cookie limit of Firefox
Length processed is that each domain name cookie limited length of 50, Opera is 30.
Wherein, when specifically obtaining the information of browser, following code (2) be can refer to:
ExternalInterface.call
("function BrowserAgent(){return navigator.userAgent;}")
It, can be by maximum Cookies length and Cookies after getting the permitted maximum Cookies length of browser
Length is compared.According to comparison result, the corresponding complete Cookies of any domain name is obtained.The present embodiment is not to according to comparing
As a result, the mode for obtaining the corresponding complete Cookies of any domain name specifically limits, including but not limited to: when Cookies length
When with maximum Cookies equal length, the corresponding server of Xiang Renyi domain name requests the corresponding complete Cookies of any domain name;
When Cookies length and maximum Cookies length are unequal, the Cookies that will acquire is corresponding complete as any domain name
Whole Cookies.
When locally saving Cookies data, when Cookies length is more than the permitted maximum Cookies long of browser
When spending, the part that meeting automatic rejection exceeds, and according to the permitted maximum Cookies length of browser, in local preservation
Cookies data.Based on above content, it can learn that the Cookies data length that ought locally save is equal to browser and is allowed
Maximum Cookies length when, it is left beyond institute behind part to illustrate that the Cookies data locally saved are likely to be rejecting
Cookies data are incomplete in the Cookies data locally got.When the Cookies data length locally saved
When maximum Cookies length permitted less than browser, illustrate the Cookies data locally saved be certainly it is complete,
It is also complete in the Cookies data locally got.
Based on above description, for any domain name under any browser, when Cookies length and maximum Cookies long
When spending equal, due to a possibility that being not complete there are Cookies data, and the Cookies that the domain name corresponding server saves
Data are completely, so as to request the corresponding complete Cookies of the domain name to the corresponding server of the domain name.Work as Cookies
When length and maximum Cookies length are unequal, then the Cookies that can directly will acquire is corresponding complete as the domain name
Cookies.It needs complete Cookies and file destination being uploaded to server due to subsequent, it, can be for the ease of subsequent upload
Complete Cookies is assigned to variable newCookies in memory, the present embodiment is not especially limited this.
The above-mentioned process for being compared maximum Cookies length with Cookies length, can refer to following code (3):
Lose=n==n1? true:false
Lose is to indicate whether browser loses Cookie, and n is Cookie item number, and n1 is that the type browser is permitted
Cookie maximum item number.
Since the present embodiment mainly uploads Cookies and file destination, and file destination exists for rubbish text
A possibility that part, so as to be filtered to file destination, to prevent to upload garbage files.Subsequent step is mainly to filtering rubbish
The process of rubbish file is illustrated.
Wherein, 204, file destination is filtered.
About the mode being filtered to file destination, the present embodiment is not especially limited this, including but not limited to such as
Lower two ways.
First way: whether detection file destination is default file type;When file destination is not default file type
When, stop uploading file destination.
Due to when uploading file destination, the type of usually upper transmitting file be it is specified, so as to by judging target
Whether file is default file type, to determine whether file destination is garbage files.Wherein, default file type can be
.png or .mp4 file etc., the present embodiment is not especially limited this.
When it is implemented, can first initialization files system, monitoring file is by selection event, i.e. detection user's selection target text
The operation of part, the process can refer to following code (4):
File=new FileReference ();
file.addEventListener(Event.SELECT,onFileSelect);
When file system selection event is triggered, file type character string can be obtained by flie.type and be assigned to change
Measure fileType.After obtaining file type character string, file type character string can be matched with default file type, from
And determine whether file destination is default file type, which can refer to following code (5):
TypeOk=fileType.index (" .x ") > 1? True:false
In above-mentioned code (5), TypeOk indicates whether file type is legal, and fileType is file type character string, x
Indicate default file type.
When TypeOk is illegal, i.e., when file destination is not default file type, can stop uploading file destination.Herein
Later, user can be also prompted to select correct file type, the present embodiment is not especially limited this.
The second way: whether the size for detecting file destination is greater than preset threshold;When the size of file destination is greater than in advance
If when threshold value, stopping uploading file destination.
Blocking server is understood since when uploading file destination, file is too big, so that the size of upper transmitting file eight-legged essay part is logical
It is fixed to refer to.It therefore, can be according to the size of file destination, to determine whether file destination is garbage files.Wherein, it presets
Threshold value can be configured according to actual needs, and the present embodiment is not especially limited this.
When it is implemented, can refer to following code (6):
SizeeOk=flie.size > x? True:false;
In above-mentioned code (6), sizeeOk indicates whether file size is legal, and flie.size is file size.X is indicated
File maximum number of byte, i.e. preset threshold is arranged in system.If sizeeOk is illegal, i.e., the size of file destination is greater than default
Threshold value can stop uploading file destination.After this, it can also prompt the upper transmitting file of user excessive, the present embodiment does not make this to have
Body limits.
It should be noted that the above two mode being filtered to file destination, may be selected wherein in actual implementation
Any one mode is filtered file destination, can also pass through two ways and be filtered simultaneously to file destination, this reality
It applies example and this is not especially limited.In addition, which specifically first carries out when being filtered simultaneously using two ways to file destination
Kind mode, the present embodiment are not especially limited this.Specifically, first way can be first carried out to the file type of file destination
It is filtered, then executes the second way and the size of file destination is filtered.Alternatively, the execution second way can be first carried out
The size of file destination is filtered, then first way is filtered the file type of file destination.
File is filtered by above-mentioned first way, some illegal type files can be rejected and uploaded, clothes are saved
Business device bandwidth.For example, server only receives picture upload, when the destination file format of upload is video format, this can be blocked
The upload of video file.Since video file upload can occupy massive band width, so that server band can be saved by this way
It is wide.
File is filtered by the above-mentioned second way, biggish file can be filtered out, so as to save clothes
The memory space of business device.In addition it is possible to avoid malicious user attack server.For example, server only receives the text in 10M
Part can block the upload of file destination when the file destination size of upload is greater than 10M.Since upload is more than the file meeting of 10M
The a large amount of memory spaces for occupying server, so that the memory space of server can be saved by this way.In addition it is possible to keep away
Exempt from malicious user and passes through the file attack server of upload large volume.
Wherein, 205, complete Cookies and file destination are uploaded to server.
It is not safe enough due to directly uploading file destination, so as to which file destination is converted to coding, encoded by uploading
To realize the upload of file destination.Correspondingly, the present embodiment is not uploaded to server to by complete Cookies and file destination
Mode specifically limits, including but not limited to: according to file destination, generating the coding of preset format;According to any browser
Coding and complete Cookies are uploaded to server by type.
Wherein, the coding of preset format can encode for Base64, and the present embodiment does not make specific limit to coded format.It is logical
It crosses and file destination is converted into Base64 coding, can be improved safety when data upload.
The process that file destination is converted to Base64 coding be can refer into following code (7):
ByteArray=file.data;
FileString=Base64.encodeByteArray (data);
In above-mentioned code (7), what is stored in variable FileString is the Base64 coded string after converting.
After the coding that file destination is converted to preset format, coding and complete Cookies can be uploaded to server.
When uploading to data, http agreement or Socket agreement etc. can be used, the present embodiment is not especially limited this.
In addition, since certain type of browser are in upper transmitting file, such as red fox browser, the Flash of some versions
Player can systematically lose the Cookies in header file, thus before uploading file destination, it is also necessary to detect browser
Whether be the type browser.
For ease of description, clear as red fox using the browser type that can lose Cookies with transport protocol for http agreement
It lookes at for device, before uploading data, can first detect whether current browser is red fox browser, specific detection process can refer to
Following code (8):
IsFix=BrowserInfo.index (" Firefox ") > 1? True:false;
In above-mentioned code (8), isFix indicates whether it is red fox browser, and BrowserInfo is in above-mentioned steps 203
The browser information got, i.e. browser mark.It is identified whether by verifying the browser that gets as " Firefox ", from
And it can determine whether the browser is red fox browser.
When isFix is false, indicating the browser not is red fox browser.Pass through new URLRequestHeader
(" cookie ", newCookies) is arranged http request head information, URLRequestHeader is assigned to
request.requestHeaders.Wherein, newCookies is the complete Cookies got in above-mentioned steps 203.
When isFix is true, indicate that the browser is red fox browser.By by the attribute of URLVariables attribute
Value is set as newCookies, can allow in http upload request and carry newCookies, is fire so as to avoid browser type
When fox browser, the Cookies in header file is lost.The process can refer to following code (9):
URLVariables.cookie=newCookie;
By the above process, can no matter browser type is red fox browser in the case where, can be in http request
Cookies is injected in middle pressure, i.e., packs to complete Cookies.By forcing injection Cookies to can avoid in certain situations
Under, Cookies loss causes server that can not verify.
After packing to complete Cookies, it is corresponding that file destination can be packed with URLVariables.fileData
Base64 coding.Finally, urlloader.load (req) can be started, so that complete Cookies is uploaded to file destination
Server.
Method provided in an embodiment of the present invention, by locally obtaining the corresponding Cookies of any domain name, determination is got
The corresponding Cookies length of Cookies.According to Cookies length, the corresponding complete Cookies of any domain name is obtained.To mesh
Mark file is filtered, and complete Cookies and file destination are uploaded to server.Due to can be according to locally getting
Cookies obtains the corresponding complete Cookies of any domain name, endless so as to avoid causing data to upload because Cookies is too long
It is whole.Subsequent server can carry out subscriber authentication according to the complete Cookies of upload, to be unlikely to because Cookies is not complete
Or Cookies loses completely and leads to authentication failed.
In addition, being filtered by sampling two different modes to file destination, some illegal types can be rejected
File uploads, and saves server bandwidth.In addition to this, additionally it is possible to filter out biggish file, avoid malicious user attack service
Device, so as to save the memory space of server.
The browser type that Cookies may be lost finally, for those is injected by forcing in http request
Cookies can be avoided Cookies and lose and cause server that can not carry out subscriber authentication.
The embodiment of the invention provides a kind of data uploading device, for executing, above-mentioned Fig. 1 or Fig. 2 is corresponding to be implemented the device
Data uploading method provided by example.Referring to Fig. 3, which includes:
First obtains module 301, for for any domain name under any browser, locally obtaining, any domain name to be corresponding
Cookies;
Determining module 302, for determining the corresponding Cookies length of Cookies got;
Second obtains module 303, for obtaining the corresponding complete Cookies of any domain name according to Cookies length;
Uploading module 304, for complete Cookies and file destination to be uploaded to server.
As a kind of alternative embodiment, determining module 302, comprising:
First determination unit, for determining the quantity of predetermined symbol in the Cookies got;
Second determination unit determines corresponding Cookies length for the quantity according to predetermined symbol.
As a kind of alternative embodiment, the second determination unit, for obtained number after the quantity of predetermined symbol is added 1
Value, as the corresponding Cookies length of Cookies got.
Module 303 is obtained as a kind of alternative embodiment, second, comprising:
First acquisition unit, for obtaining the permitted maximum Cookies length of any browser for any domain name;
Comparing unit, for maximum Cookies length to be compared with Cookies length;
Second acquisition unit, for obtaining the corresponding complete Cookies of any domain name according to comparison result.
As a kind of alternative embodiment, second acquisition unit, for working as Cookies length and maximum Cookies length phase
Whens equal, the corresponding server of Xiang Renyi domain name requests the corresponding complete Cookies of any domain name;When Cookies length and maximum
When Cookies length is unequal, the Cookies that will acquire is as the corresponding complete Cookies of any domain name.
As a kind of alternative embodiment, the device further include:
Filtering module, for being filtered to file destination.
As a kind of alternative embodiment, filtering module, for detecting whether file destination is default file type;Work as target
When file is not default file type, stop uploading file destination.
As a kind of alternative embodiment, filtering module, whether the size for detecting file destination is greater than preset threshold;When
When the size of file destination is greater than preset threshold, stop uploading file destination.
As a kind of alternative embodiment, uploading module 304, for generating the coding of preset format according to file destination;Root
According to the type of any browser, coding and complete Cookies are uploaded to server.
Device provided in an embodiment of the present invention, by locally obtaining the corresponding Cookies of any domain name, determination is got
The corresponding Cookies length of Cookies.According to Cookies length, the corresponding complete Cookies of any domain name is obtained.To mesh
Mark file is filtered, and complete Cookies and file destination are uploaded to server.Due to can be according to locally getting
Cookies obtains the corresponding complete Cookies of any domain name, endless so as to avoid causing data to upload because Cookies is too long
It is whole.Subsequent server can carry out subscriber authentication according to the complete Cookies of upload, to be unlikely to because Cookies is not complete
Or Cookies loses completely and leads to authentication failed.
In addition, being filtered by sampling two different modes to file destination, some illegal types can be rejected
File uploads, and saves server bandwidth.In addition to this, additionally it is possible to filter out biggish file, avoid malicious user attack service
Device, so as to save the memory space of server.
The browser type that Cookies may be lost finally, for those is injected by forcing in http request
Cookies can be avoided Cookies and lose and cause server that can not carry out subscriber authentication.
Finally, the present processes are only preferable embodiment, it is not intended to limit the scope of the present invention.It is all
Within the spirit and principles in the present invention, any modification, equivalent replacement, improvement and so on should be included in protection of the invention
Within the scope of.
Claims (7)
1. a kind of data uploading method, which is characterized in that the described method includes:
For any domain name under any browser, the corresponding Cookies of any domain name is locally being obtained;
Determine the corresponding Cookies length of Cookies got;
According to the Cookies length, the corresponding complete Cookies of any domain name is obtained;
The complete Cookies and file destination are uploaded to server;
The corresponding Cookies length of the Cookies that the determination is got, comprising:
Determine the quantity of predetermined symbol in the Cookies got;
Corresponding Cookies length is determined according to the quantity of predetermined symbol;
The quantity according to predetermined symbol determines corresponding Cookies length, comprising:
Obtained numerical value after the quantity of predetermined symbol is added 1, as the corresponding Cookies length of Cookies got;
It is described according to the Cookies length, obtain the corresponding complete Cookies of any domain name, comprising:
For any domain name, any permitted maximum Cookies length of browser is obtained;
The maximum Cookies length is compared with the Cookies length;
According to comparison result, the corresponding complete Cookies of any domain name is obtained.
2. the method according to claim 1, wherein described according to comparison result, acquisition any domain name pair
The complete Cookies answered, comprising:
When the Cookies length and when the maximum Cookies equal length, asked to the corresponding server of any domain name
Seek the corresponding complete Cookies of any domain name;
When the Cookies length and the maximum Cookies length it is unequal when, will acquire Cookies conduct described in
The corresponding complete Cookies of any domain name.
3. the method according to claim 1, wherein described upload the complete Cookies and file destination
To before server, further includes:
The file destination is filtered.
4. according to the method described in claim 3, it is characterized in that, described be filtered the file destination, comprising:
Detect whether the file destination is default file type;
When the file destination is not default file type, stop uploading the file destination.
5. according to the method described in claim 3, it is characterized in that, described be filtered the file destination, comprising:
Whether the size for detecting the file destination is greater than preset threshold;
When the size of the file destination is greater than preset threshold, stop uploading the file destination.
6. the method according to claim 1, wherein described upload the complete Cookies and file destination
To server, comprising:
According to the file destination, the coding of preset format is generated;
According to the type of any browser, the coding and the complete Cookies are uploaded to server.
7. a kind of data uploading device, which is characterized in that described device includes:
First obtains module, for for any domain name under any browser, locally obtaining, any domain name to be corresponding
Cookies;
Determining module, for determining the corresponding Cookies length of Cookies got;
Second obtains module, for obtaining the corresponding complete Cookies of any domain name according to the Cookies length;
Uploading module, for the complete Cookies and file destination to be uploaded to server;
The determining module, comprising:
First determination unit, for determining the quantity of predetermined symbol in the Cookies got;
Second determination unit determines corresponding Cookies length for the quantity according to predetermined symbol;
Second determination unit, for obtained numerical value after the quantity of predetermined symbol is added 1, as what is got
The corresponding Cookies length of Cookies;
Described second obtains module, comprising:
First acquisition unit, for obtaining any permitted maximum Cookies long of browser for any domain name
Degree;
Comparing unit, for the maximum Cookies length to be compared with the Cookies length;
Second acquisition unit, for obtaining the corresponding complete Cookies of any domain name according to comparison result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611219424.2A CN106850751B (en) | 2016-12-26 | 2016-12-26 | Data uploading method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611219424.2A CN106850751B (en) | 2016-12-26 | 2016-12-26 | Data uploading method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106850751A CN106850751A (en) | 2017-06-13 |
| CN106850751B true CN106850751B (en) | 2019-06-21 |
Family
ID=59136581
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611219424.2A Active CN106850751B (en) | 2016-12-26 | 2016-12-26 | Data uploading method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106850751B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532824A (en) * | 2012-07-06 | 2014-01-22 | 阿里巴巴集团控股有限公司 | Notification method, browser and server for instant communication message |
| CN103955477A (en) * | 2014-03-31 | 2014-07-30 | 北京奇虎科技有限公司 | Method for writing and reading Cookie information in browser, device and browser |
| EP2800317A1 (en) * | 2011-12-27 | 2014-11-05 | ZTE Corporation | Terminal device and user information synchronization method |
| CN105704120A (en) * | 2016-01-05 | 2016-06-22 | 中云网安科技(北京)有限公司 | Method for safe network access based on self-learning form |
-
2016
- 2016-12-26 CN CN201611219424.2A patent/CN106850751B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2800317A1 (en) * | 2011-12-27 | 2014-11-05 | ZTE Corporation | Terminal device and user information synchronization method |
| CN103532824A (en) * | 2012-07-06 | 2014-01-22 | 阿里巴巴集团控股有限公司 | Notification method, browser and server for instant communication message |
| CN103955477A (en) * | 2014-03-31 | 2014-07-30 | 北京奇虎科技有限公司 | Method for writing and reading Cookie information in browser, device and browser |
| CN105704120A (en) * | 2016-01-05 | 2016-06-22 | 中云网安科技(北京)有限公司 | Method for safe network access based on self-learning form |
Non-Patent Citations (1)
| Title |
|---|
| 《浅析Cookies欺骗攻击与防御策略》;王永乐等;《信息技术》;20140825(第8期);第176-179页 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106850751A (en) | 2017-06-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9680850B2 (en) | Identifying bots | |
| CN101388768B (en) | Method and device for detecting malicious HTTP request | |
| KR101001132B1 (en) | Method and System for Determining Vulnerability of Web Application | |
| US20070136809A1 (en) | Apparatus and method for blocking attack against Web application | |
| EP3991389B1 (en) | File upload control for client-side applications in proxy solutions | |
| US10972496B2 (en) | Upload interface identification method, identification server and system, and storage medium | |
| CN107302586B (en) | Webshell detection method and device, computer device and readable storage medium | |
| CN110417718B (en) | Method, device, equipment and storage medium for processing risk data in website | |
| CN112703496B (en) | Content policy based notification to application users regarding malicious browser plug-ins | |
| KR101902747B1 (en) | Method and Apparatus for Analyzing Web Vulnerability for Client-side | |
| WO2010111716A1 (en) | Real-time malicious code inhibitor | |
| CN105282096A (en) | XSS vulnerability detection method and device | |
| CN111628990A (en) | Attack recognition method and device and server | |
| KR101372906B1 (en) | Method and system to prevent malware code | |
| CN108028843A (en) | Passive type web application firewalls | |
| CN113364784B (en) | Detection parameter generation method and device, electronic equipment and storage medium | |
| CN110909350A (en) | Method for remotely and accurately identifying WebShell backdoor | |
| CN113420300B (en) | Method and system for detecting and defending file uploading loopholes | |
| US10757118B2 (en) | Method of aiding the detection of infection of a terminal by malware | |
| CN106850751B (en) | Data uploading method and device | |
| CN105490993B (en) | Method and device for preventing Cookie tracking in browser | |
| CN113742631B (en) | CDN-based website picture anti-theft chain method | |
| CN110851822B (en) | Network download security processing method and device | |
| CN114048483A (en) | XSS vulnerability detection method, device, equipment and medium | |
| CN114329459A (en) | Browser protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230821 Address after: 518000 Youyiju Lighting City, Shanglin Community, Yuanling Street, Futian District, Shenzhen City, Guangdong Province 4008, at the junction of Bagua Road and Nigang Road Patentee after: Shenzhen Hetang Huizhi Technology Co.,Ltd. Address before: 430000 Wuhan Donghu Development Zone, Wuhan, Hubei Province, No. 1 Software Park East Road 4.1 Phase B1 Building 11 Building Patentee before: WUHAN DOUYU NETWORK TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |