CN109145581A - Anti- simulation login method, device and server based on browser rendering performance - Google Patents
Anti- simulation login method, device and server based on browser rendering performance Download PDFInfo
- Publication number
- CN109145581A CN109145581A CN201811155064.3A CN201811155064A CN109145581A CN 109145581 A CN109145581 A CN 109145581A CN 201811155064 A CN201811155064 A CN 201811155064A CN 109145581 A CN109145581 A CN 109145581A
- Authority
- CN
- China
- Prior art keywords
- rendering
- page
- browser
- current
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000009877 rendering Methods 0.000 title claims abstract description 241
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000004088 simulation Methods 0.000 title claims abstract description 44
- 230000002159 abnormal effect Effects 0.000 claims description 5
- 238000000605 extraction Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 2
- 239000003795 chemical substances by application Substances 0.000 description 17
- 238000010586 diagram Methods 0.000 description 7
- 239000000284 extract Substances 0.000 description 7
- 230000001046 anti-mould Effects 0.000 description 4
- 239000002546 antimould Substances 0.000 description 4
- 241000282485 Vulpes vulpes Species 0.000 description 3
- 235000013399 edible fruits Nutrition 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 235000008954 quail grass Nutrition 0.000 description 3
- VYZAMTAEIAYCRO-UHFFFAOYSA-N Chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of anti-simulation login method, device, server and storage mediums based on browser rendering performance.Server of the present invention receives the page logging request of user terminal triggering first, and current browser information is extracted from page logging request;Objective browser corresponding with current browser information is searched again, while obtaining current login page corresponding with page logging request;Objective browser is obtained to the first rendering result of current login page;Current login page is sent to user terminal, so that user terminal renders the current login page in current browser, and feeds back the second rendering result;Finally the second rendering result of user terminal feedback and the first rendering result are compared, when comparison result meets default rendering condition, identification page logging request is normal request, it is identified to solve the problems, such as that unauthorized access request that current illegal user produced by simulator puppet is not easy, improves the difficulty of the forgery of simulator.
Description
Technical field
The present invention relates to internet information security fields more particularly to a kind of anti-simulation based on browser rendering performance to step on
Recording method, device, server and storage medium.
Background technique
A website is accessed with common family using terminal equipment, Website server can obtain the end message of the user, than
Browser information as used in IP address, the physical message of terminal device, terminal device etc., many websites mould in order to prevent
Quasi- device is forged into the unauthorized access request of legitimate user's initiation, it will usually which the measure taken is that limitation comes from same IP, same end
End equipment accesses the high-frequency of website.But illegal user can be by updating the parameter in user agent User Agent come pseudo-
Some new unauthorized access are produced, so that the defence difficulty of website increases.
Above content is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that above content is existing skill
Art.
Summary of the invention
The main purpose of the present invention is to provide it is a kind of based on the browser rendering anti-simulation login method of performance, device,
Server and storage medium, it is intended to solve the unauthorized access request that current illegal user is produced by simulator puppet and be not easy to be known
Other problem.
To achieve the above object, the present invention provides the anti-simulation login method based on browser rendering performance, the method
Include:
Server receives the page logging request of user terminal triggering, and current browsing is extracted from the page logging request
Device information;
Search objective browser corresponding with the current browser information;
Obtain current login page corresponding with the page logging request;
The objective browser is obtained to the first rendering result of the current login page;
The current login page is sent to the user terminal, so that the user terminal is in current browser to institute
It states current login page to be rendered, and feeds back the second rendering result;
The second rendering result that the user terminal is fed back and first rendering result are compared, in comparison result
When meeting default rendering condition, assert that the page logging request is normal request, and send verifying page to the user terminal
Face, so that the user terminal is based on the verifying page and completes login process.
Preferably, second rendering result that the user terminal is fed back and first rendering result compare
Compared with assert that the page logging request is normal request, specifically include when comparison result meets default rendering condition:
The second rendering page-images are extracted from second rendering result, extract first from first rendering result
Render page-images;
The second rendering page-images and the first rendering result image are compared, in comparison result default
When in pixel error threshold value, assert that the page logging request is normal request.
Preferably, second rendering result that the user terminal is fed back and first rendering result compare
Compared with assert that the page logging request is normal request, specifically include when comparison result meets default rendering condition:
The second rendering speed is extracted from second rendering result, the first rendering is extracted from first rendering result
Speed;
Second rendering speed and first rendering speed are compared, in comparison result in pre-set velocity difference
When in range, assert that the page logging request is normal request.
Preferably, described to obtain the objective browser to the first rendering result of the current login page, specific packet
It includes:
The first rendering result is matched from webpage rendering library according to the objective browser and the current login page,
First rendering result is to carry out rendering generation to the current login page in the objective browser in advance, described the
One rendering result includes at least the first rendering result image and the first rendering speed.
Preferably, the server receives the page logging request of user terminal triggering, from the page logging request
Current browser information is extracted, is specifically included:
Server receives the page logging request of user terminal triggering, and user agent is determined from the page logging request
Information User Agent obtains current browser mark and current browser rendering engine from user agent's information;
Correspondingly, described to search objective browser corresponding with the current browser information, it specifically includes;
Search objective browser corresponding with current browser mark and the current browser rendering engine.
Preferably, described to send the current login page to the user terminal, so that the user terminal is current
The current login page is rendered in browser, and feeds back the second rendering result, is specifically included:
The current login page is sent to the user terminal, so that the user terminal is to the current landing page
Face is parsed, and html data structure and CSS data structure are obtained, and is based on the html data structure and the CSS number
The current login page is rendered in present terminal browser according to structure, and feeds back the second rendering result.
Preferably, second rendering result that the user terminal is fed back and first rendering result are compared
Later, further includes:
When comparison result is unsatisfactory for default rendering condition, assert that the page logging request is abnormal request, and right
The page logging request is limited.
In addition, to achieve the above object, the present invention also proposes that a kind of anti-simulation based on browser rendering performance logs in dress
It sets, described device includes:
Extraction module receives the page logging request of user terminal triggering for server, from the page logging request
Middle extraction current browser information;
Searching module, for searching objective browser corresponding with the current browser information;
Module is obtained, for obtaining current login page corresponding with the page logging request;
Rendering module, for obtaining the objective browser to the first rendering result of the current login page;
Sending module, for sending the current login page to the user terminal, so that the user terminal is being worked as
The current login page is rendered in preceding browser, and feeds back the second rendering result;
Comparison module, the second rendering result and first rendering result for feeding back the user terminal compare
Compared with assert that the page logging request is normal request, and whole to the user when comparison result meets default rendering condition
End sends the verifying page, so that the user terminal is based on the verifying page and completes login process.
In addition, to achieve the above object, the present invention also proposes that a kind of server, the server include: memory, processing
Device and the anti-simulation login based on browser rendering performance that is stored on the memory and can run on the processor
Program, the anti-simulation logging program based on browser rendering performance is arranged for carrying out to be rendered based on browser as described above
The step of anti-simulation login method of performance.
In addition, to achieve the above object, the present invention also proposes a kind of storage medium, it is stored with and is based on the storage medium
Browser renders the anti-simulation logging program of performance, and the anti-simulation logging program based on browser rendering performance is by processor
The step of anti-simulation login method as described above based on browser rendering performance is realized when execution.
Server of the present invention receives the page logging request of user terminal triggering first, extracts and works as from page logging request
Preceding browser information;Objective browser corresponding with current browser information is searched again, while being obtained and page logging request pair
The current login page answered;Objective browser is obtained to the first rendering result of current login page;Work as to user terminal transmission
Preceding login page so that user terminal renders the current login page in current browser, and feeds back the second wash with watercolours
Contaminate result;Finally the second rendering result of user terminal feedback and the first rendering result are compared, met in comparison result
When default rendering condition, identification page logging request is normal request, solves what current illegal user was produced by simulator puppet
Unauthorized access request is not easy identified problem, improves the difficulty of the forgery of simulator, strengthens the safety of user's login
Property and reliability.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of the server for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is a kind of process signal of anti-simulation login method first embodiment that performance is rendered based on browser of the present invention
Figure;
Fig. 3 is a kind of process signal of anti-simulation login method second embodiment that performance is rendered based on browser of the present invention
Figure;
Fig. 4 is a kind of process signal of anti-simulation login method 3rd embodiment that performance is rendered based on browser of the present invention
Figure;
Fig. 5 is a kind of process signal of anti-simulation login method fourth embodiment that performance is rendered based on browser of the present invention
Figure;
Fig. 6 is a kind of structural block diagram for the anti-simulation entering device that performance is rendered based on browser of the present invention;
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Referring to Fig.1, Fig. 1 is the server architecture schematic diagram for the hardware running environment that the embodiment of the present invention is related to.
As shown in Figure 1, the server may include: processor 1001, such as CPU, communication bus 1002, network interface
1003, memory 1004.Wherein, communication bus 1002 is for realizing the connection communication between these components.Network interface 1003
It may include optionally standard wireline interface and wireless interface (such as WI-FI interface).Memory 1004 can be high-speed RAM and deposit
Reservoir is also possible to stable memory (non-volatile memory), such as magnetic disk storage.Memory 1004 is optional
The storage device that can also be independently of aforementioned processor 1001.
It will be understood by those skilled in the art that server architecture shown in Fig. 1 does not constitute the restriction to server, it can
To include perhaps combining certain components or different component layouts than illustrating more or fewer components.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1004 of computer storage medium
Believe module and the anti-simulation logging program based on browser rendering performance.
In server shown in Fig. 1, processor 1001, memory 1004 in server of the present invention, which can be set, to be taken
It is engaged in device, the server calls the anti-mould that performance is rendered based on browser stored in memory 1004 by processor 1001
Quasi- logging program, and execute following operation:
Server receives the page logging request of user terminal triggering, and current browsing is extracted from the page logging request
Device information;
Search objective browser corresponding with the current browser information;
Obtain current login page corresponding with the page logging request;
The objective browser is obtained to the first rendering result of the current login page;
The current login page is sent to the user terminal, so that the user terminal is in current browser to institute
It states current login page to be rendered, and feeds back the second rendering result;
The second rendering result that the user terminal is fed back and first rendering result are compared, in comparison result
When meeting default rendering condition, assert that the page logging request is normal request, and send verifying page to the user terminal
Face, so that the user terminal is based on the verifying page and completes login process.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
The second rendering page-images are extracted from second rendering result, extract first from first rendering result
Render page-images;
The second rendering page-images and the first rendering result image are compared, in comparison result default
When in pixel error threshold value, assert that the page logging request is normal request.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
The second rendering speed is extracted from second rendering result, the first rendering is extracted from first rendering result
Speed;
Second rendering speed and first rendering speed are compared, in comparison result in pre-set velocity difference
When in range, assert that the page logging request is normal request.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
The first rendering result is matched from webpage rendering library according to the objective browser and the current login page,
First rendering result is to carry out rendering generation to the current login page in the objective browser in advance, described the
One rendering result includes at least the first rendering result image and the first rendering speed.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
Server receives the page logging request of user terminal triggering, and user agent is determined from the page logging request
Information User Agent obtains current browser mark and current browser rendering engine from user agent's information;
Search objective browser corresponding with current browser mark and the current browser rendering engine.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
The current login page is sent to the user terminal, so that the user terminal is to the current landing page
Face is parsed, and html data structure and CSS data structure are obtained, and is based on the html data structure and the CSS number
The current login page is rendered in present terminal browser according to structure, and feeds back the second rendering result.
Further, the server calls what is stored in memory 1004 to render based on browser by processor 1001
The anti-simulation logging program of performance also executes following operation:
When comparison result is unsatisfactory for default rendering condition, assert that the page logging request is abnormal request, and right
The page logging request is limited.
Server in the present embodiment receives the page logging request of user terminal triggering first, from page logging request
Extract current browser information;Objective browser corresponding with current browser information is searched again, while being obtained and being logged in the page
Request corresponding current login page;Objective browser is obtained to the first rendering result of current login page;To user terminal
Current login page is sent, so that user terminal renders the current login page in current browser, and is fed back
Second rendering result;Finally the second rendering result of user terminal feedback and the first rendering result are compared, comparing knot
When fruit meets default rendering condition, identification page logging request is normal request, solves current illegal user and passes through simulator puppet
The unauthorized access request produced is not easy identified problem, improves the difficulty of the forgery of simulator, strengthens user's login
Safety and reliability.
Based on above-mentioned hardware configuration, a kind of embodiment of the method for Sign-On authentication of the present invention is proposed.
Referring to Fig. 2, Fig. 2 is a kind of anti-simulation login method first embodiment that performance is rendered based on browser of the present invention
Flow diagram.
In the present embodiment, it the described method comprises the following steps:
Step S10: server receives the page logging request of user terminal triggering, extracts from the page logging request
Current browser information;
It will be appreciated that server receives the page logging request of " user terminal " triggering, page login is initiated here and is asked
The corresponding physical end possibility asked is real user, it is also possible to which corresponding is the illegal user using third party's simulator.
In the concrete realization, server receives the page logging request of user terminal triggering, from the page logging request
Middle determining user agent's information User Agent obtains current browser mark and current browsing from user agent's information
Device rendering engine;
It will be appreciated that the current browser information can be characterized as user agent information User Agent, User
The format of Agent is a special string head, and server determines the operation system that user terminal can be identified after User Agent
System and version, cpu type, browser (being indicated with browser mark) and browser version, browser rendering engine, browsing
Device language, browser plug-in etc..The server of the present embodiment obtains current browser from user agent's information and identifies, is clear
Look at device version and current browser rendering engine.
Step S20: objective browser corresponding with the current browser information is searched;
It will be appreciated that the browser of the red fox browser for example obtained in step slo identifies, version is
62.0.0.6816, then server can find out version be 62.0.0.6816 red fox browser as objective browser.
Step S30: current login page corresponding with the page logging request is obtained;
In the concrete realization, it when server responds the page logging request, can determine whether and the page logging request pair
The current login page answered.
Step S40: the objective browser is obtained to the first rendering result of the current login page;
It will be appreciated that first rendering result is the objective browser that is found out based on server to current log in page
The rendering result in face.
Step S50: the current login page is sent to the user terminal, so that the user terminal is browsed currently
The current login page is rendered in device, and feeds back the second rendering result;
It will be appreciated that after current login page corresponding with the page logging request has been determined in step s 30, meeting
Step S50 is executed at once;
Wherein, the user terminal renders the current login page in current browser, specific to render
Mode are as follows: user terminal parses the current login page, obtains HyperText Markup Language (HTML, HyperText
Markup Language) data structure and cascading style sheets (CSS, Cascading Style Sheets) data structure, base
The current login page is carried out in present terminal browser in the html data structure and the CSS data structure
Rendering.
Specifically, user terminal parses html source code document from current login page, wherein the html source code is literary
Shelves also may include JavaScript code.Specific rendering mode are as follows: html source code document is parsed into tree-like by browser
Data structure Dom tree document object model;Browser solves the cascading style sheets CSS in html source code document simultaneously
CSS object model CSSOM is analysed into, DOM tree and CSSOM are merged to and generated tree-like data structure Render Tree rendering
Tree.Have a Render Tree, browser just can know that has in current login page which node, each node CSS definition with
And their subordinate relation, to go to calculate position of each node in login page, according to the rule calculated, base
Login page is rendered by video card in browser rendering engine.
Wash with watercolours is carried out to the current login page in current browser according to the above rendering mode in the user terminal
The second rendering result is generated after dye, and the second rendering result is fed back into server in time;
Step S60: the second rendering result that the user terminal is fed back and first rendering result are compared,
When comparison result meets default rendering condition, assert that the page logging request is normal request, and send out to the user terminal
The verifying page is sent, so that the user terminal is based on the verifying page and completes login process.
It will be appreciated that the first rendering result represent be the objective browser that server is found out rendering performance, the
What two rendering results represented is the rendering for the current browser that the user terminal for sending page logging request to server uses
Can, the first rendering result and the second rendering result are compared, if the rendering performance gap of the two is larger, server
It can assert that the current browser information claimed in the page logging request is not inconsistent its practical browser information, and then can sentence
The parameter of User Agent in disconnected page logging request out is forged by illegal user, then the page logging request
For abnormal request.If the rendering performance gap very little of the two, illustrate that the page logging request is not that illegal user is logical
Cross the request of simulator initiation.
Server in the present embodiment receives the page logging request of user terminal triggering first, from page logging request
Extract current browser information;Objective browser corresponding with current browser information is searched again, while being obtained and being logged in the page
Request corresponding current login page;Objective browser is obtained to the first rendering result of current login page;To user terminal
Current login page is sent, so that user terminal renders the current login page in current browser, and is fed back
Second rendering result;Finally the second rendering result of user terminal feedback and the first rendering result are compared, comparing knot
When fruit meets default rendering condition, identification page logging request is normal request, solves current illegal user and passes through simulator puppet
The unauthorized access request produced is not easy identified problem, improves the difficulty of the forgery of simulator, strengthens user's login
Safety and reliability.
Further, referring to Fig. 3, a kind of anti-simulation login method second based on browser rendering performance of the present invention is implemented
The flow diagram of example proposes a kind of anti-mould based on browser rendering performance of the present invention based on above-mentioned embodiment shown in Fig. 2
The second embodiment of quasi- login method.
In the present embodiment, the step S40 is specifically included,
Step S401: first is matched from webpage rendering library according to the objective browser and the current login page
Rendering result, first rendering result are to carry out rendering life to the current login page in the objective browser in advance
At first rendering result includes at least the first rendering result image and the first rendering speed.
It will be appreciated that first rendering result can be server calls version be 62.0.0.6816 red fox it is clear
The browser rendering engine of device of looking at from the background in real time is rendering the current login page, certain this timely rendering mode
It will affect the processing speed of server;
Preferably, the present embodiment in the concrete realization, can in advance protect rendering result of the objective browser to login page
It is stored in database, the rendering result pre-saved includes at least the rendering result image of the page and the rendering speed of the page.
The database for storing rendering result is named as webpage rendering library simultaneously;
When server goes for the objective browser found out based on its own to the rendering result of current login page
When (i.e. the first rendering result), directly found out and the objective browser and the current login page from webpage rendering library
Corresponding rendering result is first rendering result.
Further, referring to Fig. 4, a kind of anti-simulation login method third based on browser rendering performance of the present invention is implemented
The flow diagram of example proposes a kind of anti-mould based on browser rendering performance of the present invention based on above-mentioned embodiment shown in Fig. 2
The 3rd embodiment of quasi- login method.
In the present embodiment, the step S60 is specifically included:
Step S61: the second rendering page-images are extracted from second rendering result, from first rendering result
Extract the first rendering page-images;
Step S62: the second rendering page-images and the first rendering result image are compared, and are comparing knot
When fruit is in presetted pixel error threshold, assert that the page logging request is normal request.
Specifically, the present embodiment can by with call increase income computer vision library (opencv, Open Source
Computer Vision Library) absdiff function calculate first rendering page-images with second rendering page-images it
Absolute value of the difference directly obtains difference pixel, in this way it can be seen that the difference of two images.Difference number of pixels is calculated, it can be with
After error image is changed into gray scale, non-zero pixels number is calculated with the countNonZero function of opencv, if non-zero pixels
When number is in presetted pixel error threshold, then it is assumed that two width page-images are handled by identical browser rendering;If non-
When zero number of pixels is not in presetted pixel error threshold, then it is assumed that two width page-images are not by identical browser rendering
Reason.
Further, referring to Fig. 5, a kind of anti-simulation login method third based on browser rendering performance of the present invention is implemented
The flow diagram of example proposes a kind of anti-mould based on browser rendering performance of the present invention based on above-mentioned embodiment shown in Fig. 2
The fourth embodiment of quasi- login method.
In the present embodiment, the step S60 is specifically included:
Step S601: extracting the second rendering speed from second rendering result, mentions from first rendering result
Take the first rendering speed;
Step S602: second rendering speed and first rendering speed are compared, in comparison result pre-
If when within the scope of speed difference, assert that the page logging request is normal request.
It will be appreciated that different browsers are typically different the page rendering time of same page, the present embodiment is being browsed
When device renders page logging request, the rendering speed of lower page logging request can be recorded in real time.
Specifically, the corresponding current browser information of page logging request of user terminal triggering can claim that it is used
Chrome browser, server can send the current login page to the user terminal, so that the user terminal is being worked as
Current login page is rendered in preceding browser, and feeds back the rendering speed of the second rendering speed to server;It takes simultaneously
Business device can obtain the objective browser to the first rendering speed of current login page, and the first rendering speed and second are rendered
Speed is compared, when comparison result is in pre-set velocity difference range, then it is assumed that two width page-images are by identical clear
Device rendering of looking at processing;When comparison result is beyond in pre-set velocity difference range, then it is assumed that two width page-images are not by identical
Browser rendering processing, such as the second rendering speed is slow and the rendering speed of IE browser is similar, and resolution speed is remote
Less than the resolution speed of chrome browser, then page logging request affirmative is abnormal.
In addition, Fig. 5 is a kind of anti-simulation entering device structural frames for rendering performance based on browser of the present invention with reference to Fig. 5
Figure;
In the present embodiment, described device includes:
Extraction module 10 receives the page logging request of user terminal triggering for server, asks from page login
Seek middle extraction current browser information;
Searching module 20, for searching objective browser corresponding with the current browser information;
Module 30 is obtained, for obtaining current login page corresponding with the page logging request;
Rendering module 40, for obtaining the objective browser to the first rendering result of the current login page;
Sending module 50, for sending the current login page to the user terminal, so that the user terminal exists
The current login page is rendered in current browser, and feeds back the second rendering result;
Comparison module 60, the second rendering result and first rendering result for feeding back the user terminal carry out
Compare, when comparison result meets default rendering condition, assert that the page logging request is normal request, and to the user
Terminal sends the verifying page, so that the user terminal is based on the verifying page and completes login process.
It will be appreciated that the anti-simulation entering device based on browser rendering performance of this implementation can be it is a kind of using journey
Sequence, the application program are loaded in the server of above-described embodiment, and the present invention is based on the anti-simulation logins of browser rendering performance
The specific implementation of device can refer to the above-mentioned anti-simulation login method embodiment based on browser rendering performance, herein no longer
It repeats.
In addition, the present invention also provides a kind of computer storage mediums, which is characterized in that deposited in the computer storage medium
Contain the anti-simulation logging program based on browser rendering performance, the anti-simulation logging program based on browser rendering performance
The anti-simulation login method step as described above based on browser rendering performance is realized when being executed by processor.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in a storage medium
In (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, computer, clothes
Business device, air conditioner or the network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of anti-simulation login method based on browser rendering performance, which is characterized in that the described method includes:
Server receives the page logging request of user terminal triggering, and current browser letter is extracted from the page logging request
Breath;
Search objective browser corresponding with the current browser information;
Obtain current login page corresponding with the page logging request;
The objective browser is obtained to the first rendering result of the current login page;
The current login page is sent to the user terminal, so that the user terminal is worked as in current browser to described
Preceding login page is rendered, and feeds back the second rendering result;
The second rendering result that the user terminal is fed back and first rendering result are compared, met in comparison result
When default rendering condition, assert that the page logging request is normal request, and send the verifying page to the user terminal, with
So that the user terminal is based on the verifying page and completes login process.
2. the method as described in claim 1, which is characterized in that second rendering result for feeding back the user terminal and
First rendering result is compared, and when comparison result meets default rendering condition, assert that the page logging request is
Normal request specifically includes:
The second rendering page-images are extracted from second rendering result, and the first rendering is extracted from first rendering result
Page-images;
The second rendering page-images and the first rendering result image are compared, in comparison result in presetted pixel
When in error threshold, assert that the page logging request is normal request.
3. the method as described in claim 1, which is characterized in that second rendering result for feeding back the user terminal and
First rendering result is compared, and when comparison result meets default rendering condition, assert that the page logging request is
Normal request specifically includes:
The second rendering speed is extracted from second rendering result, the first rendering speed is extracted from first rendering result
Degree;
Second rendering speed and first rendering speed are compared, in comparison result in pre-set velocity difference range
When interior, assert that the page logging request is normal request.
4. the method according to claim 1, which is characterized in that the acquisition objective browser is worked as to described
First rendering result of preceding login page, specifically includes:
The first rendering result is matched from webpage rendering library according to the objective browser and the current login page, it is described
First rendering result is to carry out rendering generation, first wash with watercolours to the current login page in the objective browser in advance
It contaminates result and includes at least the first rendering result image and the first rendering speed.
5. the method according to claim 1, which is characterized in that the server receives the page of user terminal triggering
Face logging request is extracted current browser information from the page logging request, is specifically included:
Server receives the page logging request of user terminal triggering, and user agent's information is determined from the page logging request
User Agent obtains current browser mark and current browser rendering engine from user agent's information;
Correspondingly, described to search objective browser corresponding with the current browser information, it specifically includes;
Search objective browser corresponding with current browser mark and the current browser rendering engine.
6. the method according to claim 1, which is characterized in that described described current to user terminal transmission
Login page so that the user terminal renders the current login page in current browser, and feeds back second
Rendering result specifically includes:
Send the current login page to the user terminal so that the user terminal to the current login page into
Row parsing, obtains html data structure and CSS data structure, is based on the html data structure and the CSS data knot
Structure renders the current login page in present terminal browser, and feeds back the second rendering result.
7. claim 1-3 method as described in one, which is characterized in that second wash with watercolours for feeding back the user terminal
After dye result and first rendering result are compared, further includes:
When comparison result is unsatisfactory for default rendering condition, assert that the page logging request is abnormal request, and to described
Page logging request is limited.
8. a kind of anti-simulation entering device based on browser rendering performance, which is characterized in that described device includes:
Extraction module receives the page logging request of user terminal triggering for server, mentions from the page logging request
Take current browser information;
Searching module, for searching objective browser corresponding with the current browser information;
Module is obtained, for obtaining current login page corresponding with the page logging request;
Rendering module, for obtaining the objective browser to the first rendering result of the current login page;
Sending module, for sending the current login page to the user terminal, so that the user terminal is current clear
It lookes in device and the current login page is rendered, and feed back the second rendering result;
Comparison module, the second rendering result and first rendering result for feeding back the user terminal are compared,
When comparison result meets default rendering condition, assert that the page logging request is normal request, and to the user terminal
The verifying page is sent, so that the user terminal is based on the verifying page and completes login process.
9. a kind of server, which is characterized in that the server includes: memory, processor and is stored on the memory
And the anti-simulation logging program based on browser rendering performance that can be run on the processor, it is described to be rendered based on browser
The anti-simulation logging program of performance, which is arranged for carrying out, renders performance based on browser as described in any one of claims 1 to 7
Anti- simulation login method the step of.
10. a kind of storage medium, which is characterized in that be stored with the anti-simulation based on browser rendering performance on the storage medium
Logging program, the anti-simulation logging program based on browser rendering performance realize such as claim 1 when being executed by processor
To the step of rendering the anti-simulation login method of performance based on browser described in any one of 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811155064.3A CN109145581B (en) | 2018-09-29 | 2018-09-29 | Anti-simulation login method and device based on browser rendering performance and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811155064.3A CN109145581B (en) | 2018-09-29 | 2018-09-29 | Anti-simulation login method and device based on browser rendering performance and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109145581A true CN109145581A (en) | 2019-01-04 |
| CN109145581B CN109145581B (en) | 2021-08-10 |
Family
ID=64813990
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811155064.3A Active CN109145581B (en) | 2018-09-29 | 2018-09-29 | Anti-simulation login method and device based on browser rendering performance and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109145581B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110011964A (en) * | 2019-02-27 | 2019-07-12 | 同盾控股有限公司 | A kind of web environment detection method and device |
| CN110198305A (en) * | 2019-05-05 | 2019-09-03 | 平安科技(深圳)有限公司 | It attends a banquet method for detecting abnormality, system, computer equipment and the storage medium of IP |
| CN112148573A (en) * | 2020-09-21 | 2020-12-29 | 青岛窗外科技有限公司 | Method and device for recording and playing back webpage operation process |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100587701C (en) * | 2005-10-18 | 2010-02-03 | 松下电器产业株式会社 | Information processing device and method |
| CN102722585A (en) * | 2012-06-08 | 2012-10-10 | 亿赞普(北京)科技有限公司 | Browser type identification method, device and system |
| CN104486301A (en) * | 2014-12-02 | 2015-04-01 | 百度在线网络技术(北京)有限公司 | Login authentication method and device |
| CN106302317A (en) * | 2015-05-15 | 2017-01-04 | 北京国双科技有限公司 | The generation method and apparatus of logon web page |
| CN108595304A (en) * | 2018-04-19 | 2018-09-28 | 腾讯科技(深圳)有限公司 | Web monitor method and device |
-
2018
- 2018-09-29 CN CN201811155064.3A patent/CN109145581B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100587701C (en) * | 2005-10-18 | 2010-02-03 | 松下电器产业株式会社 | Information processing device and method |
| CN102722585A (en) * | 2012-06-08 | 2012-10-10 | 亿赞普(北京)科技有限公司 | Browser type identification method, device and system |
| CN104486301A (en) * | 2014-12-02 | 2015-04-01 | 百度在线网络技术(北京)有限公司 | Login authentication method and device |
| CN106302317A (en) * | 2015-05-15 | 2017-01-04 | 北京国双科技有限公司 | The generation method and apparatus of logon web page |
| CN108595304A (en) * | 2018-04-19 | 2018-09-28 | 腾讯科技(深圳)有限公司 | Web monitor method and device |
Non-Patent Citations (1)
| Title |
|---|
| 康年华等: "一种基于特征信息隐式获取的抗干扰浏览器指纹生成算法", 《信息网络安全》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110011964A (en) * | 2019-02-27 | 2019-07-12 | 同盾控股有限公司 | A kind of web environment detection method and device |
| CN110011964B (en) * | 2019-02-27 | 2021-09-24 | 同盾控股有限公司 | Webpage environment detection method and device |
| CN110198305A (en) * | 2019-05-05 | 2019-09-03 | 平安科技(深圳)有限公司 | It attends a banquet method for detecting abnormality, system, computer equipment and the storage medium of IP |
| CN112148573A (en) * | 2020-09-21 | 2020-12-29 | 青岛窗外科技有限公司 | Method and device for recording and playing back webpage operation process |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109145581B (en) | 2021-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104766014B (en) | Method and system for detecting malicious website | |
| CN102831345B (en) | Injection point extracting method in SQL (Structured Query Language) injection vulnerability detection | |
| KR100848319B1 (en) | Harmful web site filtering method and apparatus using web structural information | |
| US7870475B2 (en) | System and method for bookmarking and tagging a content item | |
| CN103888490B (en) | A kind of man-machine knowledge method for distinguishing of full automatic WEB client side | |
| US9563611B2 (en) | Merging web page style addresses | |
| CN108366058B (en) | Method, device, equipment and storage medium for preventing traffic hijacking of advertisement operator | |
| US20090232351A1 (en) | Authentication method, authentication device, and recording medium | |
| CN102436564A (en) | Method and device for identifying falsified webpage | |
| CN109104456A (en) | A kind of user tracking based on browser fingerprint and propagating statistics analysis method | |
| CN103118035B (en) | Method and the device of analyzing web site access request parameters legal range | |
| KR20110009675A (en) | Method and system to selectively secure the display of advertisements on web browsers | |
| CN109145581A (en) | Anti- simulation login method, device and server based on browser rendering performance | |
| CN102833212A (en) | Webpage visitor identity identification method and system | |
| Kaur et al. | Browser fingerprinting as user tracking technology | |
| CN103647767A (en) | Website information display method and apparatus | |
| CN106446113A (en) | Mobile big data analysis method and device | |
| CN109446801A (en) | Detect method, apparatus, server and the storage medium of simulator access | |
| US11870808B1 (en) | Mobile device security application for malicious website detection based on representative image | |
| CN107784107B (en) | Dark chain detection method and device based on escape behavior analysis | |
| CN116324766A (en) | Optimizing crawling requests by browsing profiles | |
| CN106060038A (en) | Client program behavior analysis-based phishing website detection method | |
| CN111309578A (en) | Method and device for identifying object | |
| CN110417746A (en) | Cross-site scripting attack defence method, device, equipment and storage medium | |
| CN110413861B (en) | Link extraction method, device, equipment and storage medium based on web crawler |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Anti simulation login method, device, and server based on browser rendering performance Effective date of registration: 20231219 Granted publication date: 20210810 Pledgee: Industrial Bank Limited by Share Ltd. Wuhan branch Pledgor: WUHAN JIYI NETWORK TECHNOLOGY Co.,Ltd. Registration number: Y2023980072607 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |