CN109787951B - Network data access method and device and electronic equipment - Google Patents

Network data access method and device and electronic equipment Download PDF

Info

Publication number
CN109787951B
CN109787951B CN201811400599.2A CN201811400599A CN109787951B CN 109787951 B CN109787951 B CN 109787951B CN 201811400599 A CN201811400599 A CN 201811400599A CN 109787951 B CN109787951 B CN 109787951B
Authority
CN
China
Prior art keywords
domain name
target
address
server
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811400599.2A
Other languages
Chinese (zh)
Other versions
CN109787951A (en
Inventor
吴岩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN201811400599.2A priority Critical patent/CN109787951B/en
Publication of CN109787951A publication Critical patent/CN109787951A/en
Application granted granted Critical
Publication of CN109787951B publication Critical patent/CN109787951B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides a network data access method, a network data access device and electronic equipment. The method is applied to the client and comprises the following steps: firstly, obtaining a first URL request for accessing target network data; secondly, determining a target agent IP address; then, based on the IP address of the target agent, sending an HTTPS request carrying a first domain name and path information in the first URL request to a target server, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, based on a Domain Name System (DNS) server in an enterprise intranet, determining an IP address corresponding to the second domain name, accessing the IP address to obtain target network data corresponding to the path information, and feeding the target network data back to the client; and finally, receiving target network data fed back by the target server. The embodiment of the invention can realize the purpose of preventing HTTP hijacking and domain name resolution hijacking so as to access effective network data.

Description

Network data access method and device and electronic equipment
Technical Field
The present invention relates to the field of internet, and in particular, to a method and an apparatus for accessing network data, and an electronic device.
Background
With the popularization of the internet, users can conveniently use clients to access various network data. For example, a search-class client may be used to search for related content of a keyword, or a video-playing-class client may be used to view a network video, etc. The client comprises a desktop version client and a webpage version client. The process of using the client for network data access may be: a user submits a URL (Uniform Resource Locator) request for accessing network data in a client by using an HTTP (hypertext transfer Protocol), a local DNS (Domain Name System) parser in the client converts a Domain Name in the URL request into an IP (Internet Protocol) address that can be identified by a network and returns the IP address to the client, and the client accesses the IP address after receiving the IP address to obtain corresponding data.
However, since the HTTP protocol is a plaintext protocol, it may be hijacked, that is, the content of the HTTP message is illegally restored, or the content of the website requested by the user through the HTTP is tampered, etc., which may result in that the client cannot access the network data, and even cause leakage of sensitive information of the user or property loss; moreover, the local DNS resolver of the client is provided by the operator and is easily hijacked, and the DNS resolver may return the hijacked IP address to the client, so that the client may also have the above problem when performing network access according to the IP address.
Therefore, how to prevent HTTP hijacking and domain name resolution hijacking so as to access effective network data is an urgent problem to be solved.
Disclosure of Invention
The embodiment of the invention aims to provide a method, a device and electronic equipment for preventing domain name hijacking, so as to achieve the purpose of preventing HTTP hijacking and domain name resolution hijacking and accessing effective network data. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a network data access method, which is applied to a client, where the method includes:
obtaining a first uniform resource locator, URL, request for accessing target network data; the first URL request carries a first domain name and path information;
determining a target agent Internet Protocol (IP) address; the target proxy IP address is an IP address of a target server arranged on the Internet by an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name;
sending a hypertext transfer security protocol (HTTPS) request carrying a first domain name and path information in the first URL request to the target server based on the target agent IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a Domain Name System (DNS) server in an enterprise intranet, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client; the second domain name is: in the intranet, the intranet domain name of the server corresponding to the first domain name;
and receiving the target network data fed back by the target server.
Optionally, the sending, to the target server, a hypertext transfer security protocol HTTPS request carrying the first domain name and the path information in the first URL request based on the target agent IP address includes:
inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
constructing an HTTPS request corresponding to the second URL request, wherein a destination IP address of the HTTPS request is the IP address of the target agent, and the request content is a first domain name and path information of the first URL request;
sending the HTTPS request to a target server having the target agent IP address.
Optionally, the determining the target proxy IP address includes:
determining attribute information of the client;
and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
Optionally, the determining the target proxy IP address includes:
accessing a server corresponding to a preset IP address by using an HTTPS protocol;
receiving a target proxy IP address pushed by a server corresponding to the preset IP address; the server corresponding to the preset IP address determines the attribute information of the client after receiving the access of the client, determines a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses, and pushes the target proxy IP address to the client.
In a second aspect, an embodiment of the present invention provides a network data access method, which is applied to a target server, where the target server is a server that is set on the internet by an enterprise to which a client belongs, and is used for acting the client to access a server corresponding to a first domain name, and an IP address of the target server is a target agent IP address, and the method includes:
receiving an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information;
determining a second domain name corresponding to the first domain name; wherein the second domain name is: in an enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
determining an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet;
and accessing the IP address to obtain target network data corresponding to the path information, and feeding back the target network data to the client.
Optionally, the determining a second domain name corresponding to the first domain name includes:
determining a second domain name corresponding to the first domain name based on a preset domain name corresponding relation; the domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet.
In a third aspect, an embodiment of the present invention provides a network data access apparatus, which is applied to a client, where the apparatus includes:
an obtaining module for obtaining a first uniform resource locator, URL, request for accessing target network data; the first URL request carries a first domain name and path information;
the determining module is used for determining a target proxy Internet Protocol (IP) address; the target proxy IP address is an IP address of a target server arranged on the Internet by an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name;
a sending module, configured to send a hypertext transfer security protocol HTTPS request carrying a first domain name and path information in the first URL request to the target server based on the target proxy IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a domain name system DNS server in an intranet, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client; the second domain name is: in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
and the receiving module is used for receiving the target network data fed back by the target server.
Optionally, the sending module is specifically configured to:
inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
constructing an HTTPS request corresponding to the second URL request, wherein a destination IP address of the HTTPS request is the IP address of the target agent, and the request content is a first domain name and path information of the first URL request;
and sending the HTTPS request to a target server with the IP address of the target agent.
Optionally, the determining module is specifically configured to:
determining attribute information of the client;
and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
Optionally, the determining module is specifically configured to:
accessing a server corresponding to a preset IP address by using an HTTPS protocol;
receiving a target proxy IP address pushed by a server corresponding to the preset IP address; the server corresponding to the preset IP address determines the attribute information of the client after receiving the access of the client, determines a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses, and pushes the target proxy IP address to the client.
In a fourth aspect, an embodiment of the present invention provides a network data access apparatus, which is applied to a target server, where the target server is a server that is set on the internet by an enterprise to which a client belongs, and is used for acting the client to access a server corresponding to a first domain name, and an IP address of the target server is a target agent IP address, and the apparatus includes:
the receiving module is used for receiving the HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information;
the first determining module is used for determining a second domain name corresponding to the first domain name; wherein the second domain name is: in an enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
a second determining module, configured to determine, based on a DNS server in the intranet, an IP address corresponding to the second domain name;
and the feedback module is used for accessing the IP address, obtaining target network data corresponding to the path information and feeding back the target network data to the client.
Optionally, the first determining module is specifically configured to:
determining a second domain name corresponding to the first domain name based on a preset domain name corresponding relation; the domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet.
In a fifth aspect, an embodiment of the present invention provides an electronic device, where the electronic device is a device installed with a client, and the electronic device includes a processor and a memory, where,
the memory is used for storing a computer program;
the processor is configured to implement the steps of the network data access method provided from the perspective of the client in the first aspect when executing the program stored in the memory.
In a sixth aspect, an embodiment of the present invention provides an electronic device, where the electronic device is a target server, the target server is a server that is set on the internet by an enterprise to which a client belongs and is used for a proxy client to access a server corresponding to a first domain name, an IP address of the target server is a target proxy IP address, the electronic device includes a processor and a memory, where,
the memory is used for storing a computer program;
the processor is configured to implement the steps of the network data access method provided from the perspective of the target server in the second aspect when executing the program stored in the memory.
In the scheme provided by the embodiment of the invention, firstly, a client obtains a first URL request for accessing target network data, secondly, the client determines a target proxy IP address, secondly, the client sends an HTTPS request carrying a first domain name and path information in the first URL request to a target server based on the target proxy IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a Domain Name System (DNS) server in an enterprise intranet, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client; and finally, the client receives the target network data fed back by the target server, thereby completing network data access. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data.
Of course, it is not necessary for any product or method of practicing the invention to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
Fig. 1 is a schematic flow chart of a network data access method provided from the perspective of a client according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating a method for accessing network data provided from the perspective of a target server according to an embodiment of the present invention;
fig. 3 is a timing diagram of a network data access method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a network data access device provided from the perspective of a client according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a network data access device provided from the perspective of a target server according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of an electronic device provided from a perspective of a client according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device provided from the perspective of a target server according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.
In order to achieve the purpose of preventing domain name resolution hijacking and accessing effective network data, embodiments of the present invention provide a network data access method, apparatus, electronic device, and storage medium from the perspective of a client and a target server, respectively.
In a first aspect, from a client perspective, an embodiment of the present invention provides a network data access method.
It should be noted that an execution subject of the network data access method provided by the embodiment of the present invention may be a network data access device, and the device may be run in a client. It will be appreciated that the client may be a web page client, or a client that needs to download an installed desktop version, i.e. an APP (Application).
As shown in fig. 1, from the perspective of a client, a network data access method provided in an embodiment of the present invention may include the following steps:
s101, obtaining a first URL request for accessing target network data;
the client may obtain a first URL request determined by a user within the client for accessing target network data. The first URL request may be manually input by a user, or may be generated after the user selects target network data that needs to be accessed, for example, a URL request generated after the user clicks a certain video title, for accessing network data corresponding to the video title, or the like.
Illustratively, the first URL request may be:
http//www.liangshunet.com/pub/item.aspxt=osw7。
com and osw7, where the first URL request carries a first domain name liangshunet.com and path information/pub/item.
S102, determining a target agent IP address;
the target proxy IP address is an IP address of a target server arranged on the Internet of an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name.
In the embodiment of the invention, the enterprise to which the client belongs can set a fixed target proxy IP address on the Internet, and a target server corresponding to the target proxy IP address provides proxy service for a plurality of clients.
The enterprise to which the client belongs can also set a plurality of proxy IP addresses on the Internet, each proxy IP address corresponds to one proxy server, and a suitable proxy IP address is determined for the client as a target proxy IP address in the plurality of proxy IP addresses, so that the target server corresponding to the target proxy IP address provides a faster and more effective proxy service for the client. Based on this idea, in the embodiment of the present invention, there are two alternative ways to determine the IP address of the target agent.
Optionally, the first way of determining the target proxy internet protocol IP address may include step a1 and step a 2:
step a 1: determining attribute information of the client;
the attribute information may include one or more of region information and operator information.
The region information can be classified into regions such as provinces, cities or districts; the operator information may comprise one of operators of china mobile, china unicom or chinese telecom, etc. For example, it may be determined that the attribute information of the client is: the regional information is Shanxi province and the operator information is China Mobile.
Step a 2: and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
It can be understood that the preset regional information of the plurality of proxy IP addresses may cover all over the country, and the operator information may include a plurality of operators, so that the client may determine, from the preset plurality of proxy IP addresses, that the regional information is an agent IP address of shanxi province and the operator information is a mobile in china, as a target proxy IP address matched with the attribute information.
Certainly, if the geographical information is shanxi province and the operator information is an agent IP address of the chinese mobile, it is reasonable that the client determines that the operator information is the chinese mobile, and the geographical information is the agent IP address closest to the shanxi province as a target agent IP address matched with the attribute information.
Optionally, the second way of determining the target proxy internet protocol IP address may include step b1 and step b 2:
step b 1: accessing a server corresponding to a preset IP address by using an HTTPS protocol;
in the embodiment of the present invention, in order to facilitate integration and access of the client, a preset IP address, such as bgp anycast IP, may be set in the client. All the clients in the whole network can access the server corresponding to the preset IP address.
In the embodiment of the invention, the HTTPS protocol can be used for accessing the server corresponding to the preset IP address, and the HTTPS protocol is an encryption protocol, so that the data transmission can be ensured to be always in an encrypted state, the data transmission is not easy to be tampered, and the access safety can be ensured.
Step b 2: receiving a target proxy IP address pushed by a server corresponding to the preset IP address;
after accessing the server corresponding to the preset IP address, the client may receive the target proxy IP address pushed by the server corresponding to the preset IP address. After receiving the access of the client, the server corresponding to the preset IP address may first determine attribute information of the client, then determine a target proxy IP address matching the attribute information in the preset multiple proxy IP addresses, and push the target proxy IP address to the client.
Determining the attribute information of the client with respect to the server corresponding to the preset IP address, wherein the process of determining the target proxy IP address matching with the attribute information among the preset plurality of proxy IP addresses is similar to the steps a 1-a 2 and will not be illustrated here.
It can be understood that, compared with the first manner, the second manner is that the server corresponding to the preset IP address performs the process of determining the attribute information of the client, and in a plurality of preset proxy IP addresses, the process of determining the target proxy IP address matching with the attribute information may be reduced.
It should be noted that, in the embodiment of the present invention, S102 may be executed first, and then S101 may be executed, for example, after the client is started, S102 is executed immediately, and the determined target proxy IP address is used as a basis for subsequent network data access, so that S103 may be executed immediately after the first URL request for accessing the target network data is obtained, and the access speed of the network data may be increased.
S103, based on the target agent IP address, sending an HTTPS request carrying a first domain name and path information in the first URL request to the target server, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a DNS server in an enterprise intranet, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client;
wherein the second domain name is: and in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name.
Optionally, in this embodiment of the present invention, the sending, to the target server, a hypertext transfer security protocol HTTPS request carrying the first domain name and the path information in the first URL request based on the target agent IP address may include steps c1 to c 3:
step c 1: inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
for example, the first URL request is:
http:// a.b.c.d/userid ═ 100, wherein the protocol information is http:/; the first domain name is a.b.c.d; the path information is 100/userid.
Assuming that the IP address of the target agent is 1.2.3.4, inserting the IP address of the target agent after the protocol information of the first URL request and before the first domain name, and replacing http:// with HTTPS protocol HTTPS://, obtaining a second URL request:
https://1.2.3.4/a.b.c.d/userid=100。
step c 2: constructing an HTTPS request corresponding to the second URL request;
and the destination IP address of the HTTPS request is the IP address of the target agent, and the request content is the first domain name and the path information of the first URL request.
Step c 3: sending the HTTPS request to a target server having the target agent IP address.
It can be understood that the HTTPS request is an encrypted request, which can ensure the security of data transmission and effectively prevent HTTP hijacking.
After receiving the HTTPS request, the target server may determine a second domain name corresponding to the first domain name, determine an IP address corresponding to the second domain name based on a domain name system DNS server in an intranet, access the IP address, obtain target network data corresponding to the path information, and feed back the target network data to the client.
For clarity of layout and ease of understanding of the solution, the specific processing procedure of this step with respect to the target server is described in the following description of a network data access method provided from the perspective of the target server.
S104, receiving the target network data fed back by the target server.
In the scheme provided by the embodiment of the invention, a client firstly obtains a first URL request for accessing target network data, secondly determines a target proxy IP address, secondly sends an HTTPS request carrying a first domain name and path information in the first URL request to a target server based on the target proxy IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a DNS server in an enterprise intranet, accesses the IP address, obtains the target network data corresponding to the path information, and feeds the target network data back to the client, and finally, the client receives the target network data fed back by the target server, thereby completing network data access. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet of the enterprise is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a second aspect, from the perspective of a target server, an embodiment of the present invention provides a network data access method.
It should be noted that the execution subject of the network data access method provided by the embodiment of the present invention may be a network data access device, and the device may be run in a target server. The target server is a server which is arranged on the internet and is used for acting the client to access the server corresponding to the first domain name, and the IP address of the target server is a target agent IP address.
As shown in fig. 2, from the perspective of the target server, a network data access method provided by an embodiment of the present invention may include the following steps:
s201, receiving an HTTPS request sent by the client;
the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; the target server may parse the HTTPS request to obtain a first domain name and path information in the first URL request.
For the processing procedure of the client in this step, reference may be made to the related content of the network data access method provided from the perspective of the client, and details are not described here again.
S202, determining a second domain name corresponding to the first domain name;
wherein the second domain name is: and in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name.
In this embodiment of the present invention, the target server may determine, based on a preset domain name correspondence, a second domain name corresponding to the first domain name.
The domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet. The domain name correspondence may be a domain name correspondence table or the like.
S203, determining an IP address corresponding to the second domain name based on a DNS server in the intranet;
in this step, since the target server is a server that is set on the internet by the enterprise to which the client belongs, the target server may communicate with a DNS server in the intranet, and the target server may send the second domain name to the DNS server in the intranet, and the DNS server in the intranet resolves the second domain name to obtain an IP address corresponding to the second domain name, and returns the IP address to the target server.
The process of analyzing the second domain name by using the DNS server in the intranet to obtain the IP address corresponding to the second domain name is the prior art, and is not described herein again.
And S204, accessing the IP address to obtain target network data corresponding to the path information, and feeding back the target network data to the client.
In the scheme provided by the embodiment of the invention, the target server firstly receives an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; secondly, the target server determines a second domain name corresponding to the first domain name, then the target server determines an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet, and finally, the target server accesses the IP address to obtain target network data corresponding to the path information and feeds the target network data back to the client, so that network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
To facilitate understanding of the scheme, the following describes a process of network data access provided by an embodiment of the present invention with reference to a timing diagram given in fig. 3. The network data access process provided by the embodiment of the invention can comprise the following steps:
s301, the client side obtains a first URL request for accessing target network data;
the first URL request carries a first domain name and path information.
S302, the client determines a target proxy IP address;
s303, the client sends an HTTPS request carrying the first domain name and the path information in the first URL request to the target server based on the target agent IP address;
s304, the target server receives an HTTPS request sent by the client;
s305, the target server determines a second domain name corresponding to the first domain name;
wherein the second domain name is: and in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name.
S306, the target server sends the second domain name to a DNS server in the enterprise intranet;
s307, the DNS server in the enterprise intranet analyzes the second domain name to obtain an IP address corresponding to the second domain name;
s308, the DNS server in the enterprise intranet returns the IP address to the target server;
s309, the target server accesses the IP address to obtain target network data corresponding to the path information;
s310, the target server feeds the target network data back to the client;
s311, the client receives the target network data fed back by the target server.
In the scheme provided by the embodiment of the invention, because the HTTPS request sent by the client to the target server is an encrypted network request and the security of the intranet DNS server of an enterprise is higher than that of the local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a third aspect, with respect to a network data access method provided from the perspective of a client, an embodiment of the present invention further provides a network data access apparatus, which is applied to the client, and as shown in fig. 4, the apparatus includes:
an obtaining module 401, configured to obtain a first uniform resource locator URL request for accessing target network data; the first URL request carries a first domain name and path information;
a determining module 402 for determining a target agent internet protocol, IP, address; the target proxy IP address is an IP address of a target server arranged on the Internet by an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name;
a sending module 403, configured to send, to the target server, a hypertext transfer security protocol HTTPS request carrying a first domain name and path information in the first URL request based on the target agent IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines, based on a domain name system DNS server in an intranet, an IP address corresponding to the second domain name, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client; the second domain name is: in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
a receiving module 404, configured to receive the target network data fed back by the target server.
Optionally, in this embodiment of the present invention, the sending module 403 is specifically configured to:
inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
constructing an HTTPS request corresponding to the second URL request, wherein a destination IP address of the HTTPS request is the IP address of the target agent, and the request content is a first domain name and path information of the first URL request;
sending the HTTPS request to a target server having the target agent IP address.
Optionally, in this embodiment of the present invention, the determining module 402 is specifically configured to:
determining attribute information of the client;
and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
Optionally, in this embodiment of the present invention, the determining module 402 is specifically configured to:
accessing a server corresponding to a preset IP address by using an HTTPS protocol;
receiving a target proxy IP address pushed by a server corresponding to the preset IP address; the server corresponding to the preset IP address determines the attribute information of the client after receiving the access of the client, determines a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses, and pushes the target proxy IP address to the client.
In the scheme provided by the embodiment of the invention, a client firstly obtains a first URL request for accessing target network data, secondly determines a target proxy IP address, secondly sends an HTTPS request carrying a first domain name and path information in the first URL request to a target server based on the target proxy IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a DNS server in an enterprise intranet, accesses the IP address, obtains the target network data corresponding to the path information, and feeds the target network data back to the client, and finally, the client receives the target network data fed back by the target server, thereby completing network data access. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a fourth aspect, in relation to a network data access method provided from the perspective of a target server, an embodiment of the present invention further provides a network data access apparatus applied to the target server. The target server is a server which is arranged on the internet and is used for acting the client to access the server corresponding to the first domain name, and the IP address of the target server is a target agent IP address. As shown in fig. 5, the apparatus includes:
a receiving module 501, configured to receive an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target proxy IP address after the client side obtains a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and the path information;
a first determining module 502, configured to determine a second domain name corresponding to the first domain name; wherein the second domain name is: in an intranet of an enterprise, the intranet domain name of the server corresponding to the first domain name;
a second determining module 503, configured to determine, based on a DNS server in the intranet, an IP address corresponding to the second domain name;
and a feedback module 504, configured to access the IP address, obtain target network data corresponding to the path information, and feed back the target network data to the client.
Optionally, in this embodiment of the present invention, the first determining module 502 is specifically configured to:
determining a second domain name corresponding to the first domain name based on a preset domain name corresponding relation; the domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet.
In the scheme provided by the embodiment of the invention, the target server firstly receives an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; secondly, the target server determines a second domain name corresponding to the first domain name, then the target server determines an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet, and finally, the target server accesses the IP address to obtain target network data corresponding to the path information and feeds the target network data back to the client, so that network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a fifth aspect, in relation to a network data access method provided from the perspective of a client, an embodiment of the present invention further provides an electronic device, where the electronic device is a device installed with a client. As shown in fig. 6, the electronic device may include a processor 601 and a memory 602, wherein,
the memory 602 is used for storing computer programs;
the processor 601 is configured to implement the steps of the network data access method provided by the embodiment of the present invention from the perspective of the client when executing the program stored in the memory 602.
The Memory may include a RAM (Random Access Memory) or an NVM (Non-Volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field-Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
Through above-mentioned electronic equipment, can realize: the method comprises the steps that a client side firstly obtains a first URL request for accessing target network data, secondly determines a target proxy IP address, secondly sends an HTTPS request carrying a first domain name and path information in the first URL request to a target server based on the target proxy IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, determines an IP address corresponding to the second domain name based on a DNS server in an enterprise intranet, accesses the IP address, obtains the target network data corresponding to the path information and feeds the target network data back to the client side, and finally the client side receives the target network data fed back by the target server, and accordingly network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a sixth aspect, in relation to a network data access method provided from the perspective of a target server, an embodiment of the present invention further provides an electronic device, where the electronic device is the target server, the target server is a server that is set on the internet by an enterprise to which a client belongs, and is used for acting the client to access a server corresponding to a first domain name, and an IP address of the target server is a target proxy IP address. As shown in fig. 7, the electronic device may include a processor 701 and a memory 702, wherein,
the memory 702 is used for storing computer programs;
the processor 701 is configured to implement the steps of the network data access method provided from the perspective of the target server in the embodiment of the present invention when executing the program stored in the memory 702.
The Memory may include a RAM (Random Access Memory) or an NVM (Non-Volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field-Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
Through above-mentioned electronic equipment, can realize: the target server firstly receives an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; secondly, the target server determines a second domain name corresponding to the first domain name, then the target server determines an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet, and finally, the target server accesses the IP address to obtain target network data corresponding to the path information and feeds the target network data back to the client, so that network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In a seventh aspect, with respect to a network data access method provided from the perspective of a client, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when executed by a processor, the computer program implements the steps of the network data access method provided from the perspective of the client according to the embodiment of the present invention.
The above-mentioned computer-readable storage medium stores an application program that executes a network data access method provided by an embodiment of the present invention from the perspective of a client when executed, and thus can implement: the method comprises the steps that a client side firstly obtains a first URL request for accessing target network data, secondly, a target agent IP address is determined, then, an HTTPS request carrying a first domain name and path information in the first URL request is sent to a target server based on the target agent IP address, so that the target server determines a second domain name corresponding to the first domain name after receiving the HTTPS request, and determines an IP address corresponding to the second domain name based on a DNS server in an enterprise intranet, accesses the IP address, obtains the target network data corresponding to the path information and feeds the target network data back to the client side, and finally, the client side receives the target network data fed back by the target server, and accordingly network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
In an eighth aspect, with respect to a network data access method provided from the perspective of a target server, the embodiments of the present invention further provide a computer-readable storage medium having a computer program stored therein, where the computer program, when executed by a processor, implements the steps of the embodiments of the present invention with respect to a network data access method provided from the perspective of a target server.
The above-mentioned computer-readable storage medium stores an application program that executes an embodiment of the present invention when executed with respect to a network data access method provided from the perspective of a target server, and thus can realize: the target server firstly receives an HTTPS request sent by the client; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; secondly, the target server determines a second domain name corresponding to the first domain name, then the target server determines an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet, and finally, the target server accesses the IP address to obtain target network data corresponding to the path information and feeds the target network data back to the client, so that network data access is completed. Because the HTTPS request is an encrypted network request and the security of the intranet DNS server of the enterprise is higher than that of a local DNS resolver of the client, the scheme provided by the embodiment of the invention can effectively prevent HTTP hijacking and domain name resolution hijacking, thereby realizing the purpose of accessing effective network data. Moreover, because the delay of the intranet is far less than that of the public network, the scheme provided by the embodiment of the invention can also improve the access speed of network data.
For the embodiments of the electronic device and the computer-readable storage medium, since the contents of the related methods are substantially similar to those of the foregoing embodiments of the methods, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the embodiments of the methods.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (14)

1. A network data access method is applied to a client, and the method comprises the following steps:
obtaining a first uniform resource locator, URL, request for accessing target network data; the first URL request carries a first domain name and path information;
determining a target agent Internet Protocol (IP) address; the target proxy IP address is an IP address of a target server arranged on the Internet by an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name;
sending a hypertext transfer security protocol (HTTPS) request carrying a first domain name and path information in the first URL request to the target server based on the IP address of the target agent, so that the target server analyzes the HTTPS request after receiving the HTTPS request to obtain the first domain name and the path information in the first URL request, determining a second domain name corresponding to the first domain name, determining an IP address corresponding to the second domain name based on a Domain Name System (DNS) server in an enterprise intranet, accessing the IP address to obtain target network data corresponding to the path information, and feeding the target network data back to the client; the second domain name is: in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
and receiving the target network data fed back by the target server.
2. The method of claim 1, wherein sending a hypertext transfer security protocol (HTTPS) request carrying the first domain name and path information in the first URL request to the target server based on the target proxy IP address comprises:
inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
constructing an HTTPS request corresponding to the second URL request, wherein a destination IP address of the HTTPS request is the IP address of the target agent, and the request content is a first domain name and path information of the first URL request;
and sending the HTTPS request to a target server with the IP address of the target agent.
3. The method of claim 1, wherein determining the target proxy internet protocol, IP, address comprises:
determining attribute information of the client;
and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
4. The method of claim 1, wherein determining the target proxy internet protocol, IP, address comprises:
accessing a server corresponding to a preset IP address by using an HTTPS protocol;
receiving a target proxy IP address pushed by a server corresponding to the preset IP address; the server corresponding to the preset IP address determines the attribute information of the client after receiving the access of the client, determines a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses, and pushes the target proxy IP address to the client.
5. A network data access method is applied to a target server, wherein the target server is a server which is arranged on the Internet by an enterprise to which a client belongs and is used for acting the client to access a server corresponding to a first domain name, and the IP address of the target server is a target agent IP address, and the method comprises the following steps:
receiving an HTTPS request sent by the client, and analyzing the HTTPS request to obtain a first domain name and path information in a first URL request; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information; determining a second domain name corresponding to the first domain name; wherein the second domain name is: in an enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
determining an IP address corresponding to the second domain name based on a DNS server in the enterprise intranet;
and accessing the IP address to obtain target network data corresponding to the path information, and feeding back the target network data to the client.
6. The method of claim 5, wherein determining the second domain name corresponding to the first domain name comprises:
determining a second domain name corresponding to the first domain name based on a preset domain name corresponding relation; the domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet.
7. A network data access device, applied to a client, the device comprising:
an obtaining module for obtaining a first uniform resource locator, URL, request for accessing target network data; the first URL request carries a first domain name and path information;
the determining module is used for determining a target agent Internet Protocol (IP) address; the target proxy IP address is an IP address of a target server arranged on the Internet by an enterprise to which the client belongs, and the target server is used for acting the client to access the server corresponding to the first domain name;
a sending module, configured to send, to the target server, a hypertext transfer security protocol HTTPS request carrying a first domain name and path information in the first URL request based on the target agent IP address, so that the target server, after receiving the HTTPS request, parses the HTTPS request to obtain the first domain name and the path information in the first URL request, determines a second domain name corresponding to the first domain name, determines, based on a domain name system DNS server in an intranet, an IP address corresponding to the second domain name, accesses the IP address, obtains target network data corresponding to the path information, and feeds the target network data back to the client; the second domain name is: in the enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
and the receiving module is used for receiving the target network data fed back by the target server.
8. The apparatus of claim 7, wherein the sending module is specifically configured to:
inserting the target agent IP address into the position behind the protocol information of the first URL request and in front of the first domain name, and replacing the protocol information with an HTTPS protocol to obtain a second URL request;
constructing an HTTPS request corresponding to the second URL request, wherein a destination IP address of the HTTPS request is the IP address of the target agent, and the request content is a first domain name and path information of the first URL request;
sending the HTTPS request to a target server having the target agent IP address.
9. The apparatus of claim 7, wherein the determining module is specifically configured to:
determining attribute information of the client;
and determining a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses.
10. The apparatus of claim 7, wherein the determining module is specifically configured to:
accessing a server corresponding to a preset IP address by using an HTTPS protocol;
receiving a target proxy IP address pushed by a server corresponding to the preset IP address; the server corresponding to the preset IP address determines the attribute information of the client after receiving the access of the client, determines a target proxy IP address matched with the attribute information in a plurality of preset proxy IP addresses, and pushes the target proxy IP address to the client.
11. A network data access device is applied to a target server, wherein the target server is a server which is arranged on the Internet by an enterprise to which a client belongs and is used for acting the client to access a server corresponding to a first domain name, and the IP address of the target server is a target agent IP address, and the device comprises:
the receiving module is used for receiving the HTTPS request sent by the client and analyzing the HTTPS request to obtain a first domain name and path information in a first URL request; the HTTPS request is sent to the target server based on the target agent IP address after the client acquires a first URL request for accessing target network data, wherein the first URL request carries a first domain name and path information, and the HTTPS request carries the first domain name and path information;
the first determining module is used for determining a second domain name corresponding to the first domain name; wherein the second domain name is: in an enterprise intranet, the intranet domain name of the server corresponding to the first domain name;
a second determining module, configured to determine, based on a DNS server in the intranet, an IP address corresponding to the second domain name;
and the feedback module is used for accessing the IP address, obtaining target network data corresponding to the path information and feeding back the target network data to the client.
12. The apparatus of claim 11, wherein the first determining module is specifically configured to:
determining a second domain name corresponding to the first domain name based on a preset domain name corresponding relation; the domain name corresponding relation is used for representing a domain name in the URL request and a mapping relation of an intranet domain name of a server corresponding to the domain name in the intranet.
13. An electronic device, wherein the electronic device is a client-mounted device, and the electronic device comprises a processor and a memory, wherein,
the memory is used for storing a computer program;
the processor, when executing the program stored in the memory, implementing the method steps of any of claims 1-4.
14. An electronic device, wherein the electronic device is a target server, the target server is a server that is installed on the internet by an enterprise to which a client belongs and is used for acting on the client to access a server corresponding to a first domain name, an IP address of the target server is a target proxy IP address, the electronic device comprises a processor and a memory, wherein,
the memory is used for storing a computer program;
the processor, when executing the program stored in the memory, implementing the method steps of any of claims 5-6.
CN201811400599.2A 2018-11-22 2018-11-22 Network data access method and device and electronic equipment Active CN109787951B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811400599.2A CN109787951B (en) 2018-11-22 2018-11-22 Network data access method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811400599.2A CN109787951B (en) 2018-11-22 2018-11-22 Network data access method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN109787951A CN109787951A (en) 2019-05-21
CN109787951B true CN109787951B (en) 2022-09-02

Family

ID=66496000

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811400599.2A Active CN109787951B (en) 2018-11-22 2018-11-22 Network data access method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN109787951B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112019584B (en) * 2019-05-31 2022-05-31 阿里巴巴集团控股有限公司 Resource access control method and device and computer system
CN110276028B (en) * 2019-06-25 2021-10-08 云深互联(北京)科技有限公司 Processing method and device for internal link function requirements of business system
CN110619071B (en) * 2019-08-06 2022-08-05 微梦创科网络科技(中国)有限公司 Account access security monitoring and processing method and device
CN111314181B (en) * 2020-03-20 2022-06-24 北京无限光场科技有限公司 Network connectivity diagnosis method, device, terminal and storage medium
CN111741109B (en) * 2020-06-19 2024-06-18 深圳前海微众银行股份有限公司 Proxy-based access method, device, equipment and storage medium
CN112272158A (en) * 2020-09-16 2021-01-26 厦门网宿有限公司 Data proxy method, system and proxy server
CN112163130A (en) * 2020-10-28 2021-01-01 河北时代电子有限公司 Access processing method for social security data query
CN113377678B (en) * 2021-07-13 2023-05-16 挂号网(杭州)科技有限公司 Test environment switching method and device, electronic equipment and storage medium
CN114945045B (en) * 2022-05-18 2023-09-26 深圳渊联技术有限公司 Network service response method, device, network equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107483609A (en) * 2017-08-31 2017-12-15 深圳市迅雷网文化有限公司 A kind of Network Access Method, relevant device and system
CN107613036A (en) * 2017-09-04 2018-01-19 北京新流万联网络技术有限公司 Realize the method and system of HTTPS Transparent Proxies
CN108156210A (en) * 2016-12-06 2018-06-12 腾讯科技(深圳)有限公司 The acquisition methods and device of target resource
US20180205734A1 (en) * 2017-01-18 2018-07-19 Cisco Technology, Inc. Security policy for https

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101277306B (en) * 2008-05-14 2013-04-24 成都市华为赛门铁克科技有限公司 Method, system and equipment for processing DNS service
CN103428179B (en) * 2012-05-18 2016-09-28 阿里巴巴集团控股有限公司 A kind of log in the method for many domain names website, system and device
CN103685597B (en) * 2013-12-02 2017-01-11 北京星网锐捷网络技术有限公司 Internal network address recording method and internal network address recording device
CN105554179B (en) * 2016-01-08 2018-11-30 中国联合网络通信集团有限公司 Dns resolution method, system in local area network
CN108270882B (en) * 2018-01-24 2022-03-11 腾讯科技(深圳)有限公司 Domain name resolution method and device, storage medium and electronic device
CN108462760B (en) * 2018-03-21 2020-01-10 平安科技(深圳)有限公司 Electronic device, automatic cluster access domain name generation method and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108156210A (en) * 2016-12-06 2018-06-12 腾讯科技(深圳)有限公司 The acquisition methods and device of target resource
US20180205734A1 (en) * 2017-01-18 2018-07-19 Cisco Technology, Inc. Security policy for https
CN107483609A (en) * 2017-08-31 2017-12-15 深圳市迅雷网文化有限公司 A kind of Network Access Method, relevant device and system
CN107613036A (en) * 2017-09-04 2018-01-19 北京新流万联网络技术有限公司 Realize the method and system of HTTPS Transparent Proxies

Also Published As

Publication number Publication date
CN109787951A (en) 2019-05-21

Similar Documents

Publication Publication Date Title
CN109787951B (en) Network data access method and device and electronic equipment
CN109802936B (en) Network data access method and device and electronic equipment
CN109787952B (en) Network data access method and device and electronic equipment
US10667101B2 (en) Contextual deep linking of applications
US10511567B2 (en) Network resource identification
US8862777B2 (en) Systems, apparatus, and methods for mobile device detection
US8060616B1 (en) Managing CDN registration by a storage provider
US7984186B2 (en) Method, system, and apparatus for discovering user agent DNS settings
CN110324434B (en) Domain name resolution method, client, server and electronic equipment
CN102884764A (en) Message receiving method, deep packet inspection device, and system
US11064052B2 (en) Page insertion method and device
CN103024098B (en) A kind of domain name analytic method, system and device
CN110933193B (en) Domain name resolution method and device, electronic equipment and computer readable storage medium
JP4859775B2 (en) Content distribution apparatus, content distribution control method, and content distribution control program
US10462246B2 (en) Unified content posting
CN112714092B (en) Registration login method, device and computer readable storage medium
US10880396B2 (en) Pre-fetching random-value resource locators
CN112073548B (en) Method and apparatus for solving skylight problems
US8745169B2 (en) Intelligent system of unified content posting
CN105959261A (en) Service monitoring method and device executed in proxy server and proxy server
CN111327713A (en) DNS (Domain name Server) analysis method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant