CN112187801A - Website access method, device and system - Google Patents
Website access method, device and system Download PDFInfo
- Publication number
- CN112187801A CN112187801A CN202011048415.8A CN202011048415A CN112187801A CN 112187801 A CN112187801 A CN 112187801A CN 202011048415 A CN202011048415 A CN 202011048415A CN 112187801 A CN112187801 A CN 112187801A
- Authority
- CN
- China
- Prior art keywords
- protocol
- access
- hypertext transfer
- request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000012546 transfer Methods 0.000 claims abstract description 105
- 230000004044 response Effects 0.000 claims description 67
- 238000006243 chemical reaction Methods 0.000 claims description 8
- 238000000605 extraction Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 8
- 238000012545 processing Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/08—Protocols for interworking; Protocol conversion
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/566—Grouping or aggregating service requests, e.g. for unified processing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The disclosure relates to a website access method, a device, a system, an electronic device and a computer readable medium, which can be applied to an intermediate server, the method comprising: acquiring an access request from a client to a target website server; extracting an access protocol based on a request message in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; and forwarding the access request of the hypertext transfer protocol to the target website server to realize the access of the client to the target website server. The website access method, the device, the system, the electronic equipment and the computer readable medium can upgrade the website which does not support the hypertext transfer security protocol to the website service which supports the hypertext transfer security protocol in a simple and easy way, thereby facilitating the website access of users and protecting the data security of the website server.
Description
Technical Field
The present disclosure relates to the field of computer information processing, and in particular, to a method, an apparatus, a system, an electronic device, and a computer-readable medium for accessing a website.
Background
The development history of the internet is very rapid, the application of the website based on HTTP/2 (hyper text transfer security protocol) is very popular, but most government or school organizations still stay with websites that support only HTTP/1.1 (hypertext transfer protocol), the current society has paid great attention to the network security problem, the HTTP/1.1 protocol website still using plaintext transmission will bring serious network security problem, therefore, to avoid the plaintext transmission of the message, the web service should be switched from the HTTP/1.1 protocol to the HTTP/2 protocol, but it is too cumbersome to modify directly on the server, where web site upgrade techniques are in force, and when the user uses the application, HTTP/1.1 services can be upgraded to HTTP/2 services, using encryption techniques to provide strong protection against active attacks.
The existing website upgrading method mainly comprises the following steps: 1. upgrade the web server system, even change servers to support HTTP/2; 2. upgrading the website service from HTTP to HTTPS; 3. the use of a proxy to access the server address with a proxy address is still the HTTP/1.1 protocol. Among the three upgrading modes, the 1 st mode wastes manpower and material resources too much, the 2 nd and 3 rd modes are still the HTTP/1.1 protocol after upgrading, and the three upgrading modes have the following defects: the HTTP/1.1 protocol is directly transmitted in clear text, which is not beneficial to network security. Secondly, the step of: multiplexing is not supported, resulting in a slow access speed. ③: the server is not supported to push directly, and the server can push some files to the local of the client to cache directly, so that the server requests are reduced. Fourthly, the compression of the headers is not supported, the headers of the HTTP/1 have a large amount of information and need to be sent repeatedly every time, the size of the headers needing to be transmitted is reduced by using the encoder for the HTTP/2, and two communication parties respectively cache a header fields table, so that the transmission of the repeated headers is avoided, and the size needing to be transmitted is reduced.
The above information disclosed in this background section is only for enhancement of understanding of the background of the disclosure and therefore it may contain information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
In view of this, the present disclosure provides a website access method, device, system, electronic device and computer readable medium, which can upgrade a website that does not support the http security protocol to a website service that supports the http security protocol in a simple and easy manner, thereby facilitating website access for a user and protecting data security of a website server.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to an aspect of the present disclosure, a website access method is provided, which is applicable to an intermediate server, and the method includes: acquiring an access request from a client to a target website server; extracting an access protocol based on a request message in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; and forwarding the access request of the hypertext transfer protocol to the target website server to realize the access of the client to the target website server.
In an exemplary embodiment of the present disclosure, further comprising: and when the access protocol is a hypertext transfer protocol, forwarding the request message to the target website server to realize the access of the client to the target website server.
In an exemplary embodiment of the disclosure, converting the access protocol of the request packet into a hypertext transfer protocol includes: acquiring message information of the request message, wherein the message information comprises a destination internet interconnection protocol address and a destination port number; and converting the access protocol of the request message into a hypertext transfer protocol based on the message information.
In an exemplary embodiment of the present disclosure, further comprising: acquiring a response message of the target website server to the access request; acquiring an access protocol of the response message; when the access protocol is a hypertext transfer protocol, converting the access protocol of the response message into a hypertext transfer security protocol; and forwarding the response message of the hypertext transfer security protocol to the client.
In an exemplary embodiment of the disclosure, converting the access protocol of the response packet into a hypertext transfer security protocol includes: acquiring message information of the response message, wherein the message information comprises a source internet interconnection protocol address and a source port number; and converting the access protocol of the response message into a hypertext transfer security protocol based on the message information.
In an exemplary embodiment of the present disclosure, further comprising: the intermediate server is connected in series between the client and the target website server.
In an exemplary embodiment of the present disclosure, further comprising: configuring a proxy function of a hypertext transfer security protocol on the intermediate service; and configuring a proxy certificate of a hypertext transfer security protocol on the intermediate service.
According to an aspect of the present disclosure, a website access apparatus is provided, which is applicable to an intermediate server, and includes: the access request module is used for acquiring an access request from a client to a target website server; the access extraction module is used for extracting an access protocol based on the request message in the access request; the access conversion module is used for converting the access protocol of the request message into a hypertext transfer protocol when the access protocol is a hypertext transfer security protocol; and the access forwarding module is used for forwarding the access request of the hypertext transfer protocol to the target website server so as to realize the access of the client to the target website server.
In an exemplary embodiment of the present disclosure, further comprising: the response message module is used for acquiring a response message of the target website server to the access request; the response protocol module is used for acquiring the access protocol of the response message; the response conversion module is used for converting the access protocol of the response message into a hypertext transfer security protocol when the access protocol is the hypertext transfer protocol; and the response forwarding module is used for forwarding the response message of the hypertext transfer security protocol to the client.
According to an aspect of the present disclosure, a website access system is provided, the system including: the client is used for sending an access request intermediate server to a target website server and extracting an access protocol based on a request message in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; forwarding an access request based on the hypertext transfer protocol to the target website server; and the target website server is used for receiving the access request.
In an exemplary embodiment of the present disclosure, further comprising: the target website server is also used for generating a response message based on the access request; the intermediate server is also used for acquiring an access protocol of the response message; when the access protocol is a hypertext transfer protocol, converting the access protocol of the response message into a hypertext transfer security protocol; forwarding the response message of the hypertext transfer security protocol to the client; the client is also used for receiving the response message.
According to an aspect of the present disclosure, an electronic device is provided, the electronic device including: one or more processors; storage means for storing one or more programs; when executed by one or more processors, cause the one or more processors to implement a method as above.
According to an aspect of the disclosure, a computer-readable medium is proposed, on which a computer program is stored, which program, when being executed by a processor, carries out the method as above.
According to the website access method, device, system, electronic equipment and computer readable medium disclosed by the invention, an access protocol is extracted based on a request message in a client access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; the access request of the hypertext transfer protocol is forwarded to the target website server so as to realize the mode that the client accesses the target website server, and the website which does not support the hypertext transfer security protocol can be upgraded to the website service which supports the hypertext transfer security protocol in a simple and easy mode, so that the user can conveniently access the website and protect the data security of the website server.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings. The drawings described below are merely some embodiments of the present disclosure, and other drawings may be derived from those drawings by those of ordinary skill in the art without inventive effort.
Fig. 1 is a schematic diagram illustrating an application scenario of a website access system according to an exemplary embodiment.
FIG. 2 is a flow chart illustrating a method of website access in accordance with an exemplary embodiment.
Fig. 3 is a flowchart illustrating a website access method according to another exemplary embodiment.
Fig. 4 is a block diagram illustrating a website access apparatus according to an example embodiment.
Fig. 5 is a block diagram illustrating a website access apparatus according to another exemplary embodiment.
Fig. 6 is a block diagram illustrating a website access system in accordance with another exemplary embodiment.
FIG. 7 is a block diagram illustrating an electronic device in accordance with an example embodiment.
FIG. 8 is a block diagram illustrating a computer-readable medium in accordance with an example embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another. Thus, a first component discussed below may be termed a second component without departing from the teachings of the disclosed concept. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
It is to be understood by those skilled in the art that the drawings are merely schematic representations of exemplary embodiments, and that the blocks or processes shown in the drawings are not necessarily required to practice the present disclosure and are, therefore, not intended to limit the scope of the present disclosure.
The terms to which this disclosure relates are to be construed as follows:
HTTP/2, the Hypertext transfer Security protocol, also known as Hypertext transfer protocol 2.0, is the next generation HTTP protocol. Developed by the working group Hypertext Transfer Protocol Bis (httpbis) of the Internet Engineering Task Force (IETF). Is the first update since 1999 post http1.1 release. HTTP 2.0 performs the first collaboration community test in 2013, month 8. HTTP 2.0 will only be used for HTTP:// web site on the open Internet, while HTTP:// web site will continue to use HTTP/1, with the goal of adding encryption technology to the open Internet to provide strong protection against active attacks. DANE RFC6698 allows domain name administrators to not issue certificates themselves via third party CAs.
HTTP/1.1 Hypertext transfer protocol, which is a transport protocol used to transport hypertext over the Internet. The HTTP application protocol runs on a TCP/IP protocol cluster, and can enable the browser to be more efficient and reduce network transmission. Any server, in addition to including HTML files, also has an HTTP resident program for responding to user requests. Your browser is an HTTP client sending a request to the server, which when a start file is entered in the browser or a hyperlink is clicked, sends an HTTP request to the server, which is addressed to the IP address specified by the URL. The resident program receives the request and returns the requested file after performing the necessary operations.
Fig. 1 is a schematic diagram illustrating an application scenario of a website access system according to an exemplary embodiment.
As shown in fig. 1, the website access system 10 may include terminal devices 101, 102, 103, a website server 104, and an intermediate server 105, and further include a network device to provide a medium for communication links between the terminal devices 101, 102, 103, the website server 104, and the intermediate server 105. The network devices may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may use the terminal devices 101, 102, 103 to interact with the web server 104 through the intermediate server 105 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various communication client applications installed thereon, such as a shopping application, a web browser application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The intermediate server 105 may be a server that provides various services, for example, a server that supports a shopping website browsed by a user using the terminal apparatuses 101, 102, 103. The intermediate server 105 may process the user's access request and forward it to the web server 104 for processing.
The intermediate server 105 may, for example, obtain an access request from a client to a target web server; the server 105 may extract an access protocol, for example, based on a request message in the access request; the server 105 may convert the access protocol of the request message into a hypertext transfer protocol, for example, when the access protocol is a hypertext transfer security protocol; server 105 may, for example, forward the hypertext transfer protocol access request to the target web server to enable the client to access the target web server.
The intermediate server 105 may also, for example, obtain a response message from the target website server to the access request; the intermediate server 105 may also, for example, obtain an access protocol for the response packet; the intermediate server 105 may also convert the access protocol of the response packet into a hypertext transfer security protocol, for example, when the access protocol is a hypertext transfer protocol; the intermediate server 105 may also forward the hypertext transfer security protocol response packet to the client, for example.
The intermediate server 105 may be a single entity server, or may be composed of a plurality of servers, for example, it should be noted that the website access method provided by the embodiment of the present disclosure may be executed by the intermediary server 105, and accordingly, the website access apparatus may be disposed in the intermediary server 105. The web page end for browsing the goods and the request end for inquiring the merchant provided for the user are generally located in the terminal devices 101, 102, 103.
FIG. 2 is a flow chart illustrating a method of website access in accordance with an exemplary embodiment. The website access method 20 includes at least steps S202 to S210.
As shown in fig. 2, in S202, an access request to a target web server from a client is acquired.
The intermediate server is connected in series between the client and the target website server. Before the intermediate server works, the method further comprises the following steps: configuring a proxy function of a hypertext transfer security protocol on the intermediate server; and configuring a proxy certificate of a hypertext transfer security protocol on the intermediate server. After configuring ip and port, the intermediate server can provide network service supporting HTTP/2 protocol to the outside and provide network service supporting HTTP/1 protocol to the inside.
More specifically, the intermediate server should be placed between the client and the server, i.e., deployed in front of the server, and the traffic to the server first passes through the intermediate server, the HTTP/2 proxy function is configured on the intermediate server, the relevant certificate is configured, and the system automatically provides the network service supporting the HTTP/2 protocol and the HTTP/1 protocol to the outside (client), and the network service still supporting the HTTP/1 protocol to the inside (server). The access network mode uses transparent concatenation, does not change the original networking environment, and has low demand for networking.
In S204, an access protocol is extracted based on the request packet in the access request.
In S206, when the access protocol is a hypertext transfer security protocol, the access protocol of the request packet is converted into a hypertext transfer protocol. The method comprises the following steps: acquiring message information of the request message, wherein the message information comprises a destination internet interconnection protocol address and a destination port number; and converting the access protocol of the request message into a hypertext transfer protocol based on the message information.
The client accesses the server by using the HTTP/2 or HTTP/1 protocol, judges whether the request message is the HTTP/1 protocol when the request message comes to the intermediate server, if the request message is the HTTP/2 protocol, the request message of the HTTP/2 protocol is degraded into the message of the HTTP/1 protocol on the system, and the request message which is changed into the HTTP/1 protocol is sent to the server after degradation.
In S208, the access request of the hypertext transfer protocol is forwarded to the target website server to enable the client to access the target website server.
In S210, when the access protocol is a hypertext transfer protocol, the request packet is forwarded to the target website server to implement the access of the client to the target website server. The client accesses the server by using an HTTP/2 or HTTP/1 protocol, judges whether the request message is the HTTP/1 protocol when the request message comes to the system, and directly forwards the request message to the server if the request message is the HTTP/1 protocol.
According to the website access method disclosed by the invention, an access protocol is extracted based on a request message in an access request of a client; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; the access request of the hypertext transfer protocol is forwarded to the target website server so as to realize the mode that the client accesses the target website server, and the website which does not support the hypertext transfer security protocol can be upgraded to the website service which supports the hypertext transfer security protocol in a simple and easy mode, so that the user can conveniently access the website and protect the data security of the website server.
It should be clearly understood that this disclosure describes how to make and use particular examples, but the principles of this disclosure are not limited to any details of these examples. Rather, these principles can be applied to many other embodiments based on the teachings of the present disclosure.
Fig. 3 is a flowchart illustrating a website access method according to another exemplary embodiment. The process 30 shown in fig. 3 is a supplementary description of the process shown in fig. 2.
As shown in fig. 3, in S302, a response message from the target website server to the access request is obtained.
In S304, an access protocol of the response packet is acquired.
In S306, when the access protocol is a hypertext transfer protocol, the access protocol of the response packet is converted into a hypertext transfer security protocol. The method comprises the following steps: acquiring message information of the response message, wherein the message information comprises a source internet interconnection protocol address and a source port number; and converting the access protocol of the response message into a hypertext transfer security protocol based on the message information.
The server replies a response message according to the request message sent by the client, when the response message passes through the intermediate server, if the response message is judged to be the HTTP/1 protocol, the response message of the HTTP/1 protocol is upgraded from the HTTP/1 protocol to the HTTP/2 protocol on the intermediate server, and the upgraded response message is forwarded to the client.
In S308, the response packet of the hypertext transfer security protocol is forwarded to the client.
Through the above steps, a server that does not support the HTTP/2 protocol can be made to support the HTTP/2 protocol. And for the server side, the change is not generated, the workload of server management personnel is reduced, and the additional configuration of the website server is not needed. For the client. The request can be initiated by using an HTTP/1 protocol or an HTTP/2 protocol, which brings convenience to the client. Moreover, the intermediate server is connected to the network in a transparent and serial mode, so that the speed of the client for accessing the server is not influenced.
Those skilled in the art will appreciate that all or part of the steps implementing the above embodiments are implemented as computer programs executed by a CPU. When executed by the CPU, performs the functions defined by the above-described methods provided by the present disclosure. The program may be stored in a computer readable storage medium, which may be a read-only memory, a magnetic or optical disk, or the like.
Furthermore, it should be noted that the above-mentioned figures are only schematic illustrations of the processes involved in the methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
The following are embodiments of the disclosed apparatus that may be used to perform embodiments of the disclosed methods. For details not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method of the present disclosure.
Fig. 4 is a block diagram illustrating a website access apparatus according to an example embodiment. As shown in fig. 4, the website access device 40 includes: an access request module 402, an access extraction module 404, an access conversion module 406, and an access forwarding module 408.
The access request module 402 is used for acquiring an access request from a client to a target website server;
the access extraction module 404 is configured to extract an access protocol based on a request packet in the access request;
the access conversion module 406 is configured to convert the access protocol of the request packet into a hypertext transfer protocol when the access protocol is a hypertext transfer security protocol;
the access forwarding module 408 is configured to forward the access request of the hypertext transfer protocol to the target website server to enable the client to access the target website server.
Fig. 5 is a block diagram illustrating a website access apparatus according to an example embodiment. As shown in fig. 5, the website access device 50 includes: a response message module 502, a response protocol module 504, a response conversion module 506, and a response forwarding module 508.
The response message module 502 is configured to obtain a response message from the target website server to the access request;
the response protocol module 504 is configured to obtain an access protocol of the response packet;
the response conversion module 506 is configured to convert the access protocol of the response packet into a hypertext transfer security protocol when the access protocol is a hypertext transfer protocol;
the response forwarding module 508 is configured to forward the response packet of the hypertext transfer security protocol to the client.
Fig. 6 is a block diagram illustrating a website access system in accordance with another exemplary embodiment. As shown in fig. 6, the website access device 60 includes: client 602, intermediate server 604, target web server 606.
The client 602 is used for sending an access request to a target website server;
the intermediate server 604 is configured to extract an access protocol based on a request packet in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; forwarding an access request based on the hypertext transfer protocol to the target website server;
the destination web server 606 is used to receive access requests.
The website access device can upgrade the website to the website service supporting the HTTP/2 protocol, and provides interaction between a user and a server by using the HTTP/2 protocol, and the HTTP/2 protocol supports encrypted message transmission and can prevent messages from being acquired by illegal users. And the interaction speed is superior to that of the HTTP/1 protocol through the HTTP/2 protocol, so that the website access speed is increased, and the Internet surfing experience of a client is stronger. With the development of network technology, the HTTP/2 protocol is inevitably developed more and more, and at the moment, the automatic upgrading function provided by the application is inevitably in great market demand.
According to the website access device disclosed by the invention, an access protocol is extracted based on a request message in an access request of a client; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; the access request of the hypertext transfer protocol is forwarded to the target website server so as to realize the mode that the client accesses the target website server, and the website which does not support the hypertext transfer security protocol can be upgraded to the website service which supports the hypertext transfer security protocol in a simple and easy mode, so that the user can conveniently access the website and protect the data security of the website server.
FIG. 7 is a block diagram illustrating an electronic device in accordance with an example embodiment.
An electronic device 700 according to this embodiment of the disclosure is described below with reference to fig. 7. The electronic device 700 shown in fig. 7 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 7, electronic device 700 is embodied in the form of a general purpose computing device. The components of the electronic device 700 may include, but are not limited to: at least one processing unit 710, at least one memory unit 720, a bus 730 that connects the various system components (including the memory unit 720 and the processing unit 710), a display unit 740, and the like.
Wherein the storage unit stores program code that can be executed by the processing unit 710 to cause the processing unit 710 to perform the steps according to various exemplary embodiments of the present disclosure described in this specification. For example, the processing unit 710 may perform the steps as shown in fig. 2 and 3.
The memory unit 720 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)7201 and/or a cache memory unit 7202, and may further include a read only memory unit (ROM) 7203.
The memory unit 720 may also include a program/utility 7204 having a set (at least one) of program modules 7205, such program modules 7205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 700 may also communicate with one or more external devices 700' (e.g., keyboard, pointing device, bluetooth device, etc.), such that a user can communicate with devices with which the electronic device 700 interacts, and/or any devices (e.g., router, modem, etc.) with which the electronic device 700 can communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 750. Also, the electronic device 700 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 760. The network adapter 760 may communicate with other modules of the electronic device 700 via the bus 730. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 700, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, as shown in fig. 8, the technical solution according to the embodiment of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, or a network device, etc.) to execute the above method according to the embodiment of the present disclosure.
The software product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The computer readable medium carries one or more programs which, when executed by a device, cause the computer readable medium to perform the functions of: acquiring an access request from a client to a target website server; extracting an access protocol based on a request message in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; and forwarding the access request of the hypertext transfer protocol to the target website server to realize the access of the client to the target website server.
Those skilled in the art will appreciate that the modules described above may be distributed in the apparatus according to the description of the embodiments, or may be modified accordingly in one or more apparatuses unique from the embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Exemplary embodiments of the present disclosure are specifically illustrated and described above. It is to be understood that the present disclosure is not limited to the precise arrangements, instrumentalities, or instrumentalities described herein; on the contrary, the disclosure is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
Claims (11)
1. A website access method, which can be applied to an intermediate server, is characterized by comprising the following steps:
acquiring an access request from a client to a target website server;
extracting an access protocol based on a request message in the access request;
when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol;
and forwarding the access request of the hypertext transfer protocol to the target website server to realize the access of the client to the target website server.
2. The method of claim 1, further comprising:
and when the access protocol is a hypertext transfer protocol, forwarding the request message to the target website server to realize the access of the client to the target website server.
3. The method of claim 1, wherein converting the access protocol of the request message to a hypertext transfer protocol comprises:
acquiring message information of the request message, wherein the message information comprises a destination internet interconnection protocol address and a destination port number;
and converting the access protocol of the request message into a hypertext transfer protocol based on the message information.
4. The method of claim 1, further comprising:
acquiring a response message of the target website server to the access request;
acquiring an access protocol of the response message;
when the access protocol is a hypertext transfer protocol, converting the access protocol of the response message into a hypertext transfer security protocol;
and forwarding the response message of the hypertext transfer security protocol to the client.
5. The method of claim 4, wherein translating the access protocol of the response message to a hypertext transfer security protocol comprises:
acquiring message information of the response message, wherein the message information comprises a source internet interconnection protocol address and a source port number;
and converting the access protocol of the response message into a hypertext transfer security protocol based on the message information.
6. The method of claim 1, further comprising:
the intermediate server is connected in series between the client and the target website server.
7. The method of claim 6, further comprising:
configuring a proxy function of a hypertext transfer security protocol on the intermediate service;
and configuring a proxy certificate of a hypertext transfer security protocol on the intermediate service.
8. A website access apparatus, comprising:
the access request module is used for acquiring an access request from a client to a target website server;
the access extraction module is used for extracting an access protocol based on the request message in the access request;
the access conversion module is used for converting the access protocol of the request message into a hypertext transfer protocol when the access protocol is a hypertext transfer security protocol;
and the access forwarding module is used for forwarding the access request of the hypertext transfer protocol to the target website server so as to realize the access of the client to the target website server.
9. The apparatus of claim 8, further comprising:
the response message module is used for acquiring a response message of the target website server to the access request;
the response protocol module is used for acquiring the access protocol of the response message;
the response conversion module is used for converting the access protocol of the response message into a hypertext transfer security protocol when the access protocol is the hypertext transfer protocol;
and the response forwarding module is used for forwarding the response message of the hypertext transfer security protocol to the client.
10. A website access system, comprising:
the client is used for sending an access request to the target website server;
the intermediate server is used for extracting an access protocol based on the request message in the access request; when the access protocol is a hypertext transfer security protocol, converting the access protocol of the request message into a hypertext transfer protocol; forwarding an access request based on the hypertext transfer protocol to the target website server;
and the target website server is used for receiving the access request.
11. The system of claim 10, further comprising:
the target website server is also used for generating a response message based on the access request;
the intermediate server is also used for acquiring an access protocol of the response message; when the access protocol is a hypertext transfer protocol, converting the access protocol of the response message into a hypertext transfer security protocol; forwarding the response message of the hypertext transfer security protocol to the client;
the client is also used for receiving the response message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011048415.8A CN112187801A (en) | 2020-09-29 | 2020-09-29 | Website access method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011048415.8A CN112187801A (en) | 2020-09-29 | 2020-09-29 | Website access method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112187801A true CN112187801A (en) | 2021-01-05 |
Family
ID=73946529
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011048415.8A Pending CN112187801A (en) | 2020-09-29 | 2020-09-29 | Website access method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112187801A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112910903A (en) * | 2021-02-05 | 2021-06-04 | 北京百度网讯科技有限公司 | SSL certificate deployment-free method, device and system |
| CN114006789A (en) * | 2021-09-22 | 2022-02-01 | 鸬鹚科技(深圳)有限公司 | Web information system access method, multi-cloud application gateway, computer device and medium |
| CN114124748A (en) * | 2021-10-15 | 2022-03-01 | 青岛海尔科技有限公司 | Hypertext transfer protocol interface debugging tool and method based on IDEA platform |
| CN115118775A (en) * | 2022-06-21 | 2022-09-27 | 杭州迪普科技股份有限公司 | Method and device for processing browser access request and electronic equipment |
| WO2023125946A1 (en) * | 2021-12-31 | 2023-07-06 | 贵州白山云科技股份有限公司 | User access request processing method and apparatus, device, medium, and product |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104767742A (en) * | 2015-03-25 | 2015-07-08 | 中兴通讯股份有限公司 | Safe communication method, gateway, network side server and system |
| US20160197886A1 (en) * | 2015-01-07 | 2016-07-07 | Anchorfree Inc. | Secure personal server system and method |
| CN108737471A (en) * | 2017-04-20 | 2018-11-02 | 苏宁云商集团股份有限公司 | A kind of Network Access Method and device |
| CN111064804A (en) * | 2019-12-30 | 2020-04-24 | 杭州迪普科技股份有限公司 | Network access method and device |
| CN111200633A (en) * | 2019-11-28 | 2020-05-26 | 云深互联(北京)科技有限公司 | Indirect access method and system for business system |
| CN111404772A (en) * | 2020-03-09 | 2020-07-10 | 杭州迪普科技股份有限公司 | Testing system and method of SS L proxy gateway |
-
2020
- 2020-09-29 CN CN202011048415.8A patent/CN112187801A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160197886A1 (en) * | 2015-01-07 | 2016-07-07 | Anchorfree Inc. | Secure personal server system and method |
| CN104767742A (en) * | 2015-03-25 | 2015-07-08 | 中兴通讯股份有限公司 | Safe communication method, gateway, network side server and system |
| CN108737471A (en) * | 2017-04-20 | 2018-11-02 | 苏宁云商集团股份有限公司 | A kind of Network Access Method and device |
| CN111200633A (en) * | 2019-11-28 | 2020-05-26 | 云深互联(北京)科技有限公司 | Indirect access method and system for business system |
| CN111064804A (en) * | 2019-12-30 | 2020-04-24 | 杭州迪普科技股份有限公司 | Network access method and device |
| CN111404772A (en) * | 2020-03-09 | 2020-07-10 | 杭州迪普科技股份有限公司 | Testing system and method of SS L proxy gateway |
Non-Patent Citations (1)
| Title |
|---|
| 廖永康: "《计算机局域网络操作***NOVELL NetWare 386与NetWare Lite》", 31 January 1997, 国防工业出版社 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112910903A (en) * | 2021-02-05 | 2021-06-04 | 北京百度网讯科技有限公司 | SSL certificate deployment-free method, device and system |
| CN114006789A (en) * | 2021-09-22 | 2022-02-01 | 鸬鹚科技(深圳)有限公司 | Web information system access method, multi-cloud application gateway, computer device and medium |
| CN114124748A (en) * | 2021-10-15 | 2022-03-01 | 青岛海尔科技有限公司 | Hypertext transfer protocol interface debugging tool and method based on IDEA platform |
| CN114124748B (en) * | 2021-10-15 | 2024-04-19 | 青岛海尔科技有限公司 | Device and method for debugging hypertext transfer protocol interface based on IDEA platform |
| WO2023125946A1 (en) * | 2021-12-31 | 2023-07-06 | 贵州白山云科技股份有限公司 | User access request processing method and apparatus, device, medium, and product |
| CN115118775A (en) * | 2022-06-21 | 2022-09-27 | 杭州迪普科技股份有限公司 | Method and device for processing browser access request and electronic equipment |
| CN115118775B (en) * | 2022-06-21 | 2023-04-25 | 杭州迪普科技股份有限公司 | Browser access request processing method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187801A (en) | Website access method, device and system | |
| US8539224B2 (en) | Obscuring form data through obfuscation | |
| US8396939B2 (en) | Content distribution management device, terminal, program, and content distribution system | |
| US8499099B1 (en) | Converting data into addresses | |
| CN102202100B (en) | Method for processing network data by micro browser, micro browser and server thereof | |
| CN101150803A (en) | Method for micro-browser to process network data, micro-browser and its server | |
| CN108989362A (en) | A kind for the treatment of method and apparatus of static resource | |
| US10447633B2 (en) | Method and system for optimizing and preventing failure of sender policy framework (SPF) lookups | |
| CN104410711A (en) | Cross-domain network resource request method and device for client | |
| CN113179323B (en) | HTTPS request processing method, device and system for load balancing equipment | |
| CN112507005B (en) | Method and device for processing message | |
| CN104426985A (en) | Method, device and system for displaying webpage | |
| CN110704200A (en) | Method and device for converting call interface | |
| US8195762B2 (en) | Locating a portion of data on a computer network | |
| CN101771928A (en) | Method and system and proxy server for Webpage transmitting | |
| WO2023092580A1 (en) | Page display method and apparatus, storage medium, and electronic device | |
| CN108880923A (en) | The method and apparatus that policer operation applied to application server is requested | |
| US20180227259A1 (en) | Method and system for optimizing and preventing failure of Sender Policy Framework (SPF) lookups by dynamically generating and returning flattened SPF records | |
| CN112347383A (en) | Sharing link generation method and device and electronic equipment | |
| CN112394907A (en) | Container-based delivery system construction method, application delivery method and delivery system | |
| CN114449523B (en) | Flow filtering method, device, equipment and medium for satellite measurement and control system | |
| CN112149392A (en) | Rich text editing method and device | |
| CN111988405B (en) | Message rewriting method of load balancing device and load balancing device | |
| CN112182603B (en) | Anti-crawler method and device | |
| WO2014186668A1 (en) | Systems and methods for processing modifiable files grouped into themed directories for presentation of web content |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210105 |