Malicious attack prevention method and browser

A malicious attack, browser technology, applied in the Internet field, can solve problems such as stealing operation rights and website harm

Active Publication Date: 2016-07-06
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, XSS can steal the user's cookie, so as to use the cookie to steal the user's operation authority to the website
If a webmaster user's cookie is stolen, it will cause great harm to the website

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious attack prevention method and browser
  • Malicious attack prevention method and browser
  • Malicious attack prevention method and browser

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] A cookie is a user's identity verification mark for a specific website. The server can use the arbitrariness of the information contained in Cookies to filter and maintain this information frequently to judge the status in HTTP transmission. The most typical application of cookies is to determine whether a registered user has logged in to the website, and the user may be prompted whether to retain user information when entering the website next time to simplify the login procedure. These are the functions of cookies. Another important application is processing such as "shopping carts". Users may choose different products on different pages of the same website within a period of time, and this information will be written into Cookies so that the information can be extracted at the time of final payment.

[0039] Cookies can keep the login information until the user's next session with the server. In other words, the next time the user visits the same website, the user w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious attack prevention method and a browser, and relates to the technical field of Internet. The browser comprises malicious attack prevention equipment, wherein the malicious attack prevention equipment comprises an acquisition unit, a checking unit, an adding unit and a storage unit; the acquisition unit is suitable for acquiring Cookie generated by a server when a user logs into a website and sending the Cookie to the checking unit; the checking unit is used for checking whether an attribute for preventing a malicious attack is selected in the Cookie, and if the attribute for preventing the malicious attack is not selected in the Cookie, sending the Cookie to the adding unit; the adding unit is used for adding the attribute for preventing the malicious attack into the Cookie and sending the Cookie to the storage unit; and the storage unit is used for storing the received Cookie. By the technical scheme, the malicious attack launched by using the Cookie can be prevented on the browser side; and therefore, the problem that the user security is threatened because information in the user Cookie is probably stolen or modified when the server of the website accessed by the user is low in security relative to cross-site scripting is solved.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a malicious attack prevention method and a browser. Background technique [0002] Cross-site scripting (Cross-sitescripting, often abbreviated as XSS) occurs on the client side and can be used to steal privacy, phishing, steal passwords, and spread malicious codes. Malicious attackers put codes that are harmful to the client on the server as a webpage content, so that when other website users watch this webpage, these codes are injected into the user's browser for execution, and the user is attacked. Generally speaking, with cross-site scripting attacks, attackers can steal session cookies to steal the privacy of website users, including passwords. [0003] Cookie refers to the data stored on the user's local terminal by some websites in order to identify the user's identity and conduct session tracking, and is usually encrypted. The cookie is generated by the server and s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 党壮任寰
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap