A network information processing method, firewall device, and system

Abstract

The embodiment of the invention provides a network information processing method and a firewall device and system. The method includes the steps that when a page needing to be protected is loaded by a client browser, a client browser script starts a protection script in the page; the protection script captures page information of the page; the captured page information is compared with preset protection rules through the protection script, and if the captured page information accords with the protection rules, corresponding processing is executed. The page information comprises a static module and a dynamic module. The capture of the page information by the protection script involves capture of the static module by installing an inline event and / or capture of the dynamic module by rewriting a native application programming interface (API). Injection scripts can be observed by flexibly using the client browser script and are intercepted or pre-warned, safety staff can conveniently find the problem as soon as possible, and harm to a user is reduced.

Description

Technical field [0001] The present invention relates to the field of network communication technology, in particular to a network information processing method, firewall device and system. Background technique [0002] Cross Site Scripting (CSS is also called XSS, cross-site scripting attack), refers to the attacker inserting malicious script code into the Web (WorldWide Web, World Wide Web) page, when the user enables the browser to visit the page, the malicious script code will be Execute and attack users. In order to prevent cross-site scripting attacks on the pages accessed by the user's browser, Content Security Policy (CSP) appears. CSP is mainly used to define which resources can be loaded on the page. CSP aims to reduce a kind of content injection, such as XSS cross-site scripting. CSP is a public security policy statement defined by the developer. Simply put, the rules governed by CSP can specify trusted source content, such as scripts, pictures, iframes (inline frame el...

AI Technical Summary

Problems solved by technology

[0018] Although the Web Application Firewall is so powerful, it still has some disadvantages

First, the matching rules are difficult to determine. If there are too few, there will be false positives, and if there are too many, it will affect the performance of the server. Second, the deployment is troublesome. Once the rules are modified, the server needs to be restarted, which is not convenient for maintenance. In terms of XSS protection, only It can protect against reflective XSS, but it can't do anything about stored XSS

And because the web application firewall is based on character features, the protection accuracy is not high

[0019] It can be seen from the above that the existing technology is not satisfactory in terms of protection against XSS, so how to set up new protection devices and protection methods has become a problem that technicians need to consider

Images