Defending device and method for cross-site scripting attack

A cross-site scripting attack and malicious code technology, applied to electrical components, transmission systems, etc., can solve the problem of low efficiency of cross-site scripting attack defense methods, and achieve the effect of reducing workload and improving efficiency

Inactive Publication Date: 2017-03-15
NUBIA TECHNOLOGY CO LTD
View PDF6 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the present invention is to propose a cross-site scripting attack defense device and method, aiming to solve the technical problem of low efficiency of the existing cross-site scripting attack defense method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defending device and method for cross-site scripting attack
  • Defending device and method for cross-site scripting attack
  • Defending device and method for cross-site scripting attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0046] A mobile terminal implementing various embodiments of the present invention will now be described with reference to the accompanying drawings. In the following description, use of suffixes such as 'module', 'part' or 'unit' for denoting elements is only for facilitating description of the present invention and has no specific meaning by itself. Therefore, "module" and "component" may be mixedly used.

[0047] Mobile terminals may be implemented in various forms. For example, terminals described in the present invention may include devices such as mobile phones, smart phones, notebook computers, digital broadcast receivers, PDAs (Personal Digital Assistants), PADs (Tablet Computers), PMPs (Portable Multimedia Players), navigation devices, etc. mobile terminals and fixed terminals such as digital TVs, desktop c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a defending device for a cross-site scripting attack. The defending device comprises an intercepting module, a judging module and a submitting module, wherein the intercepting module is used for intercepting a request transmitted to an application in an application server through a cross-site scripting attack filter; the judging module is used for analyzing and processing the intercepted request, and judging whether the request includes malicious codes applied to the cross-site scripting attack; and the submitting module is used for submitting the request to an open-source project for escaping if the request includes the malicious codes applied to the cross-site scripting attack in order to submit the escaped request to the application in the application server. The invention also discloses a defending method for the cross-site scripting attack. Through adoption of the defending device and method, hard coding of Web pages can be avoided; the workload is lowered; and the efficiency in defending of the cross-site scripting attack is increased.

Description

technical field [0001] The invention relates to the field of computers, in particular to a defense device and method for cross-site scripting attacks. Background technique [0002] Cross-site scripting attack is a network attack method that exploits web page vulnerabilities. The attack terminal sends an access request containing malicious code to the application program in the application server by inputting information containing malicious code in the web page, so that the application program generates a web page containing malicious code after receiving the access request. Thereby inserting malicious code in the Web page. When the user terminal opens the web page, the malicious code in the web page is executed, and the malicious code is often used to implement network attacks such as maliciously stealing information from the user terminal, so that the attack terminal completes the network attack on the user terminal. [0003] In the prior art, the form of the Web page is...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 杨彩亮
Owner NUBIA TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap