Check patentability & draft patents in minutes with Patsnap Eureka AI!

Method and device for detecting static resource files

A technology of static resources and resource files, which is applied in the field of network security and can solve problems such as inaccurate judgment results.

Active Publication Date: 2020-12-08
新浪技术(中国)有限公司
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present invention provides a static resource file detection method and device to solve the problem in the prior art that the static resource file has been tampered with by checking the integrity of the static resource file, and the result of the judgment is generally inaccurate.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting static resource files
  • Method and device for detecting static resource files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] In order to solve the problem of inaccurate judgment results in the conventional method of judging whether a static resource file has been tampered with by checking the integrity of the static resource file, Embodiment 1 of the present invention provides a static resource file detection method.

[0036] When SRI technology is used to check the integrity of static resource files, there are several possible reasons why the check result is incomplete: the static resource file is hijacked, the network environment is poor, the static resource file itself is incomplete, the browser page Including other security verification rules, etc., as long as the verification result is incomplete, it is directly determined that the static resource file has been tampered with, so the result of the judgment is not accurate. Therefore, it is possible to judge whether the first static resource file has been hijacked according to the comparison between the re-downloaded first static resource f...

Embodiment 2

[0112] In order to solve the problem of inaccurate judgment results in the conventional method of judging whether a static resource file has been tampered with by checking the integrity of the static resource file, Embodiment 2 of the present invention provides a static resource file detection device 20 .

[0113] Please refer to the attached figure 2 , figure 2 It is a schematic structural diagram of an apparatus for detecting static resource files provided by Embodiment 2 of the present invention.

[0114] The device specifically includes the following units: a first static resource downloading unit 21 , a second static resource downloading unit 22 , and a static resource hijacking judging unit 23 .

[0115] The following describes the functions of each unit in detail:

[0116] A first static resource downloading unit, configured to re-download the first static resource file through a network address when the first static resource file fails the integrity check;

[011...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and a device for detecting a static resource file, and the method comprises the steps: when a first static resource file does not pass integrity verification, redownloading the first static resource file through a network address; adding a timestamp parameter to the network address, and downloading a second static resource file through the networkaddress with the timestamp parameter added; And judging whether the first static resource file is hijacked or not according to the comparison between the first static resource file and the second static resource file which are downloaded again. The problem that in the prior art, whether the static resource file is tampered or not is judged through static resource file integrity checking, and thejudgment result is usually inaccurate is solved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for detecting static resource files. Background technique [0002] Nowadays, in order to improve the access speed of websites, CDN (Content Delivery Network, Content Delivery Network) is usually used to cache static resource files, but at the same time, this method also implies a network security risk. If the attacker hijacks the static resource file in the CDN and can tamper with the static resource file, the client may obtain the tampered static resource file during the webpage loading process, thereby bringing information security to the user risk. [0003] At present, the method to prevent static resource files with security risks from harming users is to use the SRI (Subresource Integrity) technology provided by the WEB browser to verify the integrity of the static resource files. If the static resource file is complete, it is determined that t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/64
Inventor 蓝晓斌付强
Owner 新浪技术(中国)有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com