Supercharge Your Innovation With Domain-Expert AI Agents!

Webpage script code protection method and device

A script code and webpage technology, applied in the field of webpage script code protection methods and devices, can solve the problems of forged webpage requests, increased reading costs, and poor resistance to malicious code analysis, etc.

Active Publication Date: 2019-12-10
SUNING CLOUD COMPUTING CO LTD
View PDF8 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In order to improve this problem, the current common practice is to use obfuscation or encryption methods to protect webpage script codes, but neither of these two methods is very good against malicious code analysis; first, obfuscating webpage script codes is essentially streamlining code and simplifying variable naming , to remove comments and simplify statements, but the code logic has not changed, it just increases the reading cost. For example, the UglifyJS library is a commonly used web page script code obfuscation tool, and the code generated by it can still be achieved by some code beautification tools. It is similar to the readability of the source code; secondly, the encrypted webpage script code is not safe, because the decryption method or private key can only be provided through the webpage script code, there are also ways for professionals in this field to find out, such as the encryption of strings, Just call the same encryption function to encrypt any string
[0004] To sum up, ordinary obfuscation and encryption methods cannot resist professional malicious code analysis, and professional code crackers can directly obtain the business logic in the code, thereby forging web page requests

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Webpage script code protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] see figure 1 , the present embodiment provides a webpage script code protection method, comprising:

[0044] Parse the script code of the web page through the code analysis tool to obtain a tree-like code structure composed of multiple nodes; traverse the nodes to be encrypted in the tree-like code structure, and perform encryption conversion on each node to be encrypted in sequence based on the offset parameter from bottom to top , until the conversion of the topmost node to be encrypted is completed to generate encrypted bytecode; configure the virtual machine interpreter used to construct and execute the encrypted bytecode according to the offset parameter; save the virtual machine interpreter and encrypted bytecode package in the web script code file for execution calls.

[0045]The web page script code protection method provided by this embodiment is applicable to the environment of running web page script language (JavaScript), such as various mainstream browsers...

Embodiment 2

[0063] This embodiment provides a webpage script code protection device, including:

[0064] The initial obfuscation unit is used to initially obfuscate the source code of the webpage script by using a code obfuscation tool to obtain the webpage script code;

[0065] The code block labeling unit is used to select part or all of the script code to mark the protection code block based on the webpage script code, and the protection code block includes entry mark information;

[0066] The code analysis unit is used to analyze the web page script code through the code analysis tool to obtain a tree code structure composed of multiple nodes;

[0067] The encryption conversion unit is used to traverse the nodes to be encrypted in the tree code structure, and perform encryption conversion on each node to be encrypted from bottom to top based on the offset parameter, until the conversion of the topmost node to be encrypted is completed to generate encrypted bytecode ;

[0068] A virt...

Embodiment 3

[0072] This embodiment provides a computer-readable storage medium. A computer program is stored on the computer-readable storage medium. When the computer program is run by a processor, the steps of the above method for protecting web page script codes are executed.

[0073] Compared with the prior art, the beneficial effect of the computer-readable storage medium provided by this embodiment is the same as the beneficial effect of the method for protecting web page script code provided by the above technical solution, and will not be repeated here.

[0074] Those of ordinary skill in the art can understand that all or part of the steps in the above-mentioned inventive method can be completed by instructing related hardware through a program. The above-mentioned program can be stored in a computer-readable storage medium. When the program is executed, it includes: For each step of the method in the foregoing embodiments, the foregoing storage medium may be: ROM / RAM, magnetic di...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a webpage script code protection method and device, relates to the technical field of computer security, and aims to enhance the protection of webpage script codes and effectively eliminate malicious code analysis behaviors. The method comprises the following steps of: analyzing a webpage script code through a code analysis tool to obtain a tree code structure consisting ofa plurality of nodes; traversing the to-be-encrypted nodes in the tree code structure, and sequentially executing encryption conversion on the to-be-encrypted nodes from bottom to top based on the offset parameters until the to-be-encrypted node on the topmost layer is completely converted to generate an encrypted byte code; configuring a virtual machine interpreter for constructing and executingthe encrypted byte code according to the offset parameter; and packaging and storing the virtual machine interpreter and the encrypted byte code in a webpage script code file for executing calling. The device applies the method provided by the scheme.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a method and device for protecting web page script codes. Background technique [0002] The webpage script code is an interpretive language. The operation of this language does not need to be compiled into binary machine code in advance. After the browser opens the page, it directly loads the source code of the webpage script and runs it. Therefore, the source code of the webpage script is open and there is no confidentiality at all. It is very convenient to perform breakpoint debugging in the browser, which brings great harm to the key front-end business logic. In fact, the first step of a hacker attack often starts with analyzing the front-end web page script code. [0003] In order to improve this problem, the current common practice is to use obfuscation or encryption methods to protect webpage script codes, but neither of these two methods is very good against mali...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/14
CPCG06F21/14
Inventor 严杰刘佳进姚礼飞芦扬叶国华
Owner SUNING CLOUD COMPUTING CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com