Method, system and device for detecting HTTP response header and readable storage medium

A technology of response header and response data, applied in the field of network security, can solve the problems of complex operation, slow analysis speed, low accuracy rate, etc., to avoid complex operation and improve accuracy.
CN110708278AActive Publication Date: 2020-01-17SECZONE TECH CO LTD
6 Cites 5 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Current Assignee / Owner
SECZONE TECH CO LTD
Publication Date
2020-01-17

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a method for detecting an HTTP (Hyper Text Transport Protocol) response header, which comprises the following steps: (1) intercepting a Java class file corresponding to a processing request program of a server through a Java agent, and obtaining an instrumentation entrance from the Java class file; (2) injecting the detection byte code into an instrumentation entrance; (3)returning the Java class file injected with the detection byte code to the server; (4) acquiring response data returned to the client by the server; and (5) obtaining an HTTP response header in the response data through Java reflection so as to judge whether the HTTP response header is a safe HTTP response header. The invention further discloses a system and device for detecting the HTTP responseheader and a computer readable storage medium. According to the invention, HTTP response data is obtained based on a Java byte code instrumentation technology; according to the method, the HTTP response header in the HTTP response data is acquired through Java reflection, so that the HTTP response header is detected, the accuracy of a detection result is improved, and the problems of complex operation, low detection rate, low accuracy, poor real-time performance and high cost caused by manual analysis are avoided.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of network security, in particular to a method, system, device and computer-readable storage medium for detecting an HTTP response header. Background technique

[0002] In Web communication, after the client sends the request information to the server, the server will return the corresponding HTTP (Hyper Text Transfer Protocol, hypertext transfer protocol) response to the client. The HTTP response includes a status line, several response headers and entities content. Among them, the HTTP response header includes HSTS (HTTP Strict Transport Security, HTTP Strict Transport Security) header, X-Frame-Options (X frame, option) header, X-XSS-Protection (X-XSS protection) header, X-Content- Type-Options (X-Content-Type option) header, Content-Security-Policy (content security policy) header, Referrer-Policy (reference policy) header and Content-Type (content type) header, etc.

[0003] Among them, HSTS is a secur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More