Method, apparatus and medium for accessing native code interface in application program

By receiving and verifying API access requests from web page servers and executing native code only when permissions permit, the problem of poor security in existing technologies is solved, achieving higher security and compatibility.

CN111800426BActive Publication Date: 2026-06-23TENCENT TECHNOLOGY (SHENZHEN) CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
TENCENT TECHNOLOGY (SHENZHEN) CO LTD
Filing Date
2020-07-07
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

In existing technologies, the interaction mechanism between web page code and application native code in Android and Apple mobile operating systems does not distinguish between privileged web pages and ordinary web pages, resulting in any web page being able to access the native code interface, which poses a problem of poor interaction security.

Method used

By receiving interface access requests from the web page server, obtaining relevant information and verifying permissions, executing native code only when the relevant information contains the target interface identifier, using encryption keys for data transmission and decryption, and managing interface permissions in a hierarchical manner.

Benefits of technology

This ensures that only web page servers with authorized access can call native code interfaces, improving the security of the interaction process, reducing redundant code, and enhancing compatibility and dynamic scalability.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN111800426B_ABST
    Figure CN111800426B_ABST
Patent Text Reader

Abstract

Embodiments of the present application provide an application program native code interface access method, device, equipment and medium. The method comprises: receiving an interface access request sent by a web page server, the interface access request comprising a server identifier of the web page server and a target interface identifier of a native code interface requested to be accessed; obtaining related information of each interface corresponding to the server identifier, wherein each interface is each native code interface having access permission of the web page server corresponding to the server identifier, and the related information comprises an interface identifier, and the related information is obtained from an application program server; and if the related information of each interface contains the interface identifier of the target native code interface, executing the native code corresponding to the target interface identifier. In the embodiments of the present application, the corresponding native code is executed when the related information of each interface contains the target interface identifier, thereby improving the security of the information interaction process.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of mobile Internet technology, and more specifically, to a method, apparatus, device, and medium for accessing native code interfaces in an application. Background Technology

[0002] The development of mobile internet has led to a massive increase in hybrid application models. This development model integrates both web page and native application code. To ensure a better user experience, it is sometimes necessary for the two types of code to interact and communicate.

[0003] In existing technologies, neither Android nor Apple mobile operating systems provide interaction mechanisms between web page code and application native code (such as native code). These mechanisms do not distinguish between privileged and ordinary web pages. As a result, once the native code exposes an interface, any web page loaded by the application can access that interface, leading to poor interaction security. Summary of the Invention

[0004] The purpose of this application is to at least address one of the aforementioned technical deficiencies.

[0005] In one aspect, embodiments of this application provide a method for accessing native code interfaces in an application, the method comprising:

[0006] Receive an interface access request sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed.

[0007] Retrieve relevant information for each interface corresponding to the server identifier. Each interface refers to the native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier and is obtained from the application server.

[0008] If the relevant information of each interface contains the interface identifier of the target native code interface, then the native code corresponding to the target interface identifier will be executed.

[0009] Optionally, before receiving an interface access request sent by a web page server, the following steps are included:

[0010] Receive web page operation requests from the target object through the application's user interface;

[0011] The web page operation request is sent to the corresponding web page server, so that the web page server, based on the web page operation request, determines that it is necessary to call the native code interface and sends an interface access request to the terminal device.

[0012] Optionally, the method further includes:

[0013] Receive encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server;

[0014] Based on the server identifier, obtain the first decryption key corresponding to the web page server from the application server;

[0015] Execute the native code corresponding to the target interface identifier, including:

[0016] Decrypt the ciphertext of the interface parameters based on the first decryption key;

[0017] If decryption is successful, the native code corresponding to the target interface identifier will be executed based on the decrypted interface parameters.

[0018] The method also includes:

[0019] If decryption fails, a corresponding message will be generated.

[0020] Optionally, the method further includes:

[0021] Based on the server identifier, obtain the second encryption key corresponding to the web page server from the application server;

[0022] The execution result obtained by encrypting the native code corresponding to the target interface identifier based on the second encryption key is used to obtain the ciphertext of the execution result.

[0023] The ciphertext of the execution result is sent to the web page server, so that the web page server can decrypt the ciphertext of the execution result based on the second decryption key corresponding to the second encryption key to obtain the execution result.

[0024] Optionally, the first encryption key and the second decryption key are the private keys of the web page server, and the second encryption key and the first decryption key are the public keys of the web page server.

[0025] Optionally, obtain relevant information about each interface corresponding to the server identifier, including:

[0026] If the interface access request is the first interface access request sent by the web page server, then send an information retrieval request to the application server, which includes the server identifier; receive the relevant information of each interface corresponding to the server identifier returned by the application server, and store it in the local storage space;

[0027] If the interface access request is not the first time the web page server has sent an interface access request, then retrieve the relevant information of each interface corresponding to the server identifier from the local storage space.

[0028] Optionally, the relevant information for each interface is obtained by the application server in the following ways:

[0029] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0030] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0031] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request contains the interface identifier information of each native code interface for which authorization is requested.

[0032] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0033] On the other hand, embodiments of this application provide a method for accessing native code interfaces in an application, the method comprising:

[0034] The terminal device receives an interface-related information retrieval request. The interface-related information retrieval request includes the server identifier of the web page server. The interface-related information retrieval request is sent by the terminal device when it receives an interface access request from the web page server. The interface access request includes the server identifier and the target interface identifier of the native code interface to be accessed.

[0035] Determine the relevant information for each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier.

[0036] The relevant information of each interface is sent to the terminal device so that when the terminal device determines that the relevant information of each interface contains the target interface identifier, it executes the native code corresponding to the target interface identifier.

[0037] Optionally, an interface access request is the first interface access request sent by the web page server to the terminal device. When the terminal device receives the relevant information for each interface, it stores this information in its local storage space. When the terminal device receives a subsequent interface access request from the web page server, it retrieves the relevant information for each interface from its local storage space. 。

[0038] Optionally, the method further includes:

[0039] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0040] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0041] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request includes the interface identifier information of each native code interface for which authorization is requested.

[0042] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0043] Optionally, the interface information of each native code interface that can be applied for includes the group information of each interface group. For an interface group, the group information of the interface group includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group.

[0044] If the interface identifier information includes a group identifier, the relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier, including:

[0045] The relevant information of each interface corresponding to the group identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0046] If the interface identification information includes an interface identifier, determine the relevant information of each interface corresponding to the interface identifier, including:

[0047] The relevant information of the interface corresponding to the interface identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0048] Optionally, the method further includes:

[0049] Obtain the domain name of the web server;

[0050] Establish the association between the web server's domain name and the group identifier corresponding to the server identifier;

[0051] Determine the relevant information for each interface corresponding to the server identifier, including:

[0052] Retrieve the domain name of the web page server corresponding to the server identifier;

[0053] Based on the domain name and association of the web server, determine the target group identifier corresponding to the domain name;

[0054] Based on the grouping information of each interface group, the relevant information of each interface corresponding to the target group identifier is determined as the relevant information of each interface corresponding to the server identifier.

[0055] Optionally, determine the relevant information for each interface corresponding to the server identifier, including:

[0056] Perform security verification on the web page server corresponding to the server identifier;

[0057] Once the security verification is successful, determine the relevant information for each interface corresponding to the server identifier;

[0058] The method also includes:

[0059] If the security verification fails, a corresponding prompt message will be sent to the terminal device.

[0060] Optionally, security verification can be performed on the web page corresponding to the server identifier, including:

[0061] Get the URL (Uniform Resource Locator) of the web page server corresponding to the server identifier;

[0062] Perform security verification on the URL, and / or obtain the domain name of the web page server based on the URL and perform security verification on the domain name of the web page server.

[0063] Optionally, the domain name of the web page server can be obtained based on the URL, and security verification can be performed on the domain name of the web page server, including:

[0064] Based on the authorized domain association information of each web page server, perform security verification on the domain name of the web page server;

[0065] For a web page server, the domain association information includes the domain name of the web page server and / or the authorization validity period of each interface corresponding to the domain name.

[0066] Optionally, the method further includes:

[0067] Receive and store the decryption key sent by the web page server;

[0068] The system receives a key acquisition request from a terminal device, which includes a server identifier. The key acquisition request is sent upon receiving the encrypted interface parameters.

[0069] Determine the decryption key corresponding to the server identifier;

[0070] The decryption key is returned to the terminal device. The key includes the key corresponding to the server identifier.

[0071] In another aspect, embodiments of this application provide an access device for native code interfaces in an application, the device comprising:

[0072] The access request receiving module is used to receive interface access requests sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed.

[0073] The interface information acquisition module is used to acquire relevant information about each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier and is obtained from the application server.

[0074] The code execution module is used to execute the native code corresponding to the target native code interface if the relevant information of each interface includes the interface identifier of the target native code interface.

[0075] Optionally, the device further includes a request receiving module, specifically used for:

[0076] Before receiving the interface access request sent by the web page server, the application receives the web page operation request of the operation object through the operation interface;

[0077] The web page operation request is sent to the corresponding web page server, so that the web page server, based on the web page operation request, determines that it is necessary to call the native code interface and sends an interface access request to the terminal device.

[0078] Optionally, the device also includes a ciphertext processing module, specifically used for:

[0079] Receive encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server;

[0080] Based on the server identifier, obtain the first decryption key corresponding to the web page server from the application server;

[0081] When executing the native code corresponding to the target interface identifier, the code execution module is specifically used for:

[0082] Decrypt the ciphertext of the interface parameters based on the first decryption key;

[0083] If decryption is successful, the native code corresponding to the target interface identifier will be executed based on the decrypted interface parameters.

[0084] The device also includes an information generation module, specifically used for:

[0085] If decryption fails, a corresponding prompt message will be generated.

[0086] Optionally, the ciphertext processing module is also used to obtain a second encryption key corresponding to the web page server from the application server based on the server identifier;

[0087] The execution result obtained by encrypting the native code corresponding to the target interface identifier based on the second encryption key is used to obtain the ciphertext of the execution result.

[0088] The ciphertext of the execution result is sent to the web page server, so that the web page server can decrypt the ciphertext of the execution result based on the second decryption key corresponding to the second encryption key to obtain the execution result.

[0089] Optionally, when the interface information acquisition module obtains relevant information for each interface corresponding to the server identifier, it is specifically used for:

[0090] If the interface access request is the first interface access request sent by the web page server, then send an information retrieval request to the application server, which includes the server identifier; receive the relevant information of each interface corresponding to the server identifier returned by the application server, and store it in the local storage space;

[0091] If the interface access request is not the first time the web page server has sent an interface access request, then retrieve the relevant information of each interface corresponding to the server identifier from the local storage space.

[0092] In another aspect, embodiments of this application provide an access device for native code interfaces in an application, the device comprising:

[0093] The interface information acquisition request module is used to receive interface-related information acquisition requests sent by terminal devices. The interface-related information acquisition request includes the server identifier of the web page server. The interface-related information acquisition request is sent by the terminal device when it receives an interface access request sent by the web page server. The interface access request includes the server identifier and the target interface identifier of the native code interface to be accessed.

[0094] The interface information determination module is used to determine the relevant information of each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier.

[0095] The interface information sending module is used to send relevant information of each interface to the terminal device, so that when the terminal device determines that the relevant information of each interface contains the target interface identifier, it executes the native code corresponding to the target interface identifier.

[0096] Optionally, an interface access request is the first interface access request sent by the web page server to the terminal device. When the terminal device receives the relevant information for each interface, it stores this information in its local storage space. When the terminal device receives a subsequent interface access request from the web page server, it retrieves the relevant information for each interface from its local storage space. 。

[0097] Optionally, the interface information determination module is also used for:

[0098] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0099] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0100] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request includes the interface identifier information of each native code interface for which authorization is requested.

[0101] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0102] Optionally, the interface information of each native code interface that can be applied for includes the group information of each interface group. For an interface group, the group information of the interface group includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group.

[0103] Wherein, if the interface identification information includes a group identifier, the interface information determination module, when determining the relevant information of each interface corresponding to the interface identification information and the relevant information of each interface corresponding to the server identifier, is specifically used for:

[0104] The relevant information of each interface corresponding to the group identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0105] If the interface identification information includes an interface identifier, the interface information determination module, when determining the relevant information of each interface corresponding to the interface identifier and the relevant information of each interface corresponding to the server identifier, is specifically used for:

[0106] The relevant information of the interface corresponding to the interface identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0107] Optionally, the device also includes an association determination module, specifically used for:

[0108] Obtain the domain name of the web server;

[0109] Establish the association between the web server's domain name and the group identifier corresponding to the server identifier;

[0110] When determining the relevant information for each interface corresponding to the server identifier, the interface information determination module is specifically used for:

[0111] Retrieve the domain name of the web page server corresponding to the server identifier;

[0112] Based on the domain name and association of the web server, determine the target group identifier corresponding to the domain name;

[0113] Based on the grouping information of each interface group, the relevant information of each interface corresponding to the target group identifier is determined as the relevant information of each interface corresponding to the server identifier.

[0114] Optionally, when determining the relevant information for each interface corresponding to the server identifier, the interface information determination module is specifically used for:

[0115] Perform security verification on the web page server corresponding to the server identifier;

[0116] Once the security verification is successful, determine the relevant information for each interface corresponding to the server identifier;

[0117] The device also includes an information generation module, specifically used for:

[0118] If the security verification fails, a corresponding prompt message will be sent to the terminal device.

[0119] Optionally, when performing security verification on the web page corresponding to the server identifier, the interface information determination module is specifically used for:

[0120] Get the URL of the web page server corresponding to the server identifier;

[0121] Perform security verification on the URL, and / or obtain the domain name of the web page server based on the URL and perform security verification on the domain name of the web page server.

[0122] Optionally, when the interface information determination module obtains the domain name of the web page server based on the URL and performs security verification on the domain name of the web page server, it is specifically used for:

[0123] Based on the authorized domain association information of each web page server, perform security verification on the domain name of the web page server;

[0124] For a web page server, the domain association information includes the domain name of the web page server and / or the authorization validity period of each interface corresponding to the domain name.

[0125] On the other hand, embodiments of this application provide an electronic device including a processor and a memory: the memory is configured to store a computer program that, when executed by the processor, causes the processor to perform the method of any one of the above aspects or the method of any one of the other aspects.

[0126] On the other hand, embodiments of this application provide a computer-readable storage medium for storing a computer program that, when run on a computer, enables the computer to perform the method of any one aspect above or the method of any other aspect above.

[0127] The beneficial effects of the technical solutions provided in this application are:

[0128] In this embodiment, when a terminal device receives an interface access request from a web page server, it can perform authorization authentication on the interface access request based on the relevant information of each interface corresponding to the web page server obtained from the application server. Only when the relevant information of each interface contains a target interface identifier will the corresponding native code be executed. Based on this scheme, it is ensured that only web page servers with the corresponding access permissions can call the corresponding native code interface, thus guaranteeing the security of the interaction between the application's native code and the web page code. Furthermore, since the relevant information of each interface in this embodiment is obtained from the application server, rather than being hard-coded into a whitelist in the terminal device, redundant code is reduced, and compatibility is improved. Attached Figure Description

[0129] To more clearly illustrate the technical solutions in the embodiments of this application, the accompanying drawings used in the description of the embodiments of this application will be briefly introduced below.

[0130] Figure 1 A schematic diagram of a system architecture provided for an embodiment of this application;

[0131] Figure 2 A flowchart illustrating an interface permission registration method provided in an embodiment of this application;

[0132] Figure 3A flowchart illustrating an information interaction process provided in an embodiment of this application;

[0133] Figure 4 A flowchart illustrating an interface permission detection process provided in an embodiment of this application;

[0134] Figure 5 A flowchart illustrating a method for accessing native code interfaces in an application provided in this embodiment of the application;

[0135] Figure 6 A flowchart illustrating a method for accessing native code interfaces in an application, provided as an embodiment of this application;

[0136] Figure 7 A schematic diagram of the structure of an access device for a native code interface in an application provided in an embodiment of this application;

[0137] Figure 8 A schematic diagram of the structure of an access device for a native code interface in an application provided in an embodiment of this application;

[0138] Figure 9 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation

[0139] The embodiments of this application are described in detail below. Examples of these embodiments are shown in the accompanying drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary and are only used to explain this application, and should not be construed as limiting this application.

[0140] Those skilled in the art will understand that, unless specifically stated otherwise, the singular forms “a,” “an,” “the,” and “the” used herein may also include the plural forms. It should be further understood that the term “comprising” as used in this application means the presence of the stated features, integers, steps, operations, elements, and / or components, but does not exclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and / or groups thereof. It should be understood that when we say an element is “connected” or “coupled” to another element, it can be directly connected or coupled to the other element, or there may be intermediate elements. Furthermore, “connected” or “coupled” as used herein can include wireless connections or wireless coupling. The term “and / or” as used herein includes all or any units and all combinations of one or more associated listed items.

[0141] Cloud technology refers to a hosting technology that unifies a series of resources such as hardware, software, and networks within a wide area network or local area network to achieve data computing, storage, processing, and sharing.

[0142] Cloud technology is a collective term for network technologies, information technologies, integration technologies, management platform technologies, and application technologies applied to the cloud computing business model. It can form resource pools, providing flexible and convenient on-demand access. Cloud computing technology will become a crucial support. Backend services of technical network systems require substantial computing and storage resources, such as video websites, image websites, and many portal websites. With the rapid development and application of the internet industry, every item may have its own identification mark in the future, requiring transmission to backend systems for logical processing. Data at different levels will be processed separately, and various industry data will all require robust system support, which can only be achieved through cloud computing.

[0143] Cloud security refers to the collective term for security software, hardware, operational objects, organizations, and security cloud platforms applied based on cloud computing business models. Cloud security integrates emerging technologies and concepts such as parallel processing, grid computing, and the identification of unknown virus behavior. Through a large network of clients, it monitors abnormal software behavior on the network, obtains the latest information on Trojans and malware on the internet, sends it to the server for automatic analysis and processing, and then distributes solutions for viruses and Trojans to each client.

[0144] The main research directions in cloud security include: 1. Cloud computing security, which mainly studies how to ensure the security of the cloud itself and various applications on the cloud, including cloud computer system security, secure storage and isolation of data of the target object, access authentication of the target object, information transmission security, network attack protection, compliance auditing, etc.; 2. Cloudification of security infrastructure, which mainly studies how to use cloud computing to build and integrate security infrastructure resources and optimize security protection mechanisms, including building a large-scale security event and information collection and processing platform through cloud computing technology to realize the collection and correlation analysis of massive information and improve the ability to control network-wide security events and risks; 3. Cloud security services, which mainly studies various security services provided to the target object based on the cloud computing platform, such as anti-virus services.

[0145] The server in this application embodiment can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN, and big data and artificial intelligence platforms. The terminal can be a smartphone, tablet, laptop, desktop computer, smart speaker, smartwatch, etc., but is not limited to these. The terminal and server can be directly or indirectly connected via wired or wireless communication, which is not limited herein.

[0146] Hybrid mobile applications are applications that fall between web applications and native applications, combining the code of both. Hybrid applications offer the excellent user experience of native applications while retaining the cross-platform advantages of web applications. The development of the mobile internet has led to a massive increase in hybrid applications. This development model integrates web pages and native application code, and to ensure a better interactive experience, sometimes the two code types need to interact and communicate.

[0147] In existing technologies, some developers use custom JSBridge interfaces or perform simple checks on characteristics such as webpage domains before using operating system interfaces to differentiate privileged webpages. However, this approach lacks fine-grained access control. Once a security vulnerability exists in the judgment logic, all exposed native code can be called by malicious webpage code. Alternatively, whitelists can be hard-coded in the terminal to maintain interface permissions for the client. However, this approach requires different code implementations on different platforms, resulting in poor compatibility. When facing the growth of business needs and the need for frequent code upgrades and maintenance, it is difficult to guarantee dynamic scalability.

[0148] Based on this, this application provides a method for accessing native code interfaces in an application, aiming to solve some or all of the technical problems mentioned above.

[0149] To better understand and illustrate the solutions of the embodiments of this application, an optional embodiment of this application will be described below with reference to an example.

[0150] Figure 1The figure illustrates a system architecture applicable to this application. As shown, this system architecture may include a terminal device (i.e., the application client in the figure), an application server (i.e., the application server in the figure), and a web page server (i.e., the front-end webpage provider in the figure) for the web page (i.e., the front-end webpage in the figure). In practical applications, the user can download and install the hybrid mobile application (i.e., the application client) corresponding to the application server on their terminal device. The application server can manage the access permissions of each native code interface corresponding to the application and can authorize and allocate access permissions for each native code interface to the web page server based on the interface permission request sent by the web page server. When the user uses the application client, the terminal device sends a web page operation request to the web page server based on the user's operation on the web page. When the web page server determines that a native code interface needs to be called, it sends the corresponding native code interface access request to the terminal device.

[0151] If the interface access request is the first interface access request sent by the web page server (i.e., the first access interface in the diagram), then a relevant information retrieval request (i.e., the interface list) is sent to the application server. The application server extracts the domain name of the web page server from the URL of the web page server, and determines whether the web page server has access rights based on the URL and the domain name of the web page server (i.e., the URL in the diagram). If it has access rights, the relevant information of each interface is returned to the application client (i.e., the interface list in the diagram), and the application client caches the interface list locally. Otherwise, if it does not have access rights, the web page server is denied access to the native code interface.

[0152] Furthermore, when the application client has access permissions (i.e., "permission granted" in the diagram), it receives the encrypted interface parameters sent by the front-end webpage vendor and decrypts them using the public key corresponding to the front-end webpage vendor to obtain the interface parameters (i.e., "decrypted parameters" in the diagram). Then, it can execute the native code corresponding to the native code interface (i.e., "Native code" in the diagram) based on the interface parameters to obtain the execution result. Further, it can encrypt this execution result using the public key corresponding to the front-end webpage vendor to obtain the encrypted execution result and return it to the webpage server (i.e., "encrypted returned data" in the diagram). The front-end webpage vendor decrypts the encrypted execution result using its private key to obtain the execution result (i.e., "interface returned data" in the diagram).

[0153] Optionally, when a web page needs permission to access the application's native code interface (i.e., the interface below), it can register the interface permission with the application server corresponding to the application, such as... Figure 2 As shown below, the registration process will be explained in detail.

[0154] In step S101, the web page server sends a page registration request to the application server. The page registration request includes the web page server identifier and registration verification information.

[0155] The registration verification information may include the web page server's certificate and the domain name corresponding to the web page server.

[0156] In step S102, after receiving the page registration request, the application server verifies the registration verification information; if the verification passes, step S103 is executed; if the verification fails, step S110 is executed.

[0157] Specifically, the application server can verify the validity of the domain name of the web page server and the uploaded certificate. If the verification is successful, step S103 is executed. If the verification fails, it indicates that the page registration request may be impersonating the manufacturer or an attack, and step S110 is executed.

[0158] Step S103: The application server sends the interface information of the available native code interfaces to the web page server;

[0159] In practical applications, the interface information of the available native code interfaces can include group-related information for each interface group. For an interface group, the group-related information includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group.

[0160] Step S104: The web page server returns an interface permission request to the application server based on business requirements and the received interface information of the available native code interfaces. The interface permission request may include the group identifier and / or interface identifier of the web page server requesting access permissions.

[0161] Step S105: The application server reviews the interface permission request. If the request is approved, proceed to step S106; otherwise, proceed to step S110.

[0162] When the application server reviews the interface permission request, it may mean that the application server determines whether there is an interface group corresponding to the interface group identifier included in the interface permission request and / or whether there is an interface corresponding to the interface identifier included in the interface permission request.

[0163] Step S106: Determine whether the interface permission request includes an interface group identifier or an interface identifier. If it is an interface group identifier, proceed to step S107; if it is an interface identifier, proceed to step S108.

[0164] Step S107: The application server grants access permissions to the web page server for each interface belonging to the interface group corresponding to the interface group identifier;

[0165] Step S108: The application server grants the web page server access rights to the interface corresponding to the interface identifier carried in the interface permission request;

[0166] In practical applications, the application server can use the interface identifiers of the interfaces that the web page server has access to to send these interface identifiers to the server when it receives a request from a terminal device for information about the web page server's interfaces.

[0167] Step S109: The web page server uploads the public key, and the application server saves the public key.

[0168] In practical applications, the application server stores the public key so that the terminal device can decrypt the encrypted interface parameters sent by the web page server based on the public key, encrypt the execution result and return it to the web page server, and the web page server can decrypt it based on the corresponding private key to obtain the execution result.

[0169] Step S110: Deny the web page server's request for access to the application's native code interface.

[0170] Optionally, after each web page server applies to the application server for access permissions to the native code interface, the application server can manage the access permissions of the native code interface in a hierarchical manner. For example, a list can be used to manage which web page servers each native code interface has been granted access to. The list can be presented as shown in Table 1.

[0171] Table 1

[0172] Interface Name Interface Grouping domain name Public Key Validity period getID Ad group xx.aaa.com xxxxxxxxxxxxxx 2022-1-1 … … … … …

[0173] As shown in Table 1, the application server mainly maintains fields such as interface name, interface group, domain name, and public key. Among them:

[0174] 1. "Interface Name" is the name of the interface exposed by the native code in the application (i.e., the name of the native code interface), which is the interface ID (Iden....), such as getID as shown in Table 1;

[0175] 2. "Interface Group" refers to the interface group to which the corresponding interface belongs. One interface group can correspond to multiple interfaces, and one interface can also belong to multiple interface groups. The division of interface groups is based on the interface security attributes or business attributes. For example, it can be divided into advertising group, account group, statistics group, temporary group, etc. As shown in the table, the interface identified as "getID" is divided into the advertising group.

[0176] 3. "Domain name" refers to the domain name of the web page server, which can be used to uniquely identify the web page server. In practical applications, in order to achieve fine-grained control and enhance security, the domain name of the web page server can be forced to be accurate to the subdomain. For example, if the subdomain of a certain web page server in the table is xx.aaa.com, the web page server has access rights to the interface identified as "getID".

[0177] 4. The "public key" is the public key provided by the web page server, which matches the private key of the web page server and is unique. For example, the public key of the web page server in the table is xxxxxxxxxxxxxx.

[0178] 5. "Validity period" refers to the period during which the web page server has access to the native code interface when it registers (i.e., the authorization period). For example, in the table, the web page server has access to the GET interface until January 1, 2022.

[0179] Optionally, in practical applications, the application server can dynamically manage native code interfaces. Specifically, the application server's dynamic management of interface permissions can include:

[0180] 1. For newly established business partnerships involving web page servers, if the web page server belongs to a specific category of vendors, it can be categorized into a specific interface group, and access permissions for all interfaces belonging to that specific interface group can be granted to that web page server. For example, an advertising vendor's web page server can be included in the advertising group, and a login partner vendor's web page server can be included in the login group. Alternatively, if a partner vendor is a temporary collaborator or only requires access to a few interfaces, then access permissions can be granted only to certain specific interfaces.

[0181] 2. For web page servers of manufacturers that need to expand their cooperation scope, the access level of their respective interface groups can be increased or new access permissions for native code interfaces can be added.

[0182] 3. For web page servers of vendors whose cooperation has expired or who have violated regulations, remove the domain name of the web page server from the corresponding interface group, and delete the access permissions of certain interfaces that were granted separately.

[0183] In this embodiment, since access permissions for interfaces are maintained within the application server, it is applicable to different operating system platforms, effectively avoiding redundant code in the client, reducing application client update and maintenance costs, and improving compatibility. Furthermore, the solution provided in this embodiment can also employ interface grouping for hierarchical management of interface access permissions, effectively reducing the complexity of interface maintenance and management and demonstrating dynamic scalability. Moreover, this embodiment hierarchically manages the permissions of native code interfaces, effectively distinguishing the security levels of accessible interfaces from different partner vendors, enabling more precise and real-time access control for vendors, and improving security.

[0184] Optionally, in practical applications, when an application interacts with the web page it loads, if the web page server needs to access the application's native code interface during the interaction, the interaction process can be as follows: Figure 3 As shown, specifically:

[0185] Step S201: Receive the web page operation request of the operation object through the operation interface of the application and send it to the web page server;

[0186] In step S202, the web page server sends an interface access request to the terminal device containing the application. The interface access request includes the server identifier of the web page server, the target interface identifier to be accessed, and the ciphertext of the interface parameters obtained by the web page server encrypting the interface parameters using the private key corresponding to the server identifier.

[0187] Step S203: Determine whether the interface access request is the first interface access request sent by the web page server. If yes, proceed to step S204; otherwise, proceed to step S208.

[0188] Step S204: The terminal device sends a relevant information acquisition request to the application server, wherein the relevant information acquisition request includes the server identifier;

[0189] Step S205: The application server obtains the domain name of the web page server corresponding to the server identifier. Based on the domain name and association of the web server, it determines whether there is a target group identifier corresponding to the domain name. If so, proceed to step S206; otherwise, proceed to step S213.

[0190] Step S206: The application server determines the relevant information of each interface corresponding to the target group identifier as the relevant information of each interface corresponding to the server identifier based on the group information of each interface group, and sends it to the terminal device.

[0191] Step S207: The terminal device stores the relevant information of each interface corresponding to the server identifier in the local storage space;

[0192] Step S208: The terminal device determines whether the relevant information of each interface corresponding to the server identifier contains the target interface identifier. If it does, proceed to step S209; otherwise, proceed to step S213.

[0193] Step S209: The terminal device obtains the public key corresponding to the web page server from the application server based on the server identifier of the web page server.

[0194] Step S210: The terminal device decrypts the ciphertext of the interface parameters based on the obtained public key. If the decryption is successful, step S211 is executed; otherwise, step S214 is executed.

[0195] In step S211, the terminal device executes the native code corresponding to the target interface identifier based on the decrypted interface parameters, obtains the execution result, encrypts the execution result based on the public key, and returns the ciphertext of the execution result to the web page server.

[0196] In step S212, the web page server decrypts the ciphertext of the execution result based on the private key. If the decryption is successful, step S215 is executed. If the decryption fails, steps S202 to S212 are executed repeatedly.

[0197] Step S213: The application server returns a message to the terminal device indicating that it has no access permission to the interface.

[0198] Step S214: The terminal device denies the web page server access to the native code interface corresponding to the target interface identifier.

[0199] Step S215 yields the execution result.

[0200] It can be understood that when the terminal device executes the native code corresponding to the target interface identifier, if the interface parameters are not needed, steps S209 to S211 do not need to be executed. Instead, the "execute the native code corresponding to the target interface identifier" in step S211 can be executed directly. Optionally, when the web page server does not need to obtain the execution result, it can also choose not to execute the "encrypt the execution result based on the public key and return the ciphertext of the execution result to the web page server" in step S211 and step S212. In this example, executing all steps is only to illustrate all the content that may be involved in the information interaction process, and is not a limitation on the execution of each step.

[0201] In practical applications, when an application server receives a request for relevant information from a terminal device, it can perform permission checks on the server corresponding to the web page server identifier included in the request, obtain the relevant information of each interface corresponding to that web page server identifier, and return it to the terminal device, such as... Figure 4 As shown, this process can be executed by the application server, and it may specifically include:

[0202] Step S301: Receive an interface-related information acquisition request sent by the terminal device. The interface-related information acquisition request includes the server identifier.

[0203] Step S302: Obtain the URL of the web page server corresponding to the server identifier;

[0204] Step S303: Check if the URL is in the URL blacklist. If it exists, proceed to step S311; otherwise, proceed to step S304.

[0205] Step S304: Obtain the domain name of the web page server from the URL;

[0206] It is understandable that sometimes when retrieving the domain name of a web page server from the operating system on a terminal device, the URL resolution library provided by the operating system may contain security vulnerabilities. In such cases, the domain name extracted when parsing the URL on the terminal device may not match the actual domain name, potentially leading to security issues. In this embodiment, since the domain name of the web page server is retrieved from the URL within the application server, it is not affected by operating system vulnerabilities and can effectively solve this security problem.

[0207] Step S305: Based on the domain name association information of each authorized web page server, determine whether the domain name association information contains the domain name of the web page server. If it does, proceed to step S306; otherwise, proceed to step S311.

[0208] Step S306: Verify whether the interfaces corresponding to the web page server have exceeded the authorization validity period. If they have, proceed to step S311; otherwise, proceed to step S307.

[0209] Step S307: Based on the domain name and association of the web server, determine whether there is a target group identifier corresponding to the domain name of the web page server. If it exists, proceed to step S308; otherwise, proceed to step S311.

[0210] Step S308: Based on the group-related information of each interface group, determine the relevant information of each interface corresponding to the target group identifier as the relevant information of each interface corresponding to the server identifier, and return it to the terminal device.

[0211] Step S309: Determine whether there are native code interfaces corresponding to the domain name. If they exist, proceed to step S310; otherwise, proceed to step S311.

[0212] Step S310: Determine the relevant information of each native code interface corresponding to the domain name as the relevant information of each interface corresponding to the server identifier, and return it to the terminal device;

[0213] Step S311: Send the corresponding prompt message to the terminal device.

[0214] In this embodiment, when accessing the native code interface of the application from the web page, the access permission of the interface is judged on the application server side. This effectively avoids the security problems that arise in the process of domain name extraction, whitelist matching, and parameter passing when the traditional solution judges the access permission on the client side. This can effectively ensure the security of information interaction between the application and the web page.

[0215] The technical solution of this application and how the technical solution of this application solves the above-mentioned technical problems are described in detail below with reference to optional embodiments. It is understood that the various embodiments in the following text can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments.

[0216] Figure 5 This illustration shows a flowchart of a method for accessing a native code interface in an application, as provided in an embodiment of this application. For example... Figure 5 As shown, the execution subject of this method is a terminal device containing an application, and the method may include:

[0217] Step S401: Receive an interface access request sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed.

[0218] Among them, the interface access request is used to indicate that the web page server wants to access the native code interface, and the target interface identifier refers to the interface identifier of the native code interface that the web page server wants to access.

[0219] In practical applications, when a web page server needs to access the native code interface corresponding to an application, it can send an interface access request to the terminal device containing the application. The interface access request includes a server identifier that uniquely identifies the web page server and a target interface identifier of the native code interface to be accessed. This allows the terminal device to determine which specific web page server is requesting access to the native code interface based on the server identifier, and to determine which specific native code interface needs to be accessed based on the target interface identifier.

[0220] Step S402: Obtain relevant information for each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier and is obtained from the application server.

[0221] In practical applications, terminal devices can obtain relevant information about each interface corresponding to the server identifier from the application server. This relevant information includes the interface identifier. At this time, the native code interface corresponding to the interface identifier included in the relevant information is the native code interface that the web page server has access to.

[0222] Step S403: If the relevant information of each interface contains the interface identifier of the target native code interface, then execute the native code corresponding to the target interface identifier.

[0223] Specifically, when the terminal device obtains the relevant information of each interface corresponding to the server identifier, it can determine whether the interface identifier in the relevant information includes the target interface identifier. If the target interface identifier is included, it means that the web page server has the permission to access the native code interface corresponding to the target interface identifier, and at this time, the native code corresponding to the target interface identifier can be executed.

[0224] In this embodiment, when a terminal device receives an interface access request from a web page server, it can obtain the relevant information of each interface corresponding to the web page server from the application server, and perform authorization authentication on the interface access request. Furthermore, the corresponding native code is only executed if the relevant information of each interface contains a target interface identifier, effectively improving the security of the information interaction process between the application and the web page. Moreover, since the relevant information of each interface in this embodiment is obtained from the application server, there is no need to hard-code a whitelist in the terminal device, reducing redundant code and eliminating the need for interface permission maintenance on the application client, thereby improving compatibility.

[0225] In an optional embodiment of this application, before receiving the interface access request sent by the web page server, the following steps are included:

[0226] Receive web page operation requests from the target object through the application's user interface;

[0227] The web page operation request is sent to the corresponding web page server, so that the web page server, based on the web page operation request, determines that it is necessary to call the native code interface and sends an interface access request to the terminal device.

[0228] In practical applications, when an object triggers a web page operation request through the application's interface, the terminal device can send the web page operation request to the corresponding web page server. The web page server can determine whether the operation request needs to call the native code interface. If it is determined that the native code interface needs to be called, it can send an interface access request to the terminal device, including the interface identifier (i.e., the target interface identifier) ​​of the native code interface to be called.

[0229] In optional embodiments of this application, the method further includes:

[0230] Receive encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server;

[0231] Based on the server identifier, obtain the first decryption key corresponding to the web page server from the application server;

[0232] Execute the native code corresponding to the target interface identifier, including:

[0233] Decrypt the ciphertext of the interface parameters based on the first decryption key;

[0234] If decryption is successful, the native code corresponding to the target interface identifier will be executed based on the decrypted interface parameters.

[0235] The method also includes:

[0236] If decryption fails, a corresponding message will be generated.

[0237] The interface parameters refer to the environment parameters of the web page server, such as the IP (Internet Protocol) address of the web page server.

[0238] In practical applications, when executing the native code corresponding to the target interface identifier, it is sometimes necessary to use the web page server's interface parameters as input for executing the native code. In this case, the terminal device can receive the ciphertext of the interface parameters obtained by the web page server encrypting the interface parameters based on a first encryption key. Furthermore, the terminal device can obtain the first decryption key corresponding to the web page server from the application server, and decrypt the ciphertext of the interface parameters based on the obtained first decryption key. If the decryption is successful, the decrypted interface parameters can be used as input for executing the native code corresponding to the target interface identifier, and the native code corresponding to the target interface identifier can be executed. Conversely, if the decryption fails, a corresponding prompt message can be generated, such as a decryption failure prompt message, and sent to the web page server to inform the web page server that the decryption failed.

[0239] The method by which the terminal device receives the encrypted interface parameters sent by the web page server can be pre-configured, and this embodiment of the application is not limited thereto. For example, the encrypted interface parameters can be included in the interface access request sent by the web page server, or it can be sent separately by the web page server to the terminal device, or it can be returned by the web server after receiving a data acquisition request sent by the terminal device.

[0240] In optional embodiments of this application, the method further includes:

[0241] Based on the server identifier, obtain the second encryption key corresponding to the web page server from the application server;

[0242] The execution result obtained by encrypting the native code corresponding to the target interface identifier based on the second encryption key is used to obtain the ciphertext of the execution result.

[0243] The ciphertext of the execution result is sent to the web page server, so that the web page server can decrypt the ciphertext of the execution result based on the second decryption key corresponding to the second encryption key to obtain the execution result.

[0244] In practical applications, after executing the native code corresponding to the target interface identifier, the terminal device can obtain the corresponding execution result and can also obtain the second encryption key corresponding to the web page server from the application server. When the web page server needs the execution result, in order to ensure the security of data transmission, it can encrypt the execution result based on the second encryption key to obtain the ciphertext of the execution result and return it to the web page server. Furthermore, when the web page server receives the ciphertext of the execution result, it can decrypt the ciphertext of the execution result based on the second decryption key to obtain the execution result.

[0245] In particular, during the transmission of encrypted interface parameters and encrypted execution results, HTTPS can be enforced to combat man-in-the-middle attacks, thereby improving the security of data transmission.

[0246] Optionally, the first encryption key and the second decryption key can be the private key of the web page server, and the second encryption key and the first decryption key can be the public key of the web page server.

[0247] In this embodiment of the application, since the data transmission is encrypted when the application and the web page interact, the security vulnerabilities that may occur during the transmission process can be effectively avoided, thereby improving security.

[0248] In optional embodiments of this application, obtaining relevant information about each interface corresponding to the server identifier includes:

[0249] If the interface access request is the first interface access request sent by the web page server, then send an information retrieval request to the application server, which includes the server identifier; receive the relevant information of each interface corresponding to the server identifier returned by the application server, and store it in the local storage space;

[0250] If the interface access request is not the first time the web page server has sent an interface access request, then retrieve the relevant information of each interface corresponding to the server identifier from the local storage space.

[0251] In practical applications, if the interface access request received by the terminal device is the first interface access request sent by the web page server, the terminal can send a request to the application server to obtain relevant information including the server identifier of the web page server. Furthermore, when the application server receives the relevant information access request, it can determine the relevant information of each interface corresponding to the server identifier and return it to the terminal device. After receiving the relevant information of each interface corresponding to the server identifier, the terminal device can store the relevant information of each interface corresponding to the server identifier in its local storage space.

[0252] Optionally, when the interface access request received by the terminal device is not the first interface access request sent by the web page server, since the terminal device has already obtained the relevant information of each interface corresponding to the server identifier of the web page server from the application server when it first received the interface access request sent by the web page server, and stored it in the local storage space, the relevant information of each interface corresponding to the server identifier can be directly obtained from the local storage space.

[0253] In practical applications, since the information related to each interface corresponding to the web page server may be updated, in order to ensure the accuracy of the information stored locally, the information of each interface can be updated according to a set period. Of course, in practical applications, each time the terminal device receives an interface access request sent by the web page server, it can re-obtain the information of each interface corresponding to the server identifier of the web page server from the application server. In this way, it can be ensured that the information of each interface obtained is the latest information, thereby improving the accuracy of the information of each interface.

[0254] In an optional embodiment of this application, the relevant information of each interface is obtained by the application server in the following manner:

[0255] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0256] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0257] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request contains the interface identifier information of each native code interface for which authorization is requested.

[0258] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0259] In practical applications, when a web page server wants to register access permissions for native code interfaces, it can send a page registration request to the application server. This request includes a server identifier and registration verification information. Correspondingly, when the application server receives the page registration request, it can determine which specific web page server is requesting access permissions for the native code interfaces based on the included server identifier. Furthermore, to enhance security, it can also verify the registration verification information of the web page server. If the verification passes, it indicates that the page registration request is secure, and the application server can then send the interface information of each available native code interface to the web page server.

[0260] Furthermore, the web page server can determine the native code interfaces that require access permissions based on the received interface information of the available native code interfaces, and return an interface permission request to the application server. This interface permission request includes the interface identifier information of each native code interface for which authorization is requested. The application server can then determine the relevant information of each interface corresponding to the interface identifier information as the relevant information of each interface corresponding to the server identifier.

[0261] The specific types of verification information can be pre-configured according to actual needs, such as the domain name of the web page server and the certificate corresponding to the web page server. This application embodiment does not limit this.

[0262] Figure 6 This illustration shows a flowchart of a method for accessing a native code interface in an application, as provided in an embodiment of this application. For example... Figure 6 As shown, this method is executed by the application's application server, and the method includes:

[0263] Step S501: Receive an interface-related information retrieval request sent by the terminal device. The interface-related information retrieval request includes the server identifier of the web page server. The interface-related information retrieval request is sent by the terminal device when it receives an interface access request sent by the web page server. The interface access request includes the server identifier and the target interface identifier of the native code interface to be accessed.

[0264] When a terminal device receives an interface access request from a web page server, it can send information indicating that it wants to obtain information about the native code interfaces that the web page server has access to. This interface information request includes a server identifier used to identify the web page server. For an explanation of the interface access request, please refer to the previous description, which will not be repeated here.

[0265] Step S502: Determine the relevant information of each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier.

[0266] In practical applications, after receiving a request to obtain interface-related information, the application server can determine which native code interfaces the web page server has access to, corresponding to the server identifier included in the request, and use the interface identifier of each native code interface as the relevant information of the interface corresponding to that server identifier.

[0267] Step S503: Send the relevant information of each interface to the terminal device so that when the terminal device determines that the relevant information of each interface contains the target interface identifier, it executes the native code corresponding to the target interface identifier.

[0268] Specifically, once the application server determines which native code interfaces the web page server corresponding to the server identifier has access to, it can return the interface identifiers of each native code interface as relevant information to the terminal device. After receiving the relevant information of each interface, the terminal device can determine whether the target interface identifier is included in the relevant information, and then determine whether it is necessary to execute the native code corresponding to the target interface identifier.

[0269] In an optional embodiment of this application, the interface access request is the first interface access request sent by the web page server to the terminal device; wherein, when the terminal device receives the relevant information of each interface, it stores the relevant information of each interface in its local storage space; when the terminal device receives a subsequent interface access request sent by the web page server, it retrieves the relevant information of each interface from the local storage space. 。

[0270] In practical applications, when a terminal device receives an interface access request from a web page server for the first time, it will send a request to the application server to obtain interface-related information containing the server identifier of the web page server. Upon receiving the relevant information of each interface returned by the application server, the terminal device can store the relevant information of each interface corresponding to the server identifier of the web page server in its local storage space. Optionally, when the terminal device receives an interface access request from the same web page server again, it can obtain the relevant information of each interface corresponding to the server identifier from the local storage space without having to obtain it from the application server again.

[0271] In optional embodiments of this application, the method further includes:

[0272] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0273] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0274] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request includes the interface identifier information of each native code interface for which authorization is requested.

[0275] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0276] In this context, the web page server sending a page registration request indicates that the web page server wants to apply for access permissions to register native code interfaces; the interface information of the native code interfaces that can apply for access permissions refers to the interface information of each native code interface that can grant access permissions to the web page server; and the specific explanation of the registration verification information can be found in the previous description, and will not be repeated here.

[0277] In practical applications, upon receiving a page registration request from a web page server, the application server can be verified based on the registration verification information included in the request. If the verification is successful, the application server sends the interface information of the available native code interfaces to the web page server. Correspondingly, the web page server can determine the specific native code interfaces that require access permissions based on the received interface information, and generate an interface permission request based on the interface identifier information of each native code interface requesting authorization, returning it to the application server. The application server can then determine which native code interfaces to grant access permissions to the web page server based on the interface permission request, thereby obtaining the relevant information of each interface corresponding to the server identifier of the web page server.

[0278] In an optional embodiment of this application, the interface information of each native code interface that can be applied for includes the group-related information of each interface group. For an interface group, the group-related information of the interface group includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group.

[0279] If the interface identifier information includes a group identifier, the relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier, including:

[0280] The relevant information of each interface corresponding to the group identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0281] If the interface identification information includes an interface identifier, determine the relevant information of each interface corresponding to the interface identifier, including:

[0282] The relevant information of the interface corresponding to the interface identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0283] In practical applications, to facilitate the management of native code interfaces, available native code interfaces can be divided into various interface groups. For each interface group, the group-related information can include a group identifier to identify the interface group, as well as information about each interface belonging to that interface group. The criteria for dividing available native code interfaces into interface groups can be pre-configured, and this embodiment is not limited to this. For example, the groups can be formed based on the function of each native code interface, such as grouping all native code interfaces used for login into one interface group.

[0284] Optionally, after the web page server receives the interface information of each available native code interface, it can send an interface permission request to the application server according to its actual business needs. The interface permission request may include the interface group identifier or interface group name for which the web page server needs to request access. When the application server receives the interface permission request, it determines whether the interface information of each available native code interface includes the interface group identifier or interface group name included in the interface permission request. If it does, the application server determines the relevant information of each interface corresponding to the group identifier or interface group name carried in the interface permission request as the relevant information of each interface corresponding to the server identifier, that is, it grants the web page server access to each native code interface belonging to the interface group corresponding to the interface group identifier.

[0285] Optionally, after receiving the interface information of each available native code interface, the web page server can also send an interface permission request to the application server according to its actual business needs. The interface permission request may include the interface identifiers for which the web page server needs to request access. When the application server receives the interface permission request, it determines whether the interface information of each available native code interface includes the interface identifiers included in the interface permission request. If so, it determines the relevant information of each interface corresponding to the interface identifier carried in the interface permission request as the relevant information of each interface corresponding to the server identifier, that is, it grants the web page server access rights to the native code interfaces corresponding to the interface identifiers.

[0286] Optionally, in practical applications, if there are some native code interfaces that are not classified into interface groups, when the web page server receives the interface information of each native code interface that can be applied for, if it determines, based on its actual business needs, that it needs some native code interfaces that are not classified into interface groups as well as some native code interfaces that are classified into interface groups, then the interface permission application request sent by the web page server can include both the interface group identifier and the interface identifier for which the requested access permissions are granted.

[0287] In optional embodiments of this application, the method further includes:

[0288] Obtain the domain name of the web server;

[0289] Establish the association between the web server's domain name and the group identifier corresponding to the server identifier;

[0290] Determine the relevant information for each interface corresponding to the server identifier, including:

[0291] Retrieve the domain name of the web page server corresponding to the server identifier;

[0292] Based on the domain name and association of the web server, determine the target group identifier corresponding to the domain name;

[0293] Based on the grouping information of each interface group, the relevant information of each interface corresponding to the target group identifier is determined as the relevant information of each interface corresponding to the server identifier.

[0294] In practical applications, we can obtain the web server's domain name and then establish an association between that domain name and the group identifier corresponding to its server identifier. That is, we establish a link between the web server's domain name and its corresponding group identifier. Knowing the web server's domain name then reveals the group identifier corresponding to its server identifier. Furthermore, if the web server's domain name can uniquely identify the web server, the page server identifier can also be the domain name of that web page server. In this case, the group identifier corresponding to the server identifier is the same as the group identifier corresponding to the web server's domain name.

[0295] Optionally, when the application server receives a request from the terminal device to obtain interface-related information, it can determine the web page server corresponding to the server identifier it includes, then obtain the domain name of the web page server, and then, based on the domain name and association of the web page server, determine the target group identifier corresponding to the domain name of the web page server, and, according to the group-related information of each interface group, determine the relevant information of each interface belonging to the target group identifier, and return the relevant information of each interface belonging to the target group identifier to the terminal device.

[0296] In optional embodiments of this application, determining the relevant information of each interface corresponding to the server identifier includes:

[0297] Perform security verification on the web page server corresponding to the server identifier;

[0298] Once the security verification is successful, determine the relevant information for each interface corresponding to the server identifier;

[0299] The method also includes:

[0300] If the security verification fails, a corresponding prompt message will be sent to the terminal device.

[0301] In practical applications, to prevent malicious acquisition of access permissions to native code interfaces and the resulting security risks, this embodiment of the application, when determining the relevant information of each interface corresponding to the server identifier, can first perform security verification on the web page server corresponding to the web page server identifier. When the security verification passes, the interfaces corresponding to the server identifier are designated as interfaces that the web page server has access to, and the interface identifiers of these access-enabled interfaces are returned to the terminal device. Optionally, if the security verification fails, a corresponding prompt message can be sent to the terminal device to inform it that the web page server has security vulnerabilities or does not have permission to access the native code interfaces.

[0302] In optional embodiments of this application, security verification of the web page corresponding to the server identifier includes:

[0303] Retrieve the Uniform Resource Locator (URL) of the web page server corresponding to the server identifier;

[0304] Perform security verification on the URL, and / or obtain the domain name of the web page server based on the URL and perform security verification on the domain name of the web page server.

[0305] In practical applications, when performing security verification on the web page corresponding to the server identifier, one can obtain the URL of the web page server corresponding to the server identifier and then perform security verification on the URL; alternatively, one can determine the domain name of the web page server corresponding to the server identifier and then perform security verification on the domain name of the web page server.

[0306] When performing security verification on a URL, a URL blacklist can be pre-configured. This blacklist includes the URLs of web page servers that are not allowed to access native code interfaces. If the URL of a web page server is obtained and the URL blacklist includes that web page server's URL, then the verification is considered to have failed.

[0307] In an optional embodiment of this application, obtaining the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server includes:

[0308] Based on the authorized domain association information of each web page server, perform security verification on the domain name of the web page server;

[0309] For a web page server, the domain association information includes the domain name of the web page server and / or the authorization validity period of each interface corresponding to the domain name.

[0310] In practical applications, for each web page server with native code interface access permissions (i.e., authorized web page server), there can be domain name association information. This domain name association information can include the domain name of each authorized web page server and / or the authorization validity period of each interface (i.e., the interface identifier of each native code interface) corresponding to the domain name of each web page server.

[0311] Optionally, when performing security verification on the domain name of a web page server, it can be determined whether the domain name association information includes the domain name of the web page server. If the domain name of the web page server is included, the verification is considered successful; if the domain name of the web page server is not included, the verification is considered unsuccessful, meaning that the web page server does not have permission to access the native code interface.

[0312] Optionally, when performing security verification on the domain name of the web page server, the authorization validity period of each interface corresponding to the web page server can also be verified. When the authorization validity period of a certain native code interface expires, it is considered that access rights to that native code interface are no longer available. If the authorization validity periods for each native code interface are different, when determining the relevant information of each interface corresponding to the server identifier, the relevant information of the interfaces with expired authorization can be used as the relevant information of the interfaces corresponding to the server identifier.

[0313] The domain name of the web page server can be extracted from the URL corresponding to the web page server. The domain name of the web page server can be a subdomain of the web page server. This means that if the registration information verification already includes the URL corresponding to the web page server, verification can be performed directly based on that URL, eliminating the need to retrieve the URL again, thus reducing the amount of data processing.

[0314] It is understood that the execution order of the various security verification methods mentioned above can be pre-configured, and this application embodiment does not limit it.

[0315] In optional embodiments of this application, the method further includes:

[0316] Receive and store the decryption key sent by the web page server;

[0317] The system receives a key acquisition request from a terminal device, which includes a server identifier. The key acquisition request is sent upon receiving the encrypted interface parameters.

[0318] Determine the decryption key corresponding to the server identifier;

[0319] The decryption key is returned to the terminal device. The key includes the key corresponding to the server identifier.

[0320] In practical applications, when a web page server has access to the native code interface, it can send its public key to the application server. Upon receiving the public key, the application server stores it as a key for the web page server, so that subsequent terminal devices can use it to encrypt and / or decrypt data.

[0321] In practical applications, web page servers sometimes need to send interface parameters to terminal devices so that the terminal devices can execute the native code of the target interface based on these parameters. However, to ensure data security during data transmission, these interface parameters are usually encrypted using an encryption key corresponding to the web page server. Optionally, when the terminal device needs to return the execution result obtained after executing the native code to the web page server, it can also encrypt the encryption key of the execution result to ensure data transmission security. Based on this, the terminal device can send a key retrieval request to the application server. The application server determines the decryption key corresponding to the server identifier in the key retrieval request and returns it to the terminal device.

[0322] The key includes at least one of a second encryption key or a first decryption key. It can be understood that when the key includes a second encryption key and a first decryption key, the terminal device obtains the decryption key and the encryption key at the same time. Of course, the terminal device can also obtain the second encryption key or the first decryption key separately.

[0323] Optionally, in this embodiment, the first decryption key can be the public key corresponding to the web page server, while the key used by the web server to encrypt interface parameters and decrypt execution results can be the private key corresponding to the web page server.

[0324] This application provides an access device for native code interfaces in an application, such as... Figure 7 As shown, the native code interface access device 70 in this application may include: an access request receiving module 701, an interface information acquisition module 702, and a code execution module 703, wherein,

[0325] The access request receiving module 701 is used to receive interface access requests sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed.

[0326] The interface information acquisition module 702 is used to acquire relevant information of each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier and is obtained from the application server.

[0327] The code execution module 703 is used to execute the native code corresponding to the target native code interface if the relevant information of each interface includes the interface identifier of the target native code interface.

[0328] Optionally, the device further includes a request receiving module, specifically used for:

[0329] Before receiving the interface access request sent by the web page server, the application receives the web page operation request of the operation object through the operation interface;

[0330] The web page operation request is sent to the corresponding web page server, so that the web page server, based on the web page operation request, determines that it is necessary to call the native code interface and sends an interface access request to the terminal device.

[0331] Optionally, the device also includes a ciphertext processing module, specifically used for:

[0332] Receive encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server;

[0333] Based on the server identifier, obtain the first decryption key corresponding to the web page server from the application server;

[0334] When executing the native code corresponding to the target interface identifier, the code execution module is specifically used for:

[0335] Decrypt the ciphertext of the interface parameters based on the first decryption key;

[0336] If decryption is successful, the native code corresponding to the target interface identifier will be executed based on the decrypted interface parameters.

[0337] The device also includes an information generation module, specifically used for:

[0338] If decryption fails, a corresponding prompt message will be generated.

[0339] Optionally, the ciphertext processing module is also used to obtain a second encryption key corresponding to the web page server from the application server based on the server identifier;

[0340] The execution result obtained by encrypting the native code corresponding to the target interface identifier based on the second encryption key is used to obtain the ciphertext of the execution result.

[0341] The ciphertext of the execution result is sent to the web page server, so that the web page server can decrypt the ciphertext of the execution result based on the second decryption key corresponding to the second encryption key to obtain the execution result.

[0342] Optionally, when the interface information acquisition module obtains relevant information for each interface corresponding to the server identifier, it is specifically used for:

[0343] If the interface access request is the first interface access request sent by the web page server, then send an information retrieval request to the application server, which includes the server identifier; receive the relevant information of each interface corresponding to the server identifier returned by the application server, and store it in the local storage space;

[0344] If the interface access request is not the first time the web page server has sent an interface access request, then retrieve the relevant information of each interface corresponding to the server identifier from the local storage space.

[0345] This application provides an access device for native code interfaces in an application, such as... Figure 8 As shown, the native code interface access device 80 in this application may include: an interface information acquisition request acquisition module 801, an interface information determination module 802, and an interface information sending module 803, wherein,

[0346] The interface information acquisition request acquisition module 801 is used to receive the interface information acquisition request sent by the terminal device. The interface information acquisition request includes the server identifier of the web page server. The interface information acquisition request is sent by the terminal device when it receives the interface access request sent by the web page server. The interface access request includes the server identifier and the target interface identifier of the native code interface to be accessed.

[0347] The interface information determination module 802 is used to determine the relevant information of each interface corresponding to the server identifier. Each interface is a native code interface that the web page server corresponding to the server identifier has access to. The relevant information includes the interface identifier.

[0348] The interface information sending module 803 is used to send the relevant information of each interface to the terminal device, so that when the terminal device determines that the relevant information of each interface contains the target interface identifier, it executes the native code corresponding to the target interface identifier.

[0349] Optionally, an interface access request is the first interface access request sent by the web page server to the terminal device. When the terminal device receives the relevant information for each interface, it stores this information in its local storage space. When the terminal device receives a subsequent interface access request from the web page server, it retrieves the relevant information for each interface from its local storage space. 。

[0350] Optionally, the interface information determination module is also used for:

[0351] Receive a page registration request sent by the web page server. The page registration request includes the server identifier and registration verification information.

[0352] The registration verification information is verified. If the verification is successful, the interface information of each available native code interface is sent to the web page server.

[0353] Receive the interface permission request returned by the web page server based on the received interface information. The interface permission request includes the interface identifier information of each native code interface for which authorization is requested.

[0354] The relevant information of each interface corresponding to the interface identifier information is used to determine the relevant information of each interface corresponding to the server identifier.

[0355] Optionally, the interface information of each native code interface that can be applied for includes the group information of each interface group. For an interface group, the group information of the interface group includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group.

[0356] Wherein, if the interface identification information includes a group identifier, the interface information determination module, when determining the relevant information of each interface corresponding to the interface identification information and the relevant information of each interface corresponding to the server identifier, is specifically used for:

[0357] The relevant information of each interface corresponding to the group identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0358] If the interface identification information includes an interface identifier, the interface information determination module, when determining the relevant information of each interface corresponding to the interface identifier and the relevant information of each interface corresponding to the server identifier, is specifically used for:

[0359] The relevant information of the interface corresponding to the interface identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

[0360] Optionally, the device also includes an association determination module, specifically used for:

[0361] Obtain the domain name of the web server;

[0362] Establish the association between the web server's domain name and the group identifier corresponding to the server identifier;

[0363] When determining the relevant information for each interface corresponding to the server identifier, the interface information determination module is specifically used for:

[0364] Retrieve the domain name of the web page server corresponding to the server identifier;

[0365] Based on the domain name and association of the web server, determine the target group identifier corresponding to the domain name;

[0366] Based on the grouping information of each interface group, the relevant information of each interface corresponding to the target group identifier is determined as the relevant information of each interface corresponding to the server identifier.

[0367] Optionally, when determining the relevant information for each interface corresponding to the server identifier, the interface information determination module is specifically used for:

[0368] Perform security verification on the web page server corresponding to the server identifier;

[0369] Once the security verification is successful, determine the relevant information for each interface corresponding to the server identifier;

[0370] The device also includes an information generation module, specifically used for:

[0371] If the security verification fails, a corresponding prompt message will be sent to the terminal device.

[0372] Optionally, when performing security verification on the web page corresponding to the server identifier, the interface information determination module is specifically used for:

[0373] Get the URL of the web page server corresponding to the server identifier;

[0374] Perform security verification on the URL, and / or obtain the domain name of the web page server based on the URL and perform security verification on the domain name of the web page server.

[0375] Optionally, when the interface information determination module obtains the domain name of the web page server based on the URL and performs security verification on the domain name of the web page server, it is specifically used for:

[0376] Based on the authorized domain association information of each web page server, perform security verification on the domain name of the web page server;

[0377] For a web page server, the domain association information includes the domain name of the web page server and / or the authorization validity period of each interface corresponding to the domain name.

[0378] The device for accessing native code interfaces in an application according to an embodiment of this application can execute the method for accessing native code interfaces in an application according to an embodiment of this application. The implementation principle is similar and will not be described again here.

[0379] This application provides an electronic device, such as... Figure 9 As shown, Figure 9The illustrated electronic device 2000 includes a processor 2001 and a memory 2003. The processor 2001 and the memory 2003 are connected, for example, via a bus 2002. Optionally, the electronic device 2000 may also include a transceiver 2004. It should be noted that in practical applications, the transceiver 2004 is not limited to one type, and the structure of this electronic device 2000 does not constitute a limitation on the embodiments of this application.

[0380] In this embodiment, the processor 2001 is used to implement... Figure 7 and Figure 8 The functions of each module are shown.

[0381] Processor 2001 may be a CPU, a general-purpose processor, a DSP, an ASIC, an FPGA, or other programmable logic device, transistor logic device, hardware component, or any combination thereof. It may implement or execute the various exemplary logic blocks, modules, and circuits described in conjunction with the disclosure of this application. Processor 2001 may also be a combination that implements computational functions, such as including one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.

[0382] Bus 2002 may include a pathway for transmitting information between the aforementioned components. Bus 2002 may be a PCI bus or an EISA bus, etc. Bus 2002 can be divided into address bus, data bus, control bus, etc. For ease of representation, Figure 9 The bus is represented by a single thick line, but this does not mean that there is only one bus or one type of bus.

[0383] The memory 2003 may be ROM or other type of static storage device capable of storing static information and computer programs, RAM or other type of dynamic storage device capable of storing information and computer programs, or EEPROM, CD-ROM or other optical disc storage, optical disc storage (including compressed optical discs, laser discs, optical discs, digital universal optical discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium capable of carrying or storing or storing desired computer programs in the form of data structures and accessible by a computer, but not limited thereto.

[0384] The memory 2003 stores computer programs for executing the application scheme of this application, and its execution is controlled by the processor 2001. The processor 2001 executes the computer programs for the application scheme stored in the memory 2003 to implement… Figure 7 and Figure 8 The operation of the device provided in the illustrated embodiment.

[0385] This application provides an electronic device including a processor and a memory: the memory is configured to store a computer program, which, when executed by the processor, causes the processor to perform any of the methods described in the above embodiments.

[0386] This application provides a computer-readable storage medium for storing a computer program that, when run on a computer, enables the computer to perform any of the methods described in the above embodiments.

[0387] According to one aspect of this application, embodiments of this application provide a computer program product or computer program including computer instructions stored in a computer-readable storage medium. A processor of a computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the computer device to perform the methods provided in the various optional implementations described above.

[0388] The specific terms and implementation principles of the computer-readable storage medium mentioned in this application can be found in the methods described in the embodiments of this application, and will not be repeated here.

[0389] It should be understood that although the steps in the flowcharts of the accompanying figures are shown sequentially as indicated by the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the accompanying figures may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily completed at the same time, but can be executed at different times, and their execution order is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the sub-steps or stages of other steps.

[0390] The above description is only a partial embodiment of this application. It should be noted that for those skilled in the art, several improvements and modifications can be made without departing from the principle of this application, and these improvements and modifications should also be considered within the scope of protection of this application.

Claims

1. A method for accessing native code interfaces in an application, characterized in that, The method includes: The terminal device receives web page operation requests through the operation interface of a pre-installed hybrid mode application and sends them to the web page server; the hybrid mode application is an application developed by combining the web code of a web application and the native code of a native application. When the web page server determines that the web page needs permission to access the native code interface of the hybrid mode application, it sends a page registration request to the application server corresponding to the hybrid mode application. The request includes the server identifier and registration verification information of the web page server. The application server is used to manage the access permissions of the native code interface of the hybrid mode application. The native code interface is an interface used to access the native code of the hybrid mode application. When the application server determines that the verification is successful based on the registration verification information, it sends the interface information of the available native code interface to the web page server. The web page server returns an interface permission request to the application server based on business requirements and the interface information of the available native code interfaces. The request includes the group identifier and / or interface identifier of the access permission requested by the web page server. When the application server determines that an interface group corresponding to the group identifier exists, it grants access permissions to each interface of that interface group to the web page server; and / or, when the application server determines that an interface corresponding to the interface identifier exists, it grants access permissions to that interface to the web page server. When the web page server determines that it needs to call the native code interface based on the web page operation request, it sends an interface access request to the terminal device. The terminal device receives an interface access request sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed. The terminal device receives encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server. The terminal device obtains relevant information about each interface corresponding to the server identifier, wherein each interface is a native code interface that the web page server corresponding to the server identifier has access to, and the relevant information includes the interface identifier; if the interface access request is sent for the first time, the relevant information is obtained from the application server and stored in the local storage space; if the interface access request is not sent for the first time, the relevant information is obtained from the local storage space. When the terminal device determines that the relevant information of each interface includes the target interface identifier, it obtains the first decryption key corresponding to the web page server from the hybrid mode application server based on the server identifier, and decrypts the interface parameter ciphertext based on the first decryption key. If decryption is successful, the native code corresponding to the target interface identifier will be executed based on the decrypted interface parameters. If decryption fails, a corresponding message will be generated.

2. The method according to claim 1, characterized in that, The method further includes: The terminal device obtains the second encryption key corresponding to the web page server from the application server based on the server identifier; The terminal device encrypts the execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key, and obtains the ciphertext of the execution result. The terminal device sends the encrypted execution result to the web page server; The web page server decrypts the ciphertext of the execution result based on the second decryption key corresponding to the second encryption key to obtain the execution result.

3. The method according to claim 2, characterized in that, The terminal device obtains relevant information about each interface corresponding to the server identifier, including: If the interface access request is the first interface access request sent by the web page server, then a relevant information retrieval request is sent to the application server, the relevant information retrieval request including the server identifier; the relevant information of each interface corresponding to the server identifier returned by the application server is received and stored in the local storage space; If the interface access request is not the first interface access request sent by the web page server, then the relevant information of each interface corresponding to the server identifier is obtained from the local storage space.

4. The method according to claim 1, characterized in that, The interface information of the available native code interface includes group-related information for each interface group. For an interface group, the group-related information includes the group identifier of the interface group and the relevant information of each interface belonging to the interface group. When the application server determines that an interface group corresponding to the group identifier exists, it includes: The relevant information of each interface corresponding to the group identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier; When the application server determines that an interface corresponding to the interface identifier exists, it includes: The relevant information of the interface corresponding to the interface identifier carried in the interface permission request is determined as the relevant information of each interface corresponding to the server identifier.

5. The method according to claim 4, characterized in that, The method further includes: The application server obtains the domain name of the web page server; The application server establishes an association between the domain name of the web page server and the group identifier corresponding to the server identifier; When the application server determines the relevant information of each interface corresponding to the server identifier, it includes: Obtain the domain name of the web page server corresponding to the server identifier; Based on the domain name of the web page server and the association relationship, determine the target group identifier corresponding to the domain name; Based on the grouping-related information of each interface group, the relevant information of each interface corresponding to the target group identifier is determined as the relevant information of each interface corresponding to the server identifier.

6. The method according to any one of claims 1 to 5, characterized in that, When the application server determines the relevant information of each interface corresponding to the server identifier, it includes: Perform security verification on the web page server corresponding to the server identifier; Upon successful security verification, the relevant information of each interface corresponding to the server identifier is determined; The method further includes: When the application server determines that the security verification has failed, it sends a corresponding prompt message to the terminal device.

7. A device for accessing native code interfaces in an application, characterized in that, This includes terminal devices, web page servers, and application servers. The terminal device is used to receive web page operation requests through the operation interface of a pre-installed hybrid mode application and send them to the web page server; the hybrid mode application is an application developed by combining the web code of a web application and the native code of a native application. When the web page server determines that the web page needs permission to access the native code interface of the hybrid mode application, it sends a page registration request to the application server corresponding to the hybrid mode application. The request includes the server identifier and registration verification information of the web page server. The application server is used to manage access permissions to the native code interface of the hybrid mode application; The native code interface is an interface used to access the native code of the hybrid mode application; The application server is used to send interface information of the available native code interface to the web page server when it is determined that the verification is successful based on the registration verification information; The web page server is used to return an interface permission request to the application server according to business requirements and the interface information of the available native code interfaces. The request includes the group identifier and / or interface identifier of the access permission requested by the web page server. The application server is configured to grant access permissions to each interface of the interface group corresponding to the group identifier to the web page server when it is determined that an interface group exists; and / or, the application server is configured to grant access permissions to the interface corresponding to the interface identifier to the web page server when it is determined that an interface exists. The web page server is used to send an interface access request to the terminal device when it is determined that a native code interface needs to be called based on the web page operation request. The terminal device is used to receive an interface access request sent by the web page server. The interface access request includes the server identifier of the web page server and the target interface identifier of the native code interface to be accessed. The terminal device is used to receive encrypted interface parameters sent by the web page server, wherein the encrypted interface parameters are obtained by encrypting the interface parameters using the first encryption key corresponding to the web page server. The terminal device is used to obtain relevant information about each interface corresponding to the server identifier, wherein each interface is a native code interface that the web page server corresponding to the server identifier has access to, and the relevant information includes the interface identifier; if the interface access request is sent for the first time, the relevant information is obtained from the application server and stored in the local storage space; if the interface access request is not sent for the first time, the relevant information is obtained from the local storage space. When the terminal device determines that the relevant information of each interface includes the target interface identifier, it obtains the first decryption key corresponding to the web page server from the hybrid mode application server based on the server identifier, and decrypts the ciphertext of the interface parameters based on the first decryption key; if the decryption is successful, it executes the native code corresponding to the target interface identifier based on the decrypted interface parameters; if the decryption fails, it generates a corresponding prompt message.

8. An electronic device, characterized in that, Including the processor and memory: The memory is configured to store a computer program that, when executed by the processor, causes the processor to perform the method of any one of claims 1-6.

9. A computer-readable storage medium, characterized in that, The computer-readable storage medium is used to store a computer program that, when run on a computer, enables the computer to perform the method described in any one of claims 1-6.