Page operation behavior backtracking method and device, electronic equipment and storage medium
By assigning IDs to DOM tree nodes and generating masked snapshots and incremental data, combined with event listeners and a circular buffer, the problems of high resource consumption and privacy leakage in web applications are solved, and high-fidelity user operation backtracking is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- 深圳市分期乐网络科技有限公司
- Filing Date
- 2026-04-22
- Publication Date
- 2026-07-14
AI Technical Summary
Existing technologies for tracing user actions in web applications suffer from high resource consumption, inability to parse DOM structures, and inability to effectively protect sensitive information, especially posing a significant risk of privacy leaks in highly compliant scenarios.
By assigning unique node IDs to all nodes in the DOM tree, generating masked snapshot data and incremental serialized data, using event listeners and node listeners to record user actions, combining a circular buffer to store and extract data by timestamp, reconstructing the initial state of the page and tracing back user actions.
It achieves the preservation of page structure and operation details with reasonable resource consumption, supports visual backtracking, reduces storage and network overhead, ensures the security of sensitive information, and is suitable for highly compliant scenarios such as finance and government affairs.
Smart Images

Figure CN122387802A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data processing, and in particular to a method, apparatus, electronic device, and storage medium for tracing back page operation behavior. Background Technology
[0002] In web application operations and user experience analysis, developers often need to understand the actual user actions on a webpage in order to reproduce problems, optimize interactions, or conduct behavioral analysis. Currently, the industry mainly uses two basic technical methods to achieve this goal.
[0003] The first type is video recording, which uses the browser's screen capture capabilities (such as WebRTC's getDisplayMedia) or timed screenshots to record the user's actions as a video stream. This method can intuitively present the interface seen by the user, but it has obvious drawbacks: the generated video files are huge (usually several MB to tens of MB), which not only significantly increases the network traffic consumption on the user's end, but also puts a heavy storage and bandwidth burden on the server; more importantly, the video content is a pixel image, and it is impossible to parse the DOM structure, element attributes, or event binding relationships within it, making it difficult for developers to locate specific code logic errors or style problems.
[0004] The second type is log tracking, which involves inserting code at key interaction points (such as button clicks and form submissions) to report operation information as text logs (e.g., recording "The user clicked the button with ID 'submit-btn'"). This method involves small amounts of data and is simple to implement, but it severely lacks page context and visual state information. For example, did the user accidentally click due to a pop-up obscuring the view? Are the input boxes in the form invisible due to layout misalignment? This crucial information is completely missing from plain text logs, greatly limiting the efficiency of problem diagnosis.
[0005] The aforementioned existing technologies generally lack effective protection mechanisms for sensitive information. In scenarios with high compliance requirements, such as finance, government affairs, and healthcare, users often enter sensitive personal information such as ID card numbers, mobile phone numbers, bank card numbers, and passwords on web pages. However, whether it's video recording or log tracking, this information is often collected, transmitted, and stored in plaintext, which easily leads to the risk of privacy leaks.
[0006] Therefore, there is an urgent need for a backtracking method that can preserve page structure and operational details while supporting visualization, all while consuming resources reasonably. Summary of the Invention
[0007] In view of the above, it is necessary to provide a backtracking method for page operation behavior. The purpose is to provide a backtracking method that can preserve the page structure and operation details while supporting visualization, under the premise of reasonable resource consumption.
[0008] The present invention provides a method for tracing back page operation behavior, the method comprising: Once the page accessed by the user has finished loading, assign a node ID to all nodes in the DOM tree corresponding to the page; The sensitive fields contained in the data corresponding to each node are replaced with mask characters to obtain the masked DOM tree. The masked DOM tree is then serialized to generate snapshot data. The timestamp of the snapshot data is recorded and stored in a preset buffer. The system uses a preset event listener to receive event objects triggered when a user interacts with the page. It extracts the event type, timestamp, and target node corresponding to the event object from the event object, and serializes the event type, timestamp, and node ID of the target node to generate serialized data. The system uses a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree. The monitored changes are used as incremental data in the DOM tree. Sensitive fields in the incremental data are replaced with mask characters. The incremental data after masking is serialized to generate incremental serialized data. The operation serialization data and the incremental serialization data are stored in the buffer. The page is checked to see if a preset backtracking trigger event occurs. When the page is checked to see if a backtracking trigger event occurs, all operation serialization data and incremental serialization data with timestamps between the timestamp of the snapshot data and the timestamp of the backtracking trigger event are extracted from the buffer. The initial state of the page is reconstructed based on the snapshot data, and the extracted operation serialization data and incremental serialization data are replayed sequentially according to the timestamp order to trace back the user's operation behavior on the page.
[0009] Optionally, the event object includes click events, scroll events, or input events, and the step of receiving the event object triggered when the user interacts with the page using a preset event listener includes: Register an event listener on the main element of the DOM tree; During the user's interaction with the page, the event listener receives event objects triggered by any node in the DOM tree and bubbled up to the main element.
[0010] Optionally, extracting the event type, timestamp, and target node corresponding to the event object from the event object includes: Read the event type and timestamp from the event object; Retrieve the node associated with the event object; If the node has already been assigned a node ID, then that node will be used as the target node; If the node has not been assigned a node ID, then search upwards along the path of the node in the DOM tree, and take the first node that has been assigned a node ID as the target node.
[0011] Optionally, the serialization operation of generating data by serializing the event type, the timestamp, and the node ID of the target node includes: The event type, the timestamp, and the node ID of the target node are constructed into a key-value pair data structure according to a preset field order; The data structure is converted into a JSON string to obtain the serialized data of the operation.
[0012] Optionally, the step of using a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree, and using the monitored change data as incremental data for the DOM tree, includes: Retrieve each change record returned by the node listener; Extract the corresponding change data according to the change type of each change record, including: when the change type is a node list change, extract the newly added node list and the removed node list; when the change type is a node attribute change, extract the target node, the attribute name of the target node, and the new attribute value; when the change type is a text content change, extract the target node and the updated text content of the target node. The extracted change data is used as the incremental data.
[0013] Optionally, replacing sensitive fields in the incremental data with mask characters includes: Iterate through the text fields in the incremental data that contain text content; Determine whether the text field is a sensitive field based on preset sensitive field identification rules; If it is a sensitive field, the content in the text field will be replaced with a mask character to generate incremental data after masking.
[0014] Optionally, the step of serializing the incremental data after masking to generate incremental serialized data includes: The incremental data after masking is constructed into a key-value pair data object according to a preset field structure; The data object is encoded into a JSON-formatted string to obtain the incrementally serialized data.
[0015] To address the above problems, the present invention also provides a device for tracing back page operation behavior, the device comprising: The allocation module is used to assign node IDs to all nodes in the DOM tree corresponding to the page after the page accessed by the user has finished loading. The judgment module is used to replace the sensitive fields contained in the data corresponding to each node with mask characters to obtain the masked DOM tree, serialize the masked DOM tree to generate snapshot data, record the timestamp of the snapshot data and store it in a preset buffer. The operation module is used to receive event objects triggered when the user operates the page using a preset event listener, extract the event type, timestamp and target node corresponding to the event object from the event object, and serialize the event type, timestamp and node ID of the target node to generate operation serialization data. The incremental module is used to listen for changes in the node list, node attributes, and text content in the DOM tree using a preset node listener, and to use the listened-upon changed data as incremental data of the DOM tree. The module replaces sensitive fields in the incremental data with mask characters and serializes the masked incremental data to generate incremental serialized data. An extraction module is used to store the operation serialization data and the incremental serialization data into the buffer, detect whether the page has a preset backtracking trigger event, and when the page has a backtracking trigger event, extract all operation serialization data and incremental serialization data whose timestamps are between the timestamp of the snapshot data and the timestamp of the backtracking trigger event from the buffer. The backtracking module is used to reconstruct the initial state of the page based on the snapshot data, and to replay the extracted operation serialization data and incremental serialization data in the order of timestamps, so as to backtrack the user's operation behavior on the page.
[0016] To address the above problems, the present invention also provides an electronic device, the electronic device comprising: At least one processor; and, A memory communicatively connected to the at least one processor; wherein, The memory stores a program for backtracking page operation behaviors that can be executed by the at least one processor. The program for backtracking page operation behaviors is executed by the at least one processor to enable the at least one processor to perform the page operation behavior backtracking method.
[0017] To address the aforementioned problems, the present invention also provides a computer-readable storage medium storing a program for tracing back page operation behavior. This program can be executed by one or more processors to implement the aforementioned method for tracing back page operation behavior.
[0018] This invention assigns a unique node ID to all nodes in the DOM tree, providing a reliable basis for user operation location and page state restoration, overcoming the element inaccuracy problem caused by dynamic changes in the DOM structure in traditional solutions. Before generating snapshot data and incremental data, sensitive fields (such as ID card numbers and mobile phone numbers) are masked to ensure that the original plaintext is always kept locally in the browser and never enters the recording data stream, effectively protecting privacy.
[0019] Furthermore, this invention uses a desensitized snapshot as the initial state baseline, combined with operation serialization data containing only event type, timestamp, and node ID, as well as incremental serialization data recording DOM node list, attribute, and text changes. This avoids the high overhead of full recording while fully capturing the entire process of user operation and page dynamic response.
[0020] Furthermore, this invention stores both operation serialization data and incremental serialization data in a unified buffer. When a backtracking event occurs, it extracts all data from the snapshot time to the trigger time based on a timestamp window. Then, it reconstructs the initial page in chronological order and replays the operations and DOM changes sequentially, achieving high-fidelity reproduction of user behavior. This allows for the preservation of page structure and operation details while supporting subsequent visual backtracking, all while consuming resources efficiently. Attached Figure Description
[0021] Figure 1 This is a flowchart illustrating a method for tracing back page operation behavior according to an embodiment of the present invention. Figure 2 A schematic diagram of a device for tracing back page operation behavior according to an embodiment of the present invention; Figure 3 A schematic diagram of the structure of an electronic device for implementing a page operation behavior backtracking method according to an embodiment of the present invention; The objectives, features, and advantages of this invention will be further explained in conjunction with the embodiments and with reference to the accompanying drawings. Detailed Implementation
[0022] To make the objectives, technical solutions, and advantages of this invention clearer, the invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the invention. All other embodiments obtained by those skilled in the art based on the embodiments of this invention without inventive effort are within the scope of protection of this invention.
[0023] It should be noted that the descriptions involving "first," "second," etc., in this invention are for descriptive purposes only and should not be construed as indicating or implying their relative importance or implicitly specifying the number of technical features indicated. Therefore, a feature defined with "first" or "second" may explicitly or implicitly include at least one of that feature. Furthermore, the technical solutions of the various embodiments can be combined with each other, but this must be based on the ability of those skilled in the art to implement them. If the combination of technical solutions is contradictory or impossible to implement, it should be considered that such a combination of technical solutions does not exist and is not within the scope of protection claimed by this invention.
[0024] Reference Figure 1 The diagram shown is a flowchart illustrating a method for tracing back page operation behavior according to an embodiment of the present invention. This method is executed by an electronic device.
[0025] In this embodiment, the method includes: S1. After detecting that the page accessed by the user has finished loading, assign node IDs to all nodes in the DOM tree corresponding to the page; In this embodiment, when a user accesses a webpage (such as a loan application page), the loading status of the page is monitored. Specifically, a listener for the DOMContentLoaded event is registered in the browser environment to determine whether the main document structure of the page (including the ID card input box, amount selector, agreement checkbox, etc.) has been fully loaded and parsed, ensuring that all resources such as images and style sheets have been loaded.
[0026] After the page has loaded, the DOM node traversal and ID assignment process begins. Starting from the root node of the DOM tree, all nodes are visited using a depth-first traversal, and each node is assigned a globally unique node ID (such as an auto-incrementing integer or UUID). This node ID is appended to the corresponding node as a custom attribute (such as __rr_node_id__), for example: <input __rr_node_id__="42" type="text"> This attribute is used internally by the system and does not affect the original functionality of the page.
[0027] Subsequent user actions (such as filling in information or clicking) can be accurately linked to the initial page structure through the node ID, supporting high-fidelity backtracking of the entire loan application process.
[0028] S2. Replace the sensitive fields contained in the data corresponding to each node with mask characters to obtain the masked DOM tree. Serialize the masked DOM tree to generate snapshot data, record the timestamp of the snapshot data and store it in a preset buffer. In this embodiment, after assigning DOM node IDs, sensitive information identification and desensitization are performed on the DOM tree. Specifically, each node in the DOM tree is traversed, and the text content and attribute values (such as value, placeholder, data-) contained in each node are extracted. (etc.) are used as data to be detected.
[0029] According to the preset sensitive field identification rules, the system checks whether the data to be detected contains sensitive fields item by item. This includes: First, checking whether the node's attributes or associated tags contain preset sensitive keywords (such as "ID card", "mobile phone number", "bank card", "password", etc.). If they exist, the node is marked as a sensitive node. Second, the system applies preset regular expression rules to the node's text or attribute values for matching. For example, it uses the regular expression \d{17}[\dXx] for ID card numbers, \d{9} for mobile phone numbers, and \d{13,19} for bank card numbers for pattern recognition. Furthermore, it performs semantic judgment based on the node type. For example, if the node is... <input type="password"> If a field or its parent / adjacent tag contains contextual keywords such as "login" or "verification", it is considered a sensitive input area.
[0030] Once a field is determined to be a sensitive field, its content is masked, and the sensitive field is replaced with mask characters (such as consecutive characters). Or X), for example, replace "phone number" with " ", or replace "ID card" with "XXX".
[0031] After masking is complete, the entire DOM tree is serialized into structured data (such as JSON format), generating snapshot data and recording the current timestamp. This snapshot data is then stored in a pre-defined circular buffer as the initial state baseline for subsequent behavior backtracking. If the data of a node does not contain sensitive fields, masking is not performed, and serialization is performed directly.
[0032] This invention performs real-time masking of sensitive fields (such as ID card number, mobile phone number, bank card number, etc.) identified in the DOM tree at the browser front end, and then serializes the desensitized DOM tree. Sensitive information is masked in the browser memory and never enters the recording data stream in plaintext form, thus improving privacy and security. At the same time, it preserves the complete page structure and user interaction logic, and supports high-fidelity behavior backtracking.
[0033] S3. Receive the event object triggered when the user operates the page using a preset event listener, extract the event type, timestamp and target node corresponding to the event object from the event object, and serialize the event type, timestamp and node ID of the target node to generate serialized data. In this embodiment, taking a user's operation on the loan application page as an example: the system registers a global event listener on the main element of the page (such as the root container node) to capture the user's key interactive behaviors, such as the event objects triggered by clicking the "Upload ID Card" button, entering information in the "Mobile Number" input box, and swiping to view the loan terms.
[0034] Extract the event type (e.g., "click", "input"), the browser-provided timestamp, and the target node from the event object. If the target node has not yet been assigned a node ID (e.g., a dynamically loaded CAPTCHA input box), search upwards along the path in the DOM tree and take the first ancestor node with an assigned ID as the target node. Then, organize and encode the event type, timestamp, and target node's node ID into a JSON string according to a preset format to generate operation serialization data.
[0035] This invention generates operation serialization data through event objects, achieving lightweight, accurate, secure, and replayable user behavior recording. It is especially suitable for financial scenarios, as it can fully reproduce the key operation process of users filling in, modifying, and submitting on loan pages, while avoiding the recording of original sensitive information. It effectively solves the technical problems of data redundancy, inability to reproduce real interactions, and high risk of privacy leakage in traditional solutions.
[0036] In one embodiment, the event object includes a click event, a scroll event, or an input event, and the step of receiving the event object triggered when the user interacts with the page using a preset event listener includes: Register an event listener on the main element of the DOM tree; During the user's interaction with the page, the event listener receives event objects triggered by any node in the DOM tree and bubbled up to the main element.
[0037] To capture user actions on the page, register a global event listener on the main element of the DOM tree (such as the `<body>` element or the application root container node). This event listener is configured to listen for various user action events, including but not limited to: page click events, page scroll events, and input events.
[0038] When a user interacts with the page (e.g., clicking the "Submit Loan Application" button, entering text in the "ID Number" input box, or swiping to view the repayment plan), the browser generates a corresponding event object. Based on the DOM event bubbling mechanism, the event propagates upwards from the triggering node to the main element. Event listeners receive these bubbling event objects at the main element, thus uniformly capturing user actions from any child node of the page. This eliminates the need to bind a separate listener to each interactive element, reducing performance overhead and ensuring that operations on dynamically added nodes are also effectively recorded.
[0039] In one embodiment, extracting the event type, timestamp, and target node corresponding to the event object from the event object includes: Read the event type and timestamp from the event object; Retrieve the node associated with the event object; If the node has already been assigned a node ID, then that node will be used as the target node; If the node has not been assigned a node ID, then search upwards along the path of the node in the DOM tree and take the first node that has been assigned a node ID as the target node.
[0040] Once an event listener captures an event object, it reads the event type (such as "click" or "input") and timestamp (a high-precision time value generated by the browser when the event is triggered) from that event object.
[0041] Next, the target node associated with the event object is retrieved, which is the DOM node that initially triggered the event (corresponding to event.target). The system checks whether the target node has been assigned a node ID (e.g., the ID was assigned during page initialization). If the node already contains a node ID, it is directly used as the target node for this operation; if the node has not been assigned a node ID (e.g., it is a dynamically inserted temporary element or text node), the search proceeds up its parent path in the DOM tree layer by layer until the first ancestor node with an assigned node ID is found, and that ancestor node is used as the target node.
[0042] This invention extracts three core pieces of information from the event object: "event type, timestamp, and target node (and its node ID)," instead of recording the complete event object or page state. In high-frequency operation scenarios (such as fast typing and scrolling), the amount of data can be reduced by more than 80%, alleviating browser memory pressure, network transmission burden, and backend storage costs.
[0043] In one embodiment, the serialization operation of generating data by serializing the event type, the timestamp, and the node ID of the target node includes: The event type, the timestamp, and the node ID of the target node are constructed into a key-value pair data structure according to a preset field order; The data structure is converted into a JSON string to obtain the serialized data of the operation.
[0044] After extracting the event type, timestamp, and node ID of the target node, these three pieces of data are organized into a key-value pair data structure according to a preset field order (e.g., type, timestamp, nodeId). For example, a structured object is constructed containing "type": "click", "timestamp": 1700000000123, and "nodeId": "n42".
[0045] Subsequently, the browser's built-in serialization interface (such as JSON.stringify()) is called to convert the data structure into a JSON-formatted string, generating serialized operation data. This string can be efficiently stored or transmitted, and the original operation information can be restored through deserialization during playback, thus supporting accurate reproduction of user interaction behavior.
[0046] This invention converts data structures into JSON strings to generate serialized data for operations. Compared to other serialization methods (such as XML, custom binary formats, plain text logs, etc.), the JSON format has a compact structure, no redundant tags (compared to XML), and the generated string is small in size. At the same time, in high-frequency user operation scenarios (such as rapid input on loan pages), it can significantly reduce memory usage, network bandwidth consumption, and storage costs.
[0047] S4. Use a preset node listener to listen for changes in the node list, node attributes, and text content in the DOM tree, and use the listened-upon changed data as incremental data of the DOM tree. Replace the sensitive fields in the incremental data with mask characters, and serialize the masked incremental data to generate incremental serialized data. In this embodiment, the page DOM tree is monitored in real time by a preset node listener (such as the MutationObserver mechanism) to listen for three types of key information changes: changes in the node list (such as adding or removing nodes); changes in node attributes (such as modification of attributes such as class, value, disabled, etc.); and changes in text content (such as user input causing text node content to be updated).
[0048] When a node listener detects any of the above types of changes, it generates one or more change records. These change records are then used as incremental data in the DOM tree, and sensitive information is immediately identified and anonymized.
[0049] Specifically, the system iterates through fields containing text content in the incremental data (such as the text of newly added nodes, new values of attributes, and updated content of text nodes), and determines whether they belong to sensitive information based on preset sensitive field identification rules (such as regular expression matching of ID card numbers, mobile phone numbers, or keyword matching of "password" or "bank card"). If a field is determined to be sensitive, its content is replaced with a mask character (e.g., ...). (or X), for example, replacing the attribute value "13812345678" with "138 ".
[0050] After masking, the de-identified incremental data is organized into a structured object according to a preset structure (such as fields including change type, target node ID, and change content), and encoded into a JSON string to generate incremental serialized data. This data is small in size, contains no sensitive plaintext, and can be securely stored in a buffer for subsequent collaborative playback with the operation serialized data to accurately recreate the dynamic changes of the page.
[0051] User actions (such as clicks) may trigger front-end scripts to automatically modify the DOM structure (e.g., displaying form validation prompts, asynchronously loading a loan product list, toggling button states, etc.). Such page changes caused by program logic cannot be recreated solely through event listeners. This invention generates incremental serialized data by listening to changes in the DOM tree, directly capturing the actual changes to the DOM (such as adding nodes). ID card format error This allows for a complete record of the dynamic evolution of the page state.
[0052] This invention not only effectively solves the fundamental defects of traditional behavior recording technology, such as "only recording user operations and losing page results" or "relying on full snapshots leading to data redundancy and excessive overhead," but also supports real-time masking of sensitive fields during the incremental data generation stage, providing an efficient and reliable technical path for front-end privacy protection.
[0053] In one embodiment, the step of using a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree, and using the monitored change data as incremental data for the DOM tree, includes: Retrieve each change record returned by the node listener; Extract the corresponding change data according to the change type of each change record, including: when the change type is a node list change, extract the newly added node list and the removed node list; when the change type is a node attribute change, extract the target node, the modified attribute name and the new attribute value; when the change type is a text content change, extract the target node and its updated text content. The extracted change data is used as the incremental data.
[0054] The page's DOM tree is monitored in real time using pre-defined node listeners (such as those based on the browser's native MutationObserver mechanism). When the DOM structure or content changes, the node listener returns one or more change records (MutationRecords). These change records are retrieved sequentially, and the corresponding incremental data is extracted based on their change type. If the change type is a node list change (i.e., child nodes are added or removed), then extract the list of newly added nodes and the list of removed nodes; if the change type is a node attribute change (such as class, value, disabled, etc. being modified), then extract the target node that was changed, the name of the modified attribute, and the new value of the attribute; if the change type is a text content change (such as user input causing the text node content to be updated), then extract the target node and its updated text content.
[0055] The extracted data constitutes the incremental data of the DOM tree, fully reflecting the dynamic changes that occur on the page after the initial snapshot. User actions (such as clicking "Submit") may trigger scripts to automatically modify the page (such as displaying error messages or loading new content). These UI changes caused by non-direct user actions cannot be captured by event listeners; while incremental data directly records the actual changes to the DOM (such as "inserted"). ID card format error This ensures that the dynamic process of the page seen by the user can be fully reproduced during playback.
[0056] In one embodiment, replacing sensitive fields in the incremental data with mask characters includes: Iterate through the text fields in the incremental data that contain text content; Determine whether the text field is a sensitive field based on preset sensitive field identification rules; If it is a sensitive field, the content in the text field will be replaced with a mask character to generate incremental data after masking.
[0057] To prevent sensitive information from being leaked through incremental data, the incremental data is anonymized before being generated. Specifically, all fields containing text content in the incremental data are first traversed, including but not limited to: the text content of newly added nodes, the new values of modified attributes (such as value, placeholder), and the updated content of text nodes.
[0058] For each text field, a judgment is made based on preset sensitive field identification rules. The identification rules include: using regular expressions to match common sensitive information formats, such as ID card number (\d{17}[\dXx]), mobile phone number (1[3-9]\d{9}), and bank card number (\d{13,19}); checking whether the field context contains sensitive keywords, such as "password", "ID card", "bank card", "document number", etc.; and making a comprehensive judgment based on the semantic information of the target node (such as the input box type being password or the associated label containing "mobile phone number").
[0059] If a text field is determined to be sensitive, its original content is replaced with a mask character. The masking strategy can be dynamically adjusted based on the field type: for example, a phone number retains the first 3 and last 4 digits, while the middle digits are replaced with a mask character. (e.g., “1385678”); the ID number retains the birth date or is completely masked (e.g., “1101012316”).
[0060] After the above processing, incremental data with masking is generated, ensuring that it does not contain any plaintext sensitive information, thus laying the foundation for subsequent secure serialization and storage.
[0061] In one embodiment, the step of serializing the masked incremental data to generate incremental serialized data includes: The incremental data after masking is constructed into a key-value pair data object according to a preset field structure; The data object is encoded into a JSON-formatted string to obtain the incrementally serialized data.
[0062] After masking the incremental data, the anonymized incremental data is organized into key-value pairs according to a predefined field structure. The field structure dynamically adapts to the change type. For example, for changes to the node list, fields such as type (with values "addNodes" or "removeNodes"), parentNodeId, addedNodes, or removedNodes are included; for attribute changes, fields such as type ("attribute"), nodeId, attributeName, and newValue are included; and for text content changes, fields such as type ("text"), nodeId, and textContent are included. All sensitive content (such as newValue and textContent) has been replaced with mask characters to ensure that the data object does not contain plaintext privacy information.
[0063] Subsequently, the system invokes the browser's built-in serialization mechanism (such as JSON.stringify()) to encode the data object into a JSON-formatted string, generating incremental serialized data. This string has a compact structure, high readability, and facilitates efficient storage, network transmission, and subsequent parsing and reconstruction during playback, while simultaneously meeting the dual requirements of security and performance for front-end behavior recording.
[0064] S5. Store the operation serialization data and the incremental serialization data into the buffer, detect whether the page has a preset backtracking trigger event, and when the page has a backtracking trigger event, extract all operation serialization data and incremental serialization data whose timestamps are between the timestamp of the snapshot data and the timestamp of the backtracking trigger event from the buffer. In this embodiment, both the operation serialization data and the incremental serialization data are stored in a preset circular buffer. Compared to traditional unbounded storage, separate storage, or direct upload methods, storing both operation serialization data and incremental serialization data in a preset circular buffer effectively controls memory usage, prevents memory leaks, and ensures the integrity of data during critical time periods.
[0065] This circular buffer has a fixed capacity and uses a first-in, first-out (FIFO) strategy to manage data, ensuring that only the most recent behavior records are retained during long sessions, thus preventing unlimited memory growth.
[0066] The circular buffer is implemented using a pre-defined array of fixed capacity and employs a circular write strategy: when the buffer is full, new data automatically overwrites the oldest record. Each stored data entry includes a timestamp and a type identifier, facilitating subsequent retrieval by time window. It has the following technical effects: (1) constant memory usage, avoiding memory overflow caused by long-term recording; (2) always retaining the most recent behavioral data, ensuring that the complete operation and DOM change sequence can be obtained when backtracking is triggered; (3) data is retrieved and uploaded only when needed, significantly reducing storage and network overhead.
[0067] The circular buffer constructed in this invention is a key design feature that trades limited memory for high reliability, low overhead, and on-demand backtracking capabilities. It solves the resource consumption problem during long-term recording while ensuring that complete and continuous user behavior data can be obtained at critical moments.
[0068] The system detects in real time whether a preset backtracking trigger event occurs on the page. When a backtracking trigger event is detected, which can be a user operation failure event or a page running abnormal event, the data extraction process is immediately started.
[0069] User operation failure events refer to situations where the system detects a failed operation while monitoring user interactions (such as form submissions). For example, in a loan application scenario, when a user clicks the submit button, the system receives an error code or validation failure message from the backend, which is considered a "user operation failure."
[0070] Page execution exception events refer to unexpected states detected by the system during page execution. For example, capturing JavaScript runtime errors (JS Error), failure to load critical resources, or "abnormal silent state" (long-term inactivity and no DOM changes) as described in the manual are all judged as "page execution exceptions".
[0071] The system retrieves the timestamp recorded when the snapshot data was generated as the starting time point and the timestamp of the trigger event as the ending time point. Then, it iterates through all serialized data stored in the circular buffer, filtering out all operation serialized data and incremental serialized data whose timestamps are greater than or equal to the starting timestamp and less than or equal to the ending timestamp. The extracted dataset comprehensively covers all user operations and dynamic page changes from the initial page state to the trigger time of the backtracking, providing complete input for subsequent high-fidelity reconstruction of user behavior.
[0072] In one embodiment, the buffer is a circular buffer, and the extraction of all operation serialization data and incremental serialization data with timestamps between the timestamp of the snapshot data and the timestamp of the backtracking trigger event from the buffer includes: Iterate through each piece of serialized data stored in the circular buffer, the serialized data including operational serialized data and incremental serialized data; Obtain the timestamp carried by each serialized data item; If the timestamp is greater than or equal to the timestamp of the snapshot data, and less than or equal to the timestamp of the time when the backtracking trigger event occurs, then the serialized data is extracted from the circular buffer.
[0073] Two key time points are obtained: one is the timestamp recorded when the initial snapshot data was generated (denoted as ). The second is the timestamp of the time when the backtracking trigger event occurred (denoted as ). ).
[0074] Iterate through all serialized data entries stored in the pre-defined circular buffer. Serialized data includes two types: operation serialized data generated by user actions, and incremental serialized data generated by DOM changes. Each data entry has its corresponding timestamp embedded at the time of generation.
[0075] For each piece of serialized data, the system reads its timestamp T and determines whether it meets the following requirements: ≤T≤ If the condition is met, the data entry will be included in the extraction results set; otherwise, it will be ignored.
[0076] Through the above filtering mechanism, all relevant operations and DOM change records from the initial state of the page to the time of backtracking can be accurately extracted from the circular buffer, forming a complete, continuous, and time-ordered behavior data packet, providing the necessary input for subsequent high-fidelity page reconstruction.
[0077] In one embodiment, the method further includes: If no user operation event is detected within the preset time period and the DOM tree remains unchanged, the page is determined to be in an abnormal silent state, and the buffer is cleared. The snapshot data is then regenerated based on the current page state and stored in the buffer.
[0078] Continuously monitor the page's activity level. If no user interaction events (such as clicks or input) are detected within a preset time period (e.g., 5 minutes), and no DOM changes (including node additions / deletions, attribute or text modifications) are heard, the page is considered to be in an abnormally silent state.
[0079] At this point, all serialized data in the circular buffer is cleared, and a new snapshot is generated based on the current page's DOM tree: node IDs are assigned or updated, sensitive fields are masked, and the new snapshot is stored in the buffer as the starting point for subsequent recording. This effectively avoids accumulating redundant data during meaningless quiet periods, while ensuring that high-fidelity recording can continue based on the latest page state when the user returns or the page becomes active again, improving resource utilization efficiency and backtracking accuracy.
[0080] S6. Reconstruct the initial state of the page based on the snapshot data, and replay the extracted operation serialization data and incremental serialization data in the order of timestamps to trace back the user's operation behavior on the page.
[0081] In this embodiment, the backtracking process first parses the snapshot data, deserializes it, and reconstructs it into the initial DOM tree structure, restoring the state when the page finished loading. Then, the operation serialization data extracted from the buffer and the incremental serialization data are merged into an ordered event stream (ordered sequence) in ascending order of timestamps, and this event stream is traversed sequentially. For operation serialization data (such as clicks and inputs), locate the page element based on the target node ID of the operation serialization data and simulate the corresponding user operation; for incremental serialization data (such as attribute changes and node insertions), directly apply the changed content recorded in the incremental serialization data to the corresponding node.
[0082] By alternately performing operation simulations and restoring DOM changes, the complete interaction process of the user from the initial state to the trigger moment is gradually reproduced, achieving high-fidelity and auditable behavior backtracking.
[0083] This invention accurately reconstructs the initial state of a page using snapshot data, and utilizes operation serialization data and incremental serialization data to record only user operation commands and minor changes to the DOM. This avoids the high storage and bandwidth overhead of traditional full recording or video solutions, significantly reducing resource consumption and making it suitable for large-scale deployment scenarios.
[0084] Meanwhile, sensitive information is masked in real time during the snapshot generation and incremental data collection stages, ensuring that the original plaintext is always kept locally in the browser and never enters the recording data stream, effectively improving user privacy and data security.
[0085] In one embodiment, reconstructing the initial state of the page based on the snapshot data and replaying the extracted operation serialization data and incremental serialization data sequentially according to timestamp order to trace back the user's operation behavior on the page includes: The snapshot data is parsed into a DOM tree structure and reconstructed to the initial state of the page; The operation serialization data and the incremental serialization data are merged into an ordered sequence in ascending order of timestamps; The serialized data in the ordered sequence is parsed sequentially, and the corresponding operation simulation or DOM change restoration is performed according to the type of each serialized data to gradually reproduce the user's operation behavior on the page.
[0086] The backtracking process first deserializes the snapshot data, parses it into a complete DOM tree structure, and reconstructs the initial state of the page in the replay container to ensure consistency with the initial interface when the user visits.
[0087] Subsequently, the extracted operation serialization data and incremental serialization data are sorted in ascending order according to their respective timestamps and merged into a unified ordered event sequence.
[0088] The system iterates through the ordered sequence sequentially: if the current data is operation-serialized data (such as clicks or input), the corresponding element is located based on the target node ID, and the corresponding user interaction behavior is simulated; if the current data is incrementally serialized data (such as attribute modification, node insertion, or text update), the recorded changes are directly applied to the target node. By alternately executing operation simulation and DOM change restoration, the system can gradually and accurately reproduce the user's complete operation behavior from page loading completion to the trigger moment of the backtracking, achieving high-fidelity and auditable page interaction playback.
[0089] like Figure 2 The diagram shown is a schematic representation of a device for tracing back page operation behavior according to an embodiment of the present invention.
[0090] The page operation behavior tracing device 100 described in this invention can be installed in a device. Depending on the functions implemented, the page operation behavior tracing device 100 may include an allocation module 110, a judgment module 120, an extraction module 130, a comparison module 140, an extraction module 150, and a tracing module 160. The module described in this invention can also be called a unit, referring to a series of computer program segments that can be executed by the device processor and perform a fixed function, stored in the device's memory.
[0091] In this embodiment, the functions of each module / unit are as follows: The allocation module 110 is used to allocate node IDs to all nodes in the DOM tree corresponding to the page after the page accessed by the user has finished loading. The judgment module 120 is used to replace the sensitive fields contained in the data corresponding to each node with mask characters to obtain a masked DOM tree, serialize the masked DOM tree to generate snapshot data, record the timestamp of the snapshot data and store it in a preset buffer. The operation module 130 is used to receive an event object triggered when the user operates the page using a preset event listener, extract the event type, timestamp and target node corresponding to the event object from the event object, and serialize the event type, timestamp and node ID of the target node to generate operation serialization data. The incremental module 140 is used to listen for changes in the node list, node attributes, and text content in the DOM tree using a preset node listener, and to use the listened-upon changed data as incremental data of the DOM tree, replace sensitive fields in the incremental data with mask characters, and serialize the masked incremental data to generate incremental serialized data. The extraction module 150 is used to store the operation serialization data and the incremental serialization data into the buffer, detect whether the page has a preset backtracking trigger event, and when the page has a backtracking trigger event, extract all operation serialization data and incremental serialization data whose timestamps are between the timestamp of the snapshot data and the timestamp of the backtracking trigger event from the buffer. The backtracking module 160 is used to reconstruct the initial state of the page based on the snapshot data, and to replay the extracted operation serialization data and incremental serialization data in the order of timestamps, so as to backtrack the user's operation behavior on the page.
[0092] In one embodiment, the event object includes a click event, a scroll event, or an input event, and the step of receiving the event object triggered when the user interacts with the page using a preset event listener includes: Register an event listener on the main element of the DOM tree; During the user's interaction with the page, the event listener receives event objects triggered by any node in the DOM tree and bubbled up to the main element.
[0093] In one embodiment, extracting the event type, timestamp, and target node corresponding to the event object from the event object includes: Read the event type and timestamp from the event object; Retrieve the node associated with the event object; If the node has already been assigned a node ID, then that node will be used as the target node; If the node has not been assigned a node ID, then search upwards along the path of the node in the DOM tree, and take the first node that has been assigned a node ID as the target node.
[0094] In one embodiment, the serialization operation of generating data by serializing the event type, the timestamp, and the node ID of the target node includes: The event type, the timestamp, and the node ID of the target node are constructed into a key-value pair data structure according to a preset field order; The data structure is converted into a JSON string to obtain the serialized data of the operation.
[0095] In one embodiment, the step of using a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree, and using the monitored change data as incremental data for the DOM tree, includes: Retrieve each change record returned by the node listener; Extract the corresponding change data according to the change type of each change record, including: when the change type is a node list change, extract the newly added node list and the removed node list; when the change type is a node attribute change, extract the target node, the attribute name of the target node, and the new attribute value; when the change type is a text content change, extract the target node and the updated text content of the target node. The extracted change data is used as the incremental data.
[0096] In one embodiment, replacing sensitive fields in the incremental data with mask characters includes: Iterate through the text fields in the incremental data that contain text content; Determine whether the text field is a sensitive field based on preset sensitive field identification rules; If it is a sensitive field, the content in the text field will be replaced with a mask character to generate incremental data after masking.
[0097] In one embodiment, the step of serializing the masked incremental data to generate incremental serialized data includes: The incremental data after masking is constructed into a key-value pair data object according to a preset field structure; The data object is encoded into a JSON-formatted string to obtain the incrementally serialized data.
[0098] like Figure 3 The diagram shown is a structural schematic of an electronic device that implements a method for tracing back page operation behavior according to an embodiment of the present invention.
[0099] In this embodiment, the electronic device 1 includes, but is not limited to, a memory 11, a processor 12, and a network interface 13 that can be interconnected via a system bus. The memory 11 stores a program 10 for tracing back page operation behavior, which can be executed by the processor 12. Figure 3 Only the electronic device 1 showing the program 10 with components 11-13 and page operation behavior is shown. Those skilled in the art will understand that... Figure 3 The structure shown does not constitute a limitation on the electronic device 1, and may include fewer or more components than shown, or combine certain components, or have different component arrangements.
[0100] The memory 11 includes RAM and at least one type of readable storage medium. The RAM provides a cache for the operation of the electronic device 1; the readable storage medium can be a non-volatile storage medium such as flash memory, hard disk, multimedia card, card-type memory (e.g., SD or DX memory), random access memory (RAM), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the readable storage medium can be an internal storage unit of the electronic device 1; in other embodiments, the non-volatile storage medium can also be an external storage device of the electronic device 1, such as a plug-in hard disk, smart media card (SMC), secure digital card (SD), flash card, etc., equipped on the electronic device 1. In this embodiment, the readable storage medium of the memory 11 is typically used to store the operating system and various application software installed on the electronic device 1, such as storing the code of program 10 for tracing page operation behavior in one embodiment of the present invention. In addition, the memory 11 can also be used to temporarily store various types of data that have been output or will be output.
[0101] In some embodiments, processor 12 may be a central processing unit (CPU), controller, microcontroller, microprocessor, or other data processing chip. Processor 12 is typically used to control the overall operation of the electronic device 1, such as performing control and processing related to data interaction or communication with other devices. In this embodiment, processor 12 is used to run program code stored in memory 11 or process data, such as running program 10 that traces back page operation behavior.
[0102] The network interface 13 may include a wireless network interface or a wired network interface, which is used to establish a communication connection between the electronic device 1 and a terminal (not shown in the figure).
[0103] Optionally, the electronic device 1 may further include a user interface, which may include a display, an input unit such as a keyboard, and optionally, a standard wired interface or a wireless interface. Optionally, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, or an OLED (Organic Light-Emitting Diode) touchscreen, etc. The display may also be appropriately referred to as a screen or display unit, used to display information processed in the electronic device 1 and to display a visual user interface.
[0104] It should be understood that the embodiments described are for illustrative purposes only and are not limited to this structure in the scope of the patent application.
[0105] The program 10 for tracing back page operation behavior stored in the memory 11 of the electronic device 1 is a combination of multiple instructions, which, when run in the processor 12, can achieve the following: Once the page accessed by the user has finished loading, assign a node ID to all nodes in the DOM tree corresponding to the page; The sensitive fields contained in the data corresponding to each node are replaced with mask characters to obtain the masked DOM tree. The masked DOM tree is then serialized to generate snapshot data. The timestamp of the snapshot data is recorded and stored in a preset buffer. The system uses a preset event listener to receive event objects triggered when a user interacts with the page. It extracts the event type, timestamp, and target node corresponding to the event object from the event object, and serializes the event type, timestamp, and node ID of the target node to generate serialized data. The system uses a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree. The monitored changes are used as incremental data in the DOM tree. Sensitive fields in the incremental data are replaced with mask characters. The incremental data after masking is serialized to generate incremental serialized data. The operation serialization data and the incremental serialization data are stored in the buffer. The page is checked to see if a preset backtracking trigger event occurs. When the page is checked to see if a backtracking trigger event occurs, all operation serialization data and incremental serialization data with timestamps between the timestamp of the snapshot data and the timestamp of the backtracking trigger event are extracted from the buffer. The initial state of the page is reconstructed based on the snapshot data, and the extracted operation serialization data and incremental serialization data are replayed sequentially according to the timestamp order to trace back the user's operation behavior on the page.
[0106] Specifically, the implementation method of the program 10 for the processor 12 to trace back the above-mentioned page operation behavior can be found in [reference needed]. Figure 1 The descriptions of the relevant steps in the corresponding embodiments are not repeated here.
[0107] Furthermore, if the modules / units integrated in the electronic device 1 are implemented as software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. The computer-readable medium can be non-volatile or non-combustible. The computer-readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a USB flash drive, a portable hard drive, a magnetic disk, an optical disk, a computer memory, or a read-only memory (ROM).
[0108] The computer-readable storage medium stores a program 10 for tracing back page operation behavior. The program 10 for tracing back page operation behavior can be executed by one or more processors. The specific implementation of the computer-readable storage medium of the present invention is basically the same as the various embodiments of the page operation behavior tracing method described above, and will not be repeated here.
[0109] In the several embodiments provided by this invention, it should be understood that the disclosed devices, apparatuses, and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of modules is only a logical functional division, and other division methods may be used in actual implementation.
[0110] The modules described as separate components may or may not be physically separate. The components shown as modules may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs.
[0111] Furthermore, the functional modules in the various embodiments of the present invention can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or in the form of hardware plus software functional modules.
[0112] It will be apparent to those skilled in the art that the present invention is not limited to the details of the exemplary embodiments described above, and that the present invention can be implemented in other specific forms without departing from the spirit or essential characteristics of the present invention.
[0113] Therefore, the embodiments should be considered exemplary and non-limiting in all respects, and the scope of the invention is defined by the appended claims rather than the foregoing description. Thus, all variations falling within the meaning and scope of equivalents of the claims are intended to be embraced within the invention. No appended diagram markings in the claims should be construed as limiting the scope of the claims.
[0114] Furthermore, it is clear that the word "comprising" does not exclude other units or steps, and the singular does not exclude the plural. Multiple units or devices recited in a system claim may also be implemented by a single unit or device through software or hardware. The term "second class" is used to indicate names and does not indicate any specific order.
[0115] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and are not intended to limit it. Although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art should understand that modifications or equivalent conversions can be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims
1. A method for tracing back page operation behavior, characterized in that, The method includes: Once the page accessed by the user has finished loading, assign a node ID to all nodes in the DOM tree corresponding to the page; The sensitive fields contained in the data corresponding to each node are replaced with mask characters to obtain the masked DOM tree. The masked DOM tree is then serialized to generate snapshot data. The timestamp of the snapshot data is recorded and stored in a preset buffer. The system uses a preset event listener to receive event objects triggered when a user interacts with the page. It extracts the event type, timestamp, and target node corresponding to the event object from the event object, and serializes the event type, timestamp, and node ID of the target node to generate serialized data. The system uses a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree. The monitored changes are used as incremental data in the DOM tree. Sensitive fields in the incremental data are replaced with mask characters. The incremental data after masking is serialized to generate incremental serialized data. The operation serialization data and the incremental serialization data are stored in the buffer. The page is checked to see if a preset backtracking trigger event occurs. When the page is checked to see if a backtracking trigger event occurs, all operation serialization data and incremental serialization data with timestamps between the timestamp of the snapshot data and the timestamp of the backtracking trigger event are extracted from the buffer. The initial state of the page is reconstructed based on the snapshot data, and the extracted operation serialization data and incremental serialization data are replayed sequentially according to the timestamp order to trace back the user's operation behavior on the page.
2. The method for tracing back page operation behavior as described in claim 1, characterized in that, The event objects include click events, scroll events, or input events. The method of receiving event objects triggered when the user interacts with the page using a preset event listener includes: Register an event listener on the main element of the DOM tree; During the user's interaction with the page, the event listener receives event objects triggered by any node in the DOM tree and bubbled up to the main element.
3. The method for tracing back page operation behavior as described in claim 1, characterized in that, The step of extracting the event type, timestamp, and target node corresponding to the event object from the event object includes: Read the event type and timestamp from the event object; Retrieve the node associated with the event object; If the node has already been assigned a node ID, then that node will be used as the target node; If the node has not been assigned a node ID, then search upwards along the path of the node in the DOM tree, and take the first node that has been assigned a node ID as the target node.
4. The method for tracing back page operation behavior as described in claim 1, characterized in that, The serialization operation, which serializes the event type, the timestamp, and the node ID of the target node, includes: The event type, the timestamp, and the node ID of the target node are constructed into a key-value pair data structure according to a preset field order; The data structure is converted into a JSON string to obtain the serialized data of the operation.
5. The method for tracing back page operation behavior as described in claim 1, characterized in that, The method of using a preset node listener to monitor changes in the node list, node attributes, and text content in the DOM tree, and using the monitored changes as incremental data for the DOM tree, includes: Retrieve each change record returned by the node listener; Extract the corresponding change data according to the change type of each change record, including: when the change type is a node list change, extract the newly added node list and the removed node list; when the change type is a node attribute change, extract the target node, the attribute name of the target node, and the new attribute value; when the change type is a text content change, extract the target node and the updated text content of the target node. The extracted change data is used as the incremental data.
6. The method for tracing back page operation behavior as described in claim 1, characterized in that, The step of replacing sensitive fields in the incremental data with mask characters includes: Iterate through the text fields in the incremental data that contain text content; Determine whether the text field is a sensitive field based on preset sensitive field identification rules; If it is a sensitive field, the content in the text field will be replaced with a mask character to generate incremental data after masking.
7. The method for tracing back page operation behavior as described in claim 1, characterized in that, The step of serializing the incremental data after masking to generate incremental serialized data includes: The incremental data after masking is constructed into a key-value pair data object according to a preset field structure; The data object is encoded into a JSON-formatted string to obtain the incrementally serialized data.
8. A device for tracing back page operation behavior, characterized in that, The device includes: The allocation module is used to assign node IDs to all nodes in the DOM tree corresponding to the page after the page accessed by the user has finished loading. The judgment module is used to replace the sensitive fields contained in the data corresponding to each node with mask characters to obtain the masked DOM tree, serialize the masked DOM tree to generate snapshot data, record the timestamp of the snapshot data and store it in a preset buffer. The operation module is used to receive event objects triggered when the user operates the page using a preset event listener, extract the event type, timestamp and target node corresponding to the event object from the event object, and serialize the event type, timestamp and node ID of the target node to generate operation serialization data. The incremental module is used to listen for changes in the node list, node attributes, and text content in the DOM tree using a preset node listener, and to use the listened-upon changed data as incremental data of the DOM tree. The module replaces sensitive fields in the incremental data with mask characters and serializes the masked incremental data to generate incremental serialized data. An extraction module is used to store the operation serialization data and the incremental serialization data into the buffer, detect whether the page has a preset backtracking trigger event, and when the page has a backtracking trigger event, extract all operation serialization data and incremental serialization data whose timestamps are between the timestamp of the snapshot data and the timestamp of the backtracking trigger event from the buffer. The backtracking module is used to reconstruct the initial state of the page based on the snapshot data, and to replay the extracted operation serialization data and incremental serialization data in the order of timestamps, so as to backtrack the user's operation behavior on the page.
9. A device, characterized in that, The device includes: At least one processor; and, A memory communicatively connected to the at least one processor; wherein, The memory stores a backtracking procedure for page operation behavior that can be executed by the at least one processor, the backtracking procedure for page operation behavior being executed by the at least one processor to enable the at least one processor to perform the backtracking method for page operation behavior as described in any one of claims 1 to 7.
10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a page operation behavior backtracking program, which can be executed by one or more processors to implement the page operation behavior backtracking method as described in any one of claims 1 to 7.