Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for preventing cross-site request forgery

A cross-site, access request technology, applied in the computer field, can solve problems such as user loss and prevent function invalidation, and achieve the effect of preventing CSRF, meeting security requirements, and ensuring Internet security

Inactive Publication Date: 2017-03-29
ALIBABA GRP HLDG LTD
View PDF8 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This technology prevents unauthorized use or communication attempts made over an internet connection while ensuring security for user devices accessing it through secure connections like HTTPS (Hypertext Transfer Protocol Secure) protocol. It also checks if any harmful signals were detected during interaction before sending them out again afterward without compromising their privacy rights.

Problems solved by technology

This patented technical problem addressed in this patents relates to how to protect against attacks such as CrossSite Request Falsification (XSF). XFS uses cookies or similar tokens to identify different websites with specific content but no valid identities are provided during authentication process. To address these issues, there has been proposed various techniques like generating unique identifier values based upon predetermined rules instead of just sending them over all possible URLs.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for preventing cross-site request forgery
  • Method, device and system for preventing cross-site request forgery
  • Method, device and system for preventing cross-site request forgery

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0067] Embodiments of the present application provide a method, device and system for preventing cross-site request forgery.

[0068] In order to enable those skilled in the art to better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described The embodiments are only some of the embodiments of the present application, but not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the scope of protection of this application.

[0069] The specific implementation of the embodiment of the present application will be described in detail below with several specific examples.

[0070] The following firstly introduces an embodiment of a metho...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the application discloses a method, device and system for preventing cross-site request forgery. The method comprises the following steps: a client sends local terminal equipment information to a server when accessing the server at the first time; the server generates environment fingerprint information according to the terminal equipment information; the server stores the environment fingerprint information as the preset verification information; the server sends the environment fingerprint information to the client; when the data interaction is performed between the client and the server, the client sends an access request message containing the environment fingerprint information to the server; the server receives the access request message and judges whether the access request message comprises the environment fingerprint information matched with the stored preset verification information; and the server responds to the access request message according to a judgment result. Through the adoption of the method disclosed by the embodiment of the application, the cross-site request forgery can be effectively prevented, and the security of the terminal equipment is improved.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products