[go: up one dir, main page]

CN105243134A - Method and equipment for processing hijacked browser - Google Patents

Method and equipment for processing hijacked browser Download PDF

Info

Publication number
CN105243134A
CN105243134A CN201510640727.0A CN201510640727A CN105243134A CN 105243134 A CN105243134 A CN 105243134A CN 201510640727 A CN201510640727 A CN 201510640727A CN 105243134 A CN105243134 A CN 105243134A
Authority
CN
China
Prior art keywords
browser
hijacked
content
hostage
held
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510640727.0A
Other languages
Chinese (zh)
Other versions
CN105243134B (en
Inventor
高庆光
石彦伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510640727.0A priority Critical patent/CN105243134B/en
Publication of CN105243134A publication Critical patent/CN105243134A/en
Priority to PCT/CN2016/100574 priority patent/WO2017054731A1/en
Application granted granted Critical
Publication of CN105243134B publication Critical patent/CN105243134B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本发明公开了一种处理被劫持浏览器的方法及设备,识别浏览器是否被劫持;在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容;在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。本发明公开的处理被劫持浏览器的方法及设备,解决了现有技术中在浏览器被劫持时的处理方法存在处理时间长的技术问题,实现了缩短处理时间和在处理被劫持浏览器过程中提高浏览器的使用率的技术效果。

The invention discloses a method and equipment for processing a hijacked browser, which identifies whether the browser has been hijacked; The parameter information of the hijacked original web page; according to the parameter information of the original web page, the page content related to the original web page is obtained from the local storage device; The content of the page is displayed in . The method and device for processing a hijacked browser disclosed in the present invention solve the technical problem of long processing time in the processing method when the browser is hijacked in the prior art, and realize shortening of the processing time and the process of processing the hijacked browser. The technical effect of increasing the usage rate of the browser.

Description

一种处理被劫持浏览器的方法及设备A method and device for processing a hijacked browser

技术领域technical field

本发明涉及计算机网技术领域,具体涉及一种处理被劫持浏览器的方法及设备。The invention relates to the technical field of computer networks, in particular to a method and equipment for processing hijacked browsers.

背景技术Background technique

随着互联网的迅速发展,浏览器提供了丰富多样的功能,供用户在网上能够快速查找资料及个人所需要的各种信息。但是,现实中浏览器会通过浏览器插件、浏览器辅助对象(BrowserHelperObject,简称BHO)、WinsockLSP等形式对浏览器进行篡改,从而使得浏览器被劫持,而在浏览器被劫持时,浏览器的主页及互联网搜索页会变为不知名的网站、访问正常网站时被转向到恶意网页、当输入错误的网址时被转到劫持软件指定的网站和输入字符时浏览器速度严重减慢等。由于这些被劫持的浏览器给用户的日常浏览造成了不良影响,因此网络安全工具一个很重要的工作就是,需要将网络中存在的被劫持的浏览器识别出来。With the rapid development of the Internet, browsers provide a variety of functions for users to quickly find materials and various information that individuals need on the Internet. However, in reality, the browser will tamper with the browser through browser plug-ins, browser helper objects (BrowserHelperObject, BHO for short), WinsockLSP, etc., so that the browser is hijacked, and when the browser is hijacked, the browser's The homepage and Internet search page will become unknown websites, redirected to malicious webpages when visiting normal websites, redirected to websites designated by hijacking software when entering wrong URLs, and severely slowing down the browser speed when entering characters, etc. Because these hijacked browsers have caused adverse effects on users' daily browsing, a very important job of network security tools is to identify the hijacked browsers that exist in the network.

现有技术中,在浏览器被劫持时,通常采用以下方式进行处理:其一、卸载并重装浏览器;其二、通过杀毒软件来杀毒;上述处理方法其处理时间较长,而且在重装浏览器时会导致浏览器不能使用,如此,使得现有技术中在处理浏览器被劫持的方法存在处理时间长且在处理被劫持浏览器过程中浏览器的使用率降低的问题。In the prior art, when the browser is hijacked, the following methods are usually used for processing: one, uninstall and reinstall the browser; When the browser is installed, the browser cannot be used, so that the method for processing the hijacked browser in the prior art has the problems of long processing time and reduced browser usage during the process of processing the hijacked browser.

发明内容Contents of the invention

本申请实施例通过提供一种处理被劫持浏览器的方法及设备,解决了现有技术中在浏览器被劫持时的处理方法存在处理时间长的技术问题,实现了缩短处理时间和在处理被劫持浏览器过程中提高浏览器的使用率的技术效果。By providing a method and device for processing a hijacked browser, the embodiment of the present application solves the technical problem of long processing time in the processing method when the browser is hijacked in the prior art, and realizes shortening the processing time and shortening the processing time when processing the hijacked browser. The technical effect of increasing the usage rate of the browser during the process of hijacking the browser.

一方面,本申请通过本申请的一实施例提供如下技术方案:On the one hand, the present application provides the following technical solutions through an embodiment of the present application:

本申请公开了一种处理浏览器被劫持的方法,包括:This application discloses a method for handling browser hijacking, including:

识别浏览器是否被劫持;Identify whether the browser has been hijacked;

在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;When it is identified that the browser is hijacked, obtain parameter information of an original webpage that is not hijacked corresponding to the hijacked webpage loaded on the browser;

根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容;Acquiring the page content of the original webpage from a local storage device according to the parameter information of the original webpage;

在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。loading the page content in the browser to display the page content in the browser.

可选的,所述获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息,具体包括:Optionally, the obtaining parameter information of the original webpage that is not hijacked corresponding to the hijacked webpage loaded on the browser specifically includes:

获取所述被劫持网页对应的跳转信息;Obtaining the jump information corresponding to the hijacked webpage;

基于所述跳转信息,获取所述未被劫持的原始网页的参数信息。Based on the jump information, parameter information of the original webpage that has not been hijacked is acquired.

可选的,所述本地存储设备包括安装所述浏览器的用户终端和与所述用户终端连接的本地服务器。Optionally, the local storage device includes a user terminal on which the browser is installed and a local server connected to the user terminal.

可选的,所述在所述浏览器中加载所述页面内容,具体包括:Optionally, the loading the page content in the browser specifically includes:

在所述浏览器中加载所述页面内容,将所述页面内容覆盖所述被劫持网页的显示内容。Loading the page content in the browser, and covering the display content of the hijacked web page with the page content.

可选的,所述在所述浏览器中加载所述页面内容,具体包括:Optionally, the loading the page content in the browser specifically includes:

在所述浏览器中加载所述页面内容,将所述被劫持网页的显示内容替换为所述页面内容。The page content is loaded in the browser, and the displayed content of the hijacked webpage is replaced by the page content.

另一方面,本申请通过本申请的一实施例,提供如下技术方案:On the other hand, the present application provides the following technical solutions through an embodiment of the present application:

本申请还公开了一种处理浏览器被劫持的设备,所述设备包括:The present application also discloses a device for processing a browser hijacked, the device comprising:

识别单元,用于识别浏览器是否被劫持;An identification unit, configured to identify whether the browser has been hijacked;

原始网页获取单元,用于在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;An original web page obtaining unit, configured to obtain parameter information of an original web page that is not hijacked corresponding to the hijacked web page loaded on the browser when the browser is identified as being hijacked;

页面内容获取单元,用于根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容;a page content acquiring unit, configured to acquire the page content of the original web page from a local storage device according to the parameter information of the original web page;

加载单元,用于在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。A loading unit, configured to load the page content in the browser, so as to display the page content in the browser.

可选的,所述设备还包括:Optionally, the device also includes:

跳转信息获取单元,用于获取所述被劫持网页对应的跳转信息;A jump information acquisition unit, configured to acquire the jump information corresponding to the hijacked webpage;

所述原始网页获取单元,具体用于基于所述跳转信息,获取所述未被劫持的原始网页的参数信息。The original web page obtaining unit is specifically configured to obtain parameter information of the original web page that has not been hijacked based on the jump information.

可选的,所述本地存储设备包括安装所述浏览器的用户终端和与所述用户终端连接的本地服务器。Optionally, the local storage device includes a user terminal on which the browser is installed and a local server connected to the user terminal.

可选的,所述加载单元,具体用于在所述浏览器中加载所述页面内容,并将所述页面内容覆盖所述被劫持网页的显示内容。Optionally, the loading unit is specifically configured to load the page content in the browser, and cover the page content with the display content of the hijacked webpage.

可选的,所述加载单元,具体用于在所述浏览器中加载所述页面内容,并将所述被劫持网页的显示内容替换为所述页面内容。Optionally, the loading unit is specifically configured to load the page content in the browser, and replace the displayed content of the hijacked webpage with the page content.

本申请实施例中提供的一个或多个技术方案,至少具有如下技术效果或优点:One or more technical solutions provided in the embodiments of this application have at least the following technical effects or advantages:

根据本发明的一种处理被劫持浏览器的方法及设备,通过本发明,首先识别浏览器是否被劫持,在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;在根据所述参数信息,从本地存储设备中获取与所述原始网页的页面内容并进行加载,以在所述浏览器中显示所述页面内容,如此,在识别出所述浏览器被劫持,可以直接从所述本地存储设备中获取所述原始网页的页面内容进行加载,使得浏览器能够立即显示所述原始网页的页面内容,缩短了处理时间,而且在处理过程中仍然可以使用浏览器,提高了在处理被劫持浏览器过程中浏览器的使用率。According to a method and device for processing a hijacked browser according to the present invention, through the present invention, firstly, it is identified whether the browser is hijacked, and when it is recognized that the browser is hijacked, the hijacked browser information loaded on the browser is obtained. The parameter information of the original webpage corresponding to the webpage that has not been hijacked; according to the parameter information, the page content related to the original webpage is obtained from the local storage device and loaded to display the page content in the browser In this way, after identifying that the browser is hijacked, the page content of the original web page can be directly obtained from the local storage device for loading, so that the browser can immediately display the page content of the original web page, shortening the processing time. time, and the browser can still be used during the processing, which improves the utilization rate of the browser during the processing of the hijacked browser.

上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段,而可依照说明书的内容予以实施,并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂,以下特举本发明的具体实施方式。The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the following will briefly introduce the drawings that need to be used in the description of the embodiments. Obviously, the drawings in the following description are some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained based on these drawings without creative effort.

图1为本发明实施例提供的处理被劫持浏览器的方法的流程图;Fig. 1 is the flow chart of the method for processing hijacked browser that the embodiment of the present invention provides;

图2为本发明实施例提供的处理被劫持浏览器的设备的模块图。Fig. 2 is a block diagram of a device for processing a hijacked browser provided by an embodiment of the present invention.

具体实施方式detailed description

本申请实施例通过提供一种处理被劫持浏览器的方法及设备,解决了现有技术中在浏览器被劫持时的处理方法存在处理时间长的技术问题,实现了缩短处理时间和在处理被劫持浏览器过程中提高浏览器的使用率的技术效果。By providing a method and device for processing a hijacked browser, the embodiment of the present application solves the technical problem of long processing time in the processing method when the browser is hijacked in the prior art, and realizes shortening the processing time and shortening the processing time when processing the hijacked browser. The technical effect of increasing the usage rate of the browser during the process of hijacking the browser.

为了更好的理解上述技术方案,下面将结合说明书附图以及具体的实施方式对上述技术方案进行详细的说明。In order to better understand the above-mentioned technical solution, the above-mentioned technical solution will be described in detail below in conjunction with the accompanying drawings and specific implementation methods.

参见图1,本发明实施例提供的处理被劫持浏览器的方法包括以下步骤:Referring to Fig. 1, the method for processing hijacked browser that the embodiment of the present invention provides comprises the following steps:

S101:识别浏览器是否被劫持;S101: identifying whether the browser is hijacked;

S102:在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;S102: When it is identified that the browser is hijacked, obtain parameter information of an original webpage that is not hijacked and corresponding to the hijacked webpage loaded on the browser;

S103:根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容;S103: According to the parameter information of the original webpage, acquire the page content of the original webpage from a local storage device;

S104:在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。S104: Load the page content in the browser, so as to display the page content in the browser.

其中,在步骤S101中,本申请的执行主体可以是安装有所述浏览器的设备,也可以是所述浏览器,本申请不作具体限制,其中,在识别所述浏览器被劫持时,可以通过三种方法来识别出所述浏览器是否被劫持,第一种识别方法,具体可以是获取网页访问请求及其对应的操作信息;再检测所述操作信息是否符合预设规则,所述预设规则包括所述浏览器允许的操作请求;所述浏览器在检测出所述操作信息不符合所述预设规则时,识别出所述浏览器已被劫持;所述浏览器检测出所述操作信息符合所述预设规则时,识别出所述浏览器未被劫持。Wherein, in step S101, the execution subject of the present application may be the device installed with the browser, or the browser, which is not specifically limited in the present application, wherein, when it is identified that the browser is hijacked, it may be Identify whether the browser has been hijacked by three methods. The first identification method may specifically be to obtain a web page access request and its corresponding operation information; Assume that the rules include the operation requests allowed by the browser; when the browser detects that the operation information does not comply with the preset rules, it recognizes that the browser has been hijacked; the browser detects that the When the operation information conforms to the preset rule, it is identified that the browser is not hijacked.

其中,所述浏览器启动之后,会接收到用户的操作信息,基于所述操作信息,所述浏览器会自动生成并获取到与所述操作信息对应的网页访问请求,如此,使得所述浏览器能够获取到所述网页访问请求及其对应的操作信息,其中,所述操作信息例如可以是用户点击浏览器的导航页上的超链接的信息,还可以是在浏览器的搜索栏中输入搜索信息的信息,当然,所述第一种识别方法的执行主体还可以是设备。Wherein, after the browser is started, it will receive the user's operation information, and based on the operation information, the browser will automatically generate and obtain a webpage access request corresponding to the operation information, so that the browsing The browser can obtain the web page access request and its corresponding operation information, wherein the operation information can be, for example, the information that the user clicks on the hyperlink on the navigation page of the browser, or the information entered in the search bar of the browser. For the information of search information, of course, the execution subject of the first identification method may also be a device.

例如,以a浏览器为例,在a浏览器启动之后,接收到用户在a浏览器的搜索栏中输入了www.axxx.com的搜索信息,a浏览器基于该操作信息生成访问www.axxx.com的网页访问请求例如包含有Stringurl="http://www.axxx.com/";如此,使得a浏览器能够接收到访问www.axxx.com的网页访问请求及其对应的操作信息,所述操作信息为在a浏览器的搜索栏中输入www.axxx.com的信息,由于a浏览器的预设规则为在浏览器的搜索栏中输入搜索信息的第一种操作请求和对浏览器的导航页上的超链接进行点击而生成的第二种操作请求,由于所述操作信息与所述第一种操作请求相匹配,则确定所述操作信息符合所述预设规则,即使得a浏览器可以判断出a浏览器未被劫持,如此,使得所述浏览器在根据所述判断结果识别出所述浏览器是否被劫持的准确性得以提高,而且所述浏览器是自行判断是否被劫持,与现有技术中的人工判断相比,其判断的工作效率也能够得到较大的提高。For example, take browser a as an example. After browser a is started, it receives the search information of www.axxx.com entered by the user in the search bar of browser a, and browser a generates an access to www.axxx based on the operation information. The webpage access request of .com includes Stringurl="http://www.axxx.com/" for example; so that the a browser can receive the webpage access request for www.axxx.com and its corresponding operation information, The operation information is the information of entering www.axxx.com in the search bar of the browser a, because the default rule of the browser a is the first operation request of entering search information in the search bar of the browser and the browsing The second type of operation request is generated by clicking on the hyperlink on the navigation page of the browser. Since the operation information matches the first type of operation request, it is determined that the operation information conforms to the preset rule, that is, The a browser can judge that the a browser is not hijacked, so that the accuracy of the browser in identifying whether the browser is hijacked according to the judgment result is improved, and the browser judges whether it is hijacked by itself hijacked, compared with the manual judgment in the prior art, the work efficiency of its judgment can also be greatly improved.

具体来讲,第二种识别方法,具体可以是通过域名来识别所述浏览器是否被劫持,其具体实施步骤如下:浏览器获取导航页的网页访问请求,以及获取与所述网页访问请求对应的目标域名;所述浏览器判断所述目标域名是否与所述导航页的原始域名相一致;所述浏览器在判断出所述目标域名与所述原始域名一致时,则识别出所述浏览器未被劫持;所述浏览器在判断出所述目标域名与所述原始域名不一致时,则识别出所述浏览器已被劫持。Specifically, the second identification method can specifically identify whether the browser has been hijacked through the domain name, and its specific implementation steps are as follows: the browser obtains the webpage access request of the navigation page, and obtains the webpage corresponding to the webpage access request. the target domain name; the browser judges whether the target domain name is consistent with the original domain name of the navigation page; The browser is not hijacked; when the browser judges that the target domain name is inconsistent with the original domain name, it recognizes that the browser has been hijacked.

其中,所述浏览器在启动时会自动加载导航页,使得所述浏览器能够获取到所述导航页的网页访问请求,再根据所述网页访问请求,获取所述目标域名;当然,所述浏览器在启动之后,所述浏览器接收到用户启动所述导航页的启动请求时,所述浏览器根据所述启动请求来加载所述导航页,进而获取到所述导航页的网页访问请求,再根据所述网页访问请求,获取所述目标域名,再判断所述目标域名与所述原始域名是否一致,当然,所述第一种识别方法的执行主体还可以是设备。Wherein, the browser will automatically load the navigation page when starting, so that the browser can obtain the webpage access request of the navigation page, and then obtain the target domain name according to the webpage access request; of course, the After the browser is started, when the browser receives a startup request from the user to start the navigation page, the browser loads the navigation page according to the startup request, and then obtains the webpage access request of the navigation page , and then obtain the target domain name according to the webpage access request, and then judge whether the target domain name is consistent with the original domain name. Of course, the execution subject of the first identification method may also be a device.

例如,以a浏览器为例,a浏览器启动时会自动加载a导航页,a浏览器在加载a导航页时,会生成a导航页的网页访问请求例如包含有Stringurl="http://hao.bxxx.cn/";如此,使得浏览器能够从a导航页的网页访问请求中提取目标域名为hao.bxxx.cn,若a浏览器中预先存储有a导航页的原始域名为hao.axxx.cn,由于hao.bxxx.cn与hao.axxx.cn不同,即a浏览器判断所述目标域名与所述原始域名不一致,则使得a浏览器检测到所述判断结果表征所述目标域名与所述原始域名不一致,从而识别出a浏览器已被劫持;若a浏览器中预先存储有a导航页的原始域名为hao.bxxx.cn,由于所述原始域名与所述目标域名相同,即a浏览器判断所述目标域名与所述原始域名一致,使得a浏览器检测到所述判断结果表征所述目标域名与所述原始域名一致,从而识别出a浏览器未被劫持。For example, take browser a as an example. When browser a starts, it will automatically load navigation page a. When browser a loads navigation page a, it will generate a web page access request for navigation page a, for example, containing Stringurl="http:// hao.bxxx.cn/"; in this way, the browser can extract the target domain name as hao.bxxx.cn from the web page access request of a navigation page, if the original domain name of a navigation page is pre-stored in browser a as hao. axxx.cn, because hao.bxxx.cn is different from hao.axxx.cn, that is, browser a judges that the target domain name is inconsistent with the original domain name, so that browser a detects that the judgment result represents the target domain name Inconsistent with the original domain name, thereby identifying that the a browser has been hijacked; if the original domain name of the a navigation page is pre-stored in the a browser as hao.bxxx.cn, since the original domain name is the same as the target domain name, That is, browser a judges that the target domain name is consistent with the original domain name, so that browser a detects that the judgment result indicates that the target domain name is consistent with the original domain name, thereby identifying that browser a is not hijacked.

具体来讲,第三种识别方式,具体可以是通过快捷方式的命令行的参数设置信息来所述浏览器是否被劫持,其具体实施步骤如下:获取所述浏览器的快捷方式的命令行的参数设置信息;判断所述参数设置信息对应的设置方式是否与预设方式相一致;在判断出所述设置方式与所述预设方式不一致时,识别出所述浏览器已被劫持;在判断出所述设置方式与所述预设方式一致时,识别出所述浏览器未被劫持。Specifically, the third identification method may be to determine whether the browser is hijacked through the parameter setting information of the command line of the shortcut, and its specific implementation steps are as follows: obtain the command line of the shortcut of the browser Parameter setting information; judging whether the setting method corresponding to the parameter setting information is consistent with the preset method; when it is determined that the setting method is inconsistent with the preset method, identifying that the browser has been hijacked; judging When it is found that the setting mode is consistent with the preset mode, it is identified that the browser is not hijacked.

其中,所述第三识别方式的执行主体是设备,所述设备例如可以是平板电脑、笔记本电脑、智能手机、台式电脑等设备,所述设备中安装有浏览器,在获取浏览器的快捷方式的命令行的参数设置信息时,可以通过启动安装在所述设备中的命令行程序,例如在windows环境下,命令行程序通常为cmd.exe,然后所述设备在接收到用户输入的与浏览器的快速方式对应的命令信息时,将所述参数设置信息显示在所述命令行程序中,如此,根据所述显示内容,即可获取所述参数设置信息,其中,所述参数设置信息中包含有所述快捷方式的设置方式信息。当然,还可以通过查看所述浏览器的快捷方式的属性信息来获取所述参数设置信息,进一步的,所述预设方式为所述浏览器的快捷方式的默认的设置方式,具体可以是手动设置方式或自动设置方式。Wherein, the execution subject of the third identification method is a device, and the device may be, for example, a tablet computer, a notebook computer, a smart phone, a desktop computer, etc., and a browser is installed in the device, and the browser shortcut is obtained When setting the parameter information of the command line, you can start the command line program installed in the device, for example, in the windows environment, the command line program is usually cmd.exe, and then the device receives the user input and browses the When the command information corresponding to the quick mode of the browser is displayed, the parameter setting information is displayed in the command line program, so that according to the displayed content, the parameter setting information can be obtained, wherein the parameter setting information Contains the setting method information of the shortcut. Of course, the parameter setting information can also be obtained by viewing the attribute information of the shortcut of the browser. Further, the preset mode is the default setting mode of the shortcut of the browser, which can be manually setting mode or automatic setting mode.

例如,以笔记本电脑A为例,在笔记本电脑A中安装有b浏览器并创建了b浏览器的快捷方式,根据接收到的用户在笔记本电脑A的开始菜单的搜索栏中输入了cmd的信息,则启动cmd.exe,然后在根据接收到的搜索b浏览器的快捷方式对应的命令信息时,将b浏览器的快捷方式对应的参数设置信息显示在cmd.exe中,如此,使得笔记本电脑A获取到所述参数设置信息,若所述参数设置信息中包含的所述快捷方式的设置方式信息显示b浏览器的快捷方式对应的设置方式为手动设置方式时,由于手动设置方式与所述预设方式相同,则确定所述设置方式与所述预设方式相一致,如此,可以确定b浏览器未被劫持;若b浏览器的快捷方式对应的设置方式为自动设置方式时,由于自动设置方式与所述预设方式不同,则确定所述设置方式与所述预设方式不一致,如此,可以确定b浏览器已被劫持。For example, taking laptop A as an example, a b browser is installed in laptop A and a shortcut of b browser is created, according to the received information that the user enters cmd in the search bar of the start menu of laptop A , then start cmd.exe, and then display the parameter setting information corresponding to the shortcut of browser b in cmd.exe according to the received command information corresponding to the shortcut of searching b browser, so that the notebook computer A obtains the parameter setting information, if the setting method information of the shortcut included in the parameter setting information shows b that the setting method corresponding to the shortcut of the browser is a manual setting method, since the manual setting method is different from the If the default mode is the same, it is determined that the setting mode is consistent with the preset mode, so that it can be determined that the b browser is not hijacked; if the corresponding setting mode of the shortcut of the b browser is an automatic setting mode, due to automatic If the setting method is different from the preset method, then it is determined that the setting method is inconsistent with the preset method, so it can be determined that the b browser has been hijacked.

其中,在b浏览器未被劫持时,b浏览器的快捷方式对应的设置方式必然为所述预设方式,而在b浏览器被劫持时,b浏览器的快捷方式对应的设置方式才会与所述预设方式不同,如此,通过判断b浏览器的快捷方式对应的设置方式是否与所述预设方式相一致,即可以准确的判断出b浏览器是否被劫持,使得判断的准确性得以提高。Wherein, when the b browser is not hijacked, the setting method corresponding to the shortcut of the b browser must be the preset method, and when the b browser is hijacked, the setting method corresponding to the shortcut of the b browser will be Different from the preset method, in this way, by judging whether the setting method corresponding to the shortcut of the b browser is consistent with the preset method, it can be accurately judged whether the b browser is hijacked, so that the accuracy of the judgment be improved.

接下来执行步骤S102,在该步骤中,在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息。Next, step S102 is executed. In this step, when it is identified that the browser is hijacked, the parameter information of the original webpage that is not hijacked and corresponding to the hijacked webpage loaded on the browser is acquired.

其中,所述被劫持网页指的已被劫持后的网页,所述未被劫持的原始网页指的是未被劫持之前的网页,例如,以a浏览器为例,a浏览器接收到用户点击了a浏览器自动的a导航页的按键时,在a浏览器上自动加载a导航页,但是这时a浏览器被劫持,且将加载的a导航页劫持到b导航页,使得在a浏览器上显示的b导航页的页面内容,其中,a导航页为所述未被劫持的原始网页,而b导航页为所述被劫持网页。Wherein, the hijacked webpage refers to a hijacked webpage, and the unhijacked original webpage refers to a webpage before being hijacked. For example, taking browser a as an example, browser a receives a user click When the button of a browser's automatic a navigation page is pressed, the a navigation page is automatically loaded on the a browser, but at this time, the a browser is hijacked, and the loaded a navigation page is hijacked to the b navigation page, so that when browsing in a The page content of the navigation page b displayed on the browser, wherein the navigation page a is the original webpage that has not been hijacked, and the navigation page b is the hijacked webpage.

在具体实施过程中,在通过步骤S101识别出所述浏览器被劫持时,可以获取所述被劫持网页对应的跳转信息;基于所述跳转信息,获取所述未被劫持的原始网页的参数信息,其中,所述跳转信息中包含有从所述原始网页跳转至所述被劫持网页的信息,如此,可以从所述跳转信息获取到所述原始网页的参数信息,所述参数信息包括所述原始网页的域名和/或网址等信息,当然,在识别出所述浏览器被劫持时,还可以获取与所述被劫持网页对应的执行代码,根据所述执行代码,获取所述原始网页的参数信息。In the specific implementation process, when it is identified that the browser is hijacked through step S101, the jump information corresponding to the hijacked web page can be obtained; based on the jump information, the original web page that has not been hijacked can be obtained Parameter information, wherein the jump information includes information about jumping from the original webpage to the hijacked webpage, so that the parameter information of the original webpage can be obtained from the jump information, and the The parameter information includes information such as the domain name and/or website address of the original webpage. Of course, when it is recognized that the browser is hijacked, the execution code corresponding to the hijacked webpage can also be obtained, and according to the execution code, obtain Parameter information of the original web page.

例如,以a浏览器为例,a浏览器识别出a浏览器已被劫持时,获取加载在a浏览器上的被劫持页面为c导航页,c导航页即为所述被劫持网页,获取c导航页对应的跳转信息,若所述跳转信息中包含的从a导航页跳转到c导航页的信息,根据所述跳转信息获取到a导航页的参数信息为a导航页的域名hao.axxx.cn。For example, taking browser a as an example, when browser a recognizes that browser a has been hijacked, obtain the hijacked page loaded on browser a as navigation page c, and navigation page c is the hijacked webpage, and obtain The jump information corresponding to the c navigation page, if the information contained in the jump information jumps from the a navigation page to the c navigation page, according to the jump information, the parameter information of the a navigation page is obtained from the a navigation page The domain name is hao.axxx.cn.

接下来执行步骤S103,在该步骤中,根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容。Next, step S103 is executed. In this step, the page content of the original web page is obtained from the local storage device according to the parameter information of the original web page.

在具体实施过程中,所述本地存储设备包括安装所述浏览器的用户终端和与所述用户终端连接的本地服务器,所述本地存储设备中存储有大量网页的页面内容,以所述原始网页的参数信息中的部分或全部内容为关键词在所述本地存储设备中进行搜索,搜索到与所述参数信息相匹配的存储数据即为所述原始网页的页面内容,其中,所述本地存储设备中预存有所述原始网页的页面内容。In a specific implementation process, the local storage device includes a user terminal installed with the browser and a local server connected to the user terminal, and a large number of web page contents are stored in the local storage device, and the original web page Part or all of the content in the parameter information is a keyword to search in the local storage device, and the stored data that matches the parameter information is the page content of the original web page, wherein the local storage The page content of the original webpage is pre-stored in the device.

具体来讲,在所述本地存储设备中存储有大量网页的页面内容时,可以对存储的大量网页的页面内容建立索引,以使得再根据所述原始网页的参数信息查找到对应的页面内容时,通过索引能够更快的查找到所述原始网页的页面内容,提高查找的效率;当然,也可以是遍历所述本地存储设备中存储的所有数据,然后找到所述原始网页的页面内容,其中,在所述本地存储设备中存储的大量网页的页面内容时,将每一个页面内容对应网页的域名和/或网址作为文件名,如此,通过所述原始网页的参数信息进行搜索,就可以从所述本地存储设备中获取预存的所述原始网页的页面内容。Specifically, when the page content of a large number of web pages is stored in the local storage device, an index may be established for the stored page content of a large number of web pages, so that when the corresponding page content is found according to the parameter information of the original web page , the page content of the original webpage can be found faster through the index, and the efficiency of the search is improved; of course, it is also possible to traverse all the data stored in the local storage device, and then find the page content of the original webpage, wherein , when storing the page content of a large number of web pages in the local storage device, the domain name and/or URL of the web page corresponding to each page content is used as the file name, so that by searching through the parameter information of the original web page, it can be obtained from The pre-stored page content of the original webpage is obtained from the local storage device.

例如,以a浏览器为例,a浏览器识别出a浏览器已被劫持时,获取加载在a浏览器上的被劫持页面为c导航页,c导航页即为所述被劫持网页,获取c导航页对应的跳转信息,若所述跳转信息中包含的从a导航页跳转到c导航页的信息,根据所述跳转信息获取到a导航页的参数信息为a导航页的域名hao.axxx.cn,然后从安装有a浏览器的平板电脑A中存储的大量网页的页面内容中以为hao.axxx.cn的关键词进行搜索,查找到对应的页面内容,即为a导航页的页面内容。For example, taking browser a as an example, when browser a recognizes that browser a has been hijacked, obtain the hijacked page loaded on browser a as navigation page c, and navigation page c is the hijacked webpage, and obtain The jump information corresponding to the c navigation page, if the information contained in the jump information jumps from the a navigation page to the c navigation page, according to the jump information, the parameter information of the a navigation page is obtained from the a navigation page Domain name hao.axxx.cn, and then search for the keywords of hao.axxx.cn from the page content of a large number of web pages stored in the tablet computer A with a browser installed, and find the corresponding page content, which is a navigation The page content of the page.

接下来执行步骤S104,在该步骤中,在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。Next, step S104 is executed. In this step, the page content is loaded in the browser to display the page content in the browser.

在具体实施过程中,可以在所述浏览器中加载所述页面内容,将所述页面内容覆盖所述被劫持网页的显示内容;也可以在所述浏览器中加载所述页面内容,将所述被劫持网页的显示内容替换为所述页面内容,通过这两种方式均可以在所述浏览器上加载所述原始网页的页面内容,使得浏览器能够立即显示所述原始网页的页面内容,缩短了处理时间,而且在处理过程中仍然可以使用浏览器,提高了在处理被劫持浏览器过程中浏览器的使用率。In the specific implementation process, the page content can be loaded in the browser, and the page content can cover the display content of the hijacked webpage; the page content can also be loaded in the browser, and the The display content of the hijacked webpage is replaced by the page content, and the page content of the original webpage can be loaded on the browser by these two methods, so that the browser can immediately display the page content of the original webpage, The processing time is shortened, and the browser can still be used during the processing, and the utilization rate of the browser during the processing of the hijacked browser is improved.

具体来讲,在通过步骤S103获取到所述原始页面的页面内容之后,直接在所述浏览器上加载所述页面内容并进行显示,使得显示的内容与用户的需求相匹配。Specifically, after the page content of the original page is acquired through step S103, the page content is directly loaded on the browser and displayed, so that the displayed content matches the user's needs.

例如,以a浏览器为例,a浏览器识别出a浏览器已被劫持时,获取加载在a浏览器上的被劫持页面为c导航页,c导航页即为所述被劫持网页,获取c导航页对应的跳转信息,若所述跳转信息中包含的从a导航页跳转到c导航页的信息,根据所述跳转信息获取到a导航页的参数信息为a导航页的域名hao.axxx.cn,然后从安装有a浏览器的平板电脑A中存储的大量网页的页面内容中以为hao.axxx.cn的关键词进行搜索,查找名称为hao.axxx.cn的文件夹,然后从该文件夹中读取的数据即为a导航页的页面内容,然后直接将读取的a导航页的页面内容加载在a浏览器上,使得a导航页的页面内容覆盖住c导航页的页面内容,如此,使得在a浏览器上显示的仍是a导航页的页面内容,从而解决了a浏览器上显示所述被劫持网页即c导航页的问题,缩短了处理时间,而且在处理过程中仍然可以使用a浏览器,提高了在处理被劫持a浏览器过程中a浏览器的使用率。For example, taking browser a as an example, when browser a recognizes that browser a has been hijacked, obtain the hijacked page loaded on browser a as navigation page c, and navigation page c is the hijacked webpage, and obtain The jump information corresponding to the c navigation page, if the information contained in the jump information jumps from the a navigation page to the c navigation page, according to the jump information, the parameter information of the a navigation page is obtained from the a navigation page domain name hao.axxx.cn, and then search for the keyword hao.axxx.cn from the page content of a large number of webpages stored in the tablet computer A with a browser installed, and find the folder named hao.axxx.cn , and then the data read from this folder is the page content of a navigation page, and then directly load the read page content of a navigation page on a browser, so that the page content of a navigation page covers c navigation The page content of page, like this, makes what show on a browser still be the page content of a navigation page, thereby solved the problem that shows described hijacked webpage namely c navigation page on a browser, has shortened processing time, and The a browser can still be used during the processing, which improves the utilization rate of the a browser in the process of processing the hijacked a browser.

本申请实施例中提供的一个或多个技术方案,至少具有如下技术效果或优点:One or more technical solutions provided in the embodiments of this application have at least the following technical effects or advantages:

根据本发明的一种处理被劫持浏览器的方法,通过本发明,首先识别浏览器是否被劫持,在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;在根据所述参数信息,从本地存储设备中获取与所述原始网页的页面内容并进行加载,以在所述浏览器中显示所述页面内容,如此,在识别出所述浏览器被劫持,可以直接从所述本地存储设备中获取所述原始网页的页面内容进行加载,使得浏览器能够立即显示所述原始网页的页面内容,缩短了处理时间,而且在处理过程中仍然可以使用浏览器,提高了在处理被劫持浏览器过程中浏览器的使用率。According to a method of processing a hijacked browser of the present invention, through the present invention, firstly, it is identified whether the browser is hijacked, and when the browser is identified as being hijacked, the hijacked web page corresponding to the hijacked webpage loaded on the browser is acquired The parameter information of the original webpage that has not been hijacked; according to the parameter information, the page content related to the original webpage is obtained from the local storage device and loaded, so as to display the page content in the browser, so , after identifying that the browser is hijacked, the page content of the original web page can be directly obtained from the local storage device for loading, so that the browser can immediately display the page content of the original web page, shortening the processing time, Moreover, the browser can still be used during the processing, which improves the utilization rate of the browser during the processing of the hijacked browser.

根据同一发明构思,本申请另一实施例提供一种处理浏览器被劫持的设备,参见图2,所述设备包括:According to the same inventive concept, another embodiment of the present application provides a device for handling browser hijacking, referring to FIG. 2 , the device includes:

识别单元201,用于识别浏览器是否被劫持;An identification unit 201, configured to identify whether the browser has been hijacked;

原始网页获取单元202,用于在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;The original web page obtaining unit 202 is configured to obtain parameter information of an original web page that is not hijacked corresponding to the hijacked web page loaded on the browser when it is recognized that the browser is hijacked;

页面内容获取单元203,用于根据所述原始网页的参数信息,从本地存储设备中获取与所述原始网页的页面内容;A page content obtaining unit 203, configured to obtain the page content of the original web page from a local storage device according to the parameter information of the original web page;

加载单元204,用于在所述浏览器中加载所述页面内容,以在所述浏览器中显示所述页面内容。The loading unit 204 is configured to load the page content in the browser, so as to display the page content in the browser.

其中,所述设备在识别所述浏览器被劫持时,可以通过三种方法来识别出所述浏览器是否被劫持,第一种识别方法,具体可以是获取网页访问请求及其对应的操作信息;再检测所述操作信息是否符合预设规则,所述预设规则包括所述浏览器允许的操作请求;在检测出所述操作信息不符合所述预设规则时,识别出所述浏览器已被劫持;在检测出所述操作信息符合所述预设规则时,识别出所述浏览器未被劫持。Wherein, when the device recognizes that the browser has been hijacked, it can identify whether the browser has been hijacked through three methods. The first identification method can specifically be to obtain a web page access request and its corresponding operation information ; Then detect whether the operation information conforms to the preset rules, the preset rules include the operation requests allowed by the browser; when it is detected that the operation information does not comply with the preset rules, identify the browser has been hijacked; when it is detected that the operation information conforms to the preset rule, it is identified that the browser is not hijacked.

具体来讲,第二种识别方法,具体可以是通过域名来识别所述浏览器是否被劫持,其具体实施步骤如下:所述设备获取导航页的网页访问请求,以及获取与所述网页访问请求对应的目标域名;判断所述目标域名是否与所述导航页的原始域名相一致;在判断出所述目标域名与所述原始域名一致时,则识别出所述浏览器未被劫持;在判断出所述目标域名与所述原始域名不一致时,则识别出所述浏览器已被劫持。Specifically, the second identification method may specifically identify whether the browser has been hijacked by using a domain name, and its specific implementation steps are as follows: Corresponding target domain name; judging whether the target domain name is consistent with the original domain name of the navigation page; when judging that the target domain name is consistent with the original domain name, then identifying that the browser has not been hijacked; judging When it is found that the target domain name is inconsistent with the original domain name, it is identified that the browser has been hijacked.

具体的,第三种识别方式,具体可以是通过快捷方式的命令行的参数设置信息来所述浏览器是否被劫持,其具体实施步骤如下:所述设备获取所述浏览器的快捷方式的命令行的参数设置信息;判断所述参数设置信息对应的设置方式是否与预设方式相一致;在判断出所述设置方式与所述预设方式不一致时,识别出所述浏览器已被劫持;在判断出所述设置方式与所述预设方式一致时,识别出所述浏览器未被劫持。Specifically, the third identification method may specifically be to determine whether the browser is hijacked through the parameter setting information of the command line of the shortcut, and its specific implementation steps are as follows: the device acquires the command of the shortcut of the browser row of parameter setting information; judging whether the setting method corresponding to the parameter setting information is consistent with the preset method; when it is determined that the setting method is inconsistent with the preset method, identifying that the browser has been hijacked; When it is determined that the setting mode is consistent with the preset mode, it is identified that the browser is not hijacked.

具体的,所述设备还包括:Specifically, the device also includes:

跳转信息获取单元205,用于获取所述被劫持网页对应的跳转信息;Jump information obtaining unit 205, configured to obtain the jump information corresponding to the hijacked webpage;

原始网页获取单元202,具体用于基于所述跳转信息,获取所述未被劫持的原始网页的参数信息。The original web page obtaining unit 202 is specifically configured to obtain the parameter information of the original web page that has not been hijacked based on the jump information.

具体的,所述本地存储设备包括安装所述浏览器的用户终端和与所述用户终端连接的本地服务器。Specifically, the local storage device includes a user terminal on which the browser is installed and a local server connected to the user terminal.

具体的,加载单元204,具体用于在所述浏览器中加载所述页面内容,并将所述页面内容覆盖所述被劫持网页的显示内容。Specifically, the loading unit 204 is specifically configured to load the page content in the browser, and cover the page content with the display content of the hijacked webpage.

具体的,加载单元204,具体用于在所述浏览器中加载所述页面内容,并将所述被劫持网页的显示内容替换为所述页面内容。Specifically, the loading unit 204 is specifically configured to load the page content in the browser, and replace the displayed content of the hijacked webpage with the page content.

上述本申请实施例中的技术方案,至少具有如下的技术效果或优点:The above-mentioned technical solutions in the embodiments of the present application have at least the following technical effects or advantages:

根据本发明的一种处理被劫持浏览器的设备,通过本发明,首先识别浏览器是否被劫持,在识别出所述浏览器被劫持时,获取加载在所述浏览器上的被劫持网页对应的未被劫持的原始网页的参数信息;在根据所述参数信息,从本地存储设备中获取与所述原始网页的页面内容并进行加载,以在所述浏览器中显示所述页面内容,如此,在识别出所述浏览器被劫持,可以直接从所述本地存储设备中获取所述原始网页的页面内容进行加载,使得浏览器能够立即显示所述原始网页的页面内容,缩短了处理时间,而且在处理过程中仍然可以使用浏览器,提高了在处理被劫持浏览器过程中浏览器的使用率。According to a device for processing a hijacked browser according to the present invention, through the present invention, firstly, it is identified whether the browser is hijacked, and when the browser is identified as being hijacked, the hijacked web page corresponding to the hijacked webpage loaded on the browser is obtained. The parameter information of the original webpage that has not been hijacked; according to the parameter information, the page content related to the original webpage is obtained from the local storage device and loaded, so as to display the page content in the browser, so , after identifying that the browser is hijacked, the page content of the original web page can be directly obtained from the local storage device for loading, so that the browser can immediately display the page content of the original web page, shortening the processing time, Moreover, the browser can still be used during the processing, which improves the utilization rate of the browser during the processing of the hijacked browser.

本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.

尽管已描述了本发明的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明范围的所有变更和修改。While preferred embodiments of the invention have been described, additional changes and modifications to these embodiments can be made by those skilled in the art once the basic inventive concept is appreciated. Therefore, it is intended that the appended claims be construed to cover the preferred embodiment as well as all changes and modifications which fall within the scope of the invention.

显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. Thus, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalent technologies, the present invention also intends to include these modifications and variations.

Claims (10)

1. process the method that browser is held as a hostage, it is characterized in that, comprising:
Identify whether browser is held as a hostage;
When identifying described browser and being held as a hostage, obtain the parameter information of the original web page of not being held as a hostage corresponding to the webpage of being held as a hostage be carried on described browser;
According to the parameter information of described original web page, from local memory device, obtain the content of pages with described original web page;
Described content of pages is loaded, to show described content of pages in described browser in described browser.
2. the method for claim 1, is characterized in that, described acquisition is carried in the parameter information of the original web page of not being held as a hostage corresponding to webpage of being held as a hostage on described browser, and specifically comprises:
The jump information that webpage of being held as a hostage described in acquisition is corresponding;
Based on described jump information, obtain the parameter information of described original web page.
3. method as claimed in claim 2, it is characterized in that, described local memory device comprises the user terminal installing described browser and the home server be connected with described user terminal.
4. the method as described in any one of claims 1 to 3, is characterized in that, describedly in described browser, loads described content of pages, specifically comprises:
Described content of pages is loaded, the displaying contents of webpage of being held as a hostage described in being covered by described content of pages in described browser.
5. the method as described in any one of claims 1 to 3, is characterized in that, describedly in described browser, loads described content of pages, specifically comprises:
In described browser, load described content of pages, the displaying contents of described webpage of being held as a hostage is replaced with described content of pages.
6. process the equipment that browser is held as a hostage, it is characterized in that, described equipment comprises:
Recognition unit, for identifying whether browser is held as a hostage;
Original web page acquiring unit, for when identifying described browser and being held as a hostage, obtains the parameter information of the original web page of not being held as a hostage corresponding to the webpage of being held as a hostage be carried on described browser;
Content of pages acquiring unit, for the parameter information according to described original web page, obtains the content of pages with described original web page from local memory device;
Loading unit, for loading described content of pages in described browser, to show described content of pages in described browser.
7. equipment as claimed in claim 6, it is characterized in that, described equipment also comprises:
Jump information acquiring unit, for the jump information that webpage of being held as a hostage described in obtaining is corresponding;
Described original web page acquiring unit, specifically for based on described jump information, the parameter information of the original web page of not being held as a hostage described in acquisition.
8. equipment as claimed in claim 6, it is characterized in that, described local memory device comprises the user terminal installing described browser and the home server be connected with described user terminal.
9. the equipment as described in any one of claim 6 ~ 8, is characterized in that, described loading unit, specifically for loading described content of pages in described browser, and the displaying contents of webpage of being held as a hostage described in described content of pages is covered.
10. the equipment as described in any one of claim 6 ~ 8, is characterized in that, described loading unit, specifically for loading described content of pages in described browser, and the displaying contents of described webpage of being held as a hostage is replaced with described content of pages.
CN201510640727.0A 2015-09-30 2015-09-30 A method and device for processing a hijacked browser Active CN105243134B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510640727.0A CN105243134B (en) 2015-09-30 2015-09-30 A method and device for processing a hijacked browser
PCT/CN2016/100574 WO2017054731A1 (en) 2015-09-30 2016-09-28 Method and device for processing hijacked browser

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510640727.0A CN105243134B (en) 2015-09-30 2015-09-30 A method and device for processing a hijacked browser

Publications (2)

Publication Number Publication Date
CN105243134A true CN105243134A (en) 2016-01-13
CN105243134B CN105243134B (en) 2019-07-16

Family

ID=55040782

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510640727.0A Active CN105243134B (en) 2015-09-30 2015-09-30 A method and device for processing a hijacked browser

Country Status (1)

Country Link
CN (1) CN105243134B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106304087A (en) * 2016-08-20 2017-01-04 北京云艾科技有限公司 A kind of anti-wifi kidnaps method and apparatus
WO2017054716A1 (en) * 2015-09-30 2017-04-06 北京奇虎科技有限公司 Method for recognizing hijacked browser and browser
WO2017054731A1 (en) * 2015-09-30 2017-04-06 北京奇虎科技有限公司 Method and device for processing hijacked browser

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120180129A1 (en) * 2007-06-20 2012-07-12 Amichai Shulman System and method for preventing web frauds committed using client-scripting attacks
CN102594934A (en) * 2011-12-30 2012-07-18 奇智软件(北京)有限公司 Method and device for identifying hijacked website
CN103336693A (en) * 2013-07-04 2013-10-02 北京奇虎科技有限公司 Method and device for establishing refer chain and security detection device
CN103368957A (en) * 2013-07-04 2013-10-23 北京奇虎科技有限公司 Method, system, client and server for processing webpage access behavior
CN103581321A (en) * 2013-11-06 2014-02-12 北京奇虎科技有限公司 Creation method and device for refer link, safety detecting method and client side
CN103699840A (en) * 2013-12-12 2014-04-02 北京奇虎科技有限公司 Method and device for detecting page jacking
CN104125121A (en) * 2014-08-15 2014-10-29 携程计算机技术(上海)有限公司 Network hijacking behavior detecting system and method
CN104462571A (en) * 2014-12-26 2015-03-25 北京奇虎科技有限公司 Webpage loading method and device and browser client-side
CN104486140A (en) * 2014-11-28 2015-04-01 华北电力大学 Device and method for detecting hijacking of web page
CN104679747A (en) * 2013-11-26 2015-06-03 腾讯科技(深圳)有限公司 Detection device and method for website redirection

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120180129A1 (en) * 2007-06-20 2012-07-12 Amichai Shulman System and method for preventing web frauds committed using client-scripting attacks
CN102594934A (en) * 2011-12-30 2012-07-18 奇智软件(北京)有限公司 Method and device for identifying hijacked website
CN103336693A (en) * 2013-07-04 2013-10-02 北京奇虎科技有限公司 Method and device for establishing refer chain and security detection device
CN103368957A (en) * 2013-07-04 2013-10-23 北京奇虎科技有限公司 Method, system, client and server for processing webpage access behavior
CN103581321A (en) * 2013-11-06 2014-02-12 北京奇虎科技有限公司 Creation method and device for refer link, safety detecting method and client side
CN104679747A (en) * 2013-11-26 2015-06-03 腾讯科技(深圳)有限公司 Detection device and method for website redirection
CN103699840A (en) * 2013-12-12 2014-04-02 北京奇虎科技有限公司 Method and device for detecting page jacking
CN104125121A (en) * 2014-08-15 2014-10-29 携程计算机技术(上海)有限公司 Network hijacking behavior detecting system and method
CN104486140A (en) * 2014-11-28 2015-04-01 华北电力大学 Device and method for detecting hijacking of web page
CN104462571A (en) * 2014-12-26 2015-03-25 北京奇虎科技有限公司 Webpage loading method and device and browser client-side

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017054716A1 (en) * 2015-09-30 2017-04-06 北京奇虎科技有限公司 Method for recognizing hijacked browser and browser
WO2017054731A1 (en) * 2015-09-30 2017-04-06 北京奇虎科技有限公司 Method and device for processing hijacked browser
CN106304087A (en) * 2016-08-20 2017-01-04 北京云艾科技有限公司 A kind of anti-wifi kidnaps method and apparatus
CN106304087B (en) * 2016-08-20 2020-01-17 北京海云好物科技有限公司 Anti-wifi hijacking method and device

Also Published As

Publication number Publication date
CN105243134B (en) 2019-07-16

Similar Documents

Publication Publication Date Title
KR102006396B1 (en) Identifying matching applications based on browsing activity
US10733259B2 (en) Web page access method and apparatus
CN106980700B (en) Method and browser for web search on browser side
TWI671677B (en) Interactive processing method and device
CN107133165B (en) Browser compatibility detection method and device
WO2016177341A1 (en) Interface calling method and device, and terminal
CN105868290B (en) Method and device for displaying search results
CN106033450B (en) Advertisement blocking method and device and browser
JP2018518726A (en) Information retrieval navigation method and apparatus
CN104462437A (en) Recognizing and searching method and recognizing and searching system based on repeated touch operations of interface of terminal
CN105160246A (en) Method for identifying hijacked browser and browser
CN107679214B (en) Link positioning method, device, terminal and computer readable storage medium
CN106569860A (en) Application management method and terminal
CN105354490B (en) A method and device for processing a hijacked browser
CN104484386A (en) Information sharing method and browser client
US20160328110A1 (en) Method, system, equipment and device for identifying image based on image
CN105243134B (en) A method and device for processing a hijacked browser
WO2017054716A1 (en) Method for recognizing hijacked browser and browser
WO2017054731A1 (en) Method and device for processing hijacked browser
CN102436509A (en) Method and system for browsing web page at mobile terminal
CN105224653B (en) Processing method and processing equipment when a kind of browser is held as a hostage
CN105205393A (en) Method and equipment for processing hijacked browser
CN111538453A (en) Book detail page display method, terminal and computer storage medium
CN105160247A (en) Method for identifying hijacked browser
CN108632366B (en) File downloading method and device and terminal equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220714

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.