The Active Server Page technology provides an intuitive, fast, and efficient script-based application development method for application developers, greatly improving the development effect. However, because ASP scripts are written in plain text, the ASP applications developed by application developersProgramOnce released to the running environment, it is difficult to ensure thatSource code"Will not be circulated. In this way, how can we effectively protect the developed ASP script source?Code. ASP Operating Mechanism ASP scripts are compiled by a series of specific syntaxes (currently VBScript and JScript are supported, A file in the text format composed of scripts mixed with standard HTML pages. When an end user of the client accesses an ASP-based application through the Internet using a Web browser, the Web browser sends an HTTP request to the web server. After the Web server analyzes and determines that the request is an ASP script application, it automatically calls the ASP script interpretation engine (Asp. dll) through the ISAPI ). ASP. dll obtains the specified ASP script file from the file system or internal buffer, performs syntax analysis and interpretation. The final processing result will form HTML content and be returned to the Web browser through the "original path" of the Web server. The web browser will present the final result on the client. This completes a complete ASP script call. Several Organic ASP script calls constitute a complete ASP script application. Official encryption program: Download sce10chs.exe from Microsoft for free and directly run it to complete the installation process. After installation, the screnc.exe file will be generated, which is a command tool running on DOS promapt. Run screnc-l VBScript source. ASP destination. ASP generates a new file named destination that contains the ciphertext ASP script. ASP opens with notepad to see all the "" in, whether or not the annotation, all become unreadable ciphertext, but cannot encrypt Chinese. Several ASP source code protection methods: 1. "minimal script" means that only as few source code as possible is written in the ASP file, and the script part for commercial logic is encapsulated into a COM/DCOM component, create the component in the ASP script and call the corresponding method (methed. Application developers can develop ASP script applications based on this idea before developing them, or directly use ASP script to quickly develop a prototype system, the COM/DCOM component is used to re-develop, implement, and replace important scripts that require protection and encryption. 2. "script encryption" means that ASP scripts are still directly developed in source code mode. However, before being released to the running environment, you only need to publish the encrypted ciphertext script. That is, the process of adding ciphertext restoration to the ASP. dll read script. There are two ways to implement this approach: one is to develop an ISAPI's IIS Filter block, in ASP. hooks are used to read ASP script files, so that the ciphertext read by the file system can be restored to ASP. dll can be interpreted in plain text; method 2 and 9 are directly composed of ASP. DLL supports encryption of ASP scripts. Microsoft provides support for the MS script encode technology in the latest version of VBScript. dll jscript. dll. In this way, both the client's VBScript JScript (including the wsh script) and the server's VBScript JScript (that is, ASP script) can support encryption. |
|
