谷歌如何加密/混淆http响应以使其几乎无法用肉眼读取？

发布于 2024-11-14 23:01:30 字数 1229 浏览 1 评论 0原文

对于任何特定的搜索，谷歌即时 ajax 返回此：

{
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 1, 
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhp\x26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "[\x22que\x22,[[\x22que\x22,0,\x220\x22],[\x22que\\u003Cb\\u003E es el amor\\u003C\\/b\\u003E\x22,0,\x221\x22],[\x22que\\u003Cb\\u003Epasa\\u003C\\/b\\u003E\x22,0,\x222\x22],[\x22que\\u003Cb\\u003E me dices\\u003C\\/b\\u003E\x22,0,\x223\x22],[\x22que\\u003Cb\\u003E significa mi nombre\\u003C\\/b\\u003E\x22,0,\x224\x22]],{}]"
} 
{
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 0,
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhpx26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "" 
}

并通过此响应，页面刷新结果。谷歌使用什么样的方法来完成这种级别的加密/混淆（我不确定在这种情况下使用哪个术语）

原文

For any particular search google instant ajax return this:

{
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 1, 
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhp\x26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "[\x22que\x22,[[\x22que\x22,0,\x220\x22],[\x22que\\u003Cb\\u003E es el amor\\u003C\\/b\\u003E\x22,0,\x221\x22],[\x22que\\u003Cb\\u003Epasa\\u003C\\/b\\u003E\x22,0,\x222\x22],[\x22que\\u003Cb\\u003E me dices\\u003C\\/b\\u003E\x22,0,\x223\x22],[\x22que\\u003Cb\\u003E significa mi nombre\\u003C\\/b\\u003E\x22,0,\x224\x22]],{}]"
} 
{
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 0,
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhpx26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "" 
}

And with this response the page refresh the results. what kind of method google uses to accomplish this level of encrypt/obfuscate (Im not sure which term to use in this case)

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

这样的小城市 2024-11-21 23:01:30

这并没有什么令人困惑的。它只是经过编码，以便可以在 JavaScript 字符串中传输而不会破坏它。

在 JavaScript 字符串中，您可以使用转义序列来表示字符：\xFF 编码 ISO-8859-1 字符，\uFFFF 编码Unicode 字符。例如\x3d是等号=，\u003C 是小于号 < （在内部，所有 JavaScript 字符串都是 Unicode）。

这里有两个对象文字，可用于创建实际对象。尝试使用 JavaScript 控制台。

var test = {
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 1, 
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhp\x26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "[\x22que\x22,[[\x22que\x22,0,\x220\x22],[\x22que\\u003Cb\\u003E es el amor\\u003C\\/b\\u003E\x22,0,\x221\x22],[\x22que\\u003Cb\\u003Epasa\\u003C\\/b\\u003E\x22,0,\x222\x22],[\x22que\\u003Cb\\u003E me dices\\u003C\\/b\\u003E\x22,0,\x223\x22],[\x22que\\u003Cb\\u003E significa mi nombre\\u003C\\/b\\u003E\x22,0,\x224\x22]],{}]"
};

console.dir(test);

收益率（在 Google Chrome 中）

Object
    c: 1
    d: "["que",[["que",0,"0"],["que\u003Cb\u003E es el amor\u003C\/b\u003E",0,"1"],["que\u003Cb\u003Epasa\u003C\/b\u003E",0,"2"],["que\u003Cb\u003E me dices\u003C\/b\u003E",0,"3"],["que\u003Cb\u003E significa mi nombre\u003C\/b\u003E",0,"4"]],{}]"
    e: "tGj0TZ-XLaXh0QGyw7nuDA"
    u: "http://www.google.com/s?hl=es&xhr=t&q=que&cp=3&pf=p&sclient=psy&source=hp&aq=&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=aee70eb115de80e6&biw=1440&bih=653&tch=1&ech=4&psi=WWb0TYasBu_q0QGW5IjmAg.1307862617656.1"
    __proto__: Object

您可以继续：

console.dir( eval(test.d) );

There is nothing obfuscated about this. It is merely encoded so it can be transported in a JavaScript string without breaking it.

In JavaScript strings you can use escape sequences to represent characters: \xFF to encode a ISO-8859-1 character and \uFFFF to encode a Unicode character. For example \x3d is the equals sign =, \u003C is the less-than symbol < (internally, all JavaScript strings are Unicode).

You have two objects literals here which can be used to create actual objects. Try on the JavaScript console.

var test = {
    e: "tGj0TZ-XLaXh0QGyw7nuDA",
    c: 1, 
    u: "http://www.google.com/s?hl\x3des\x26xhr\x3dt\x26q\x3dque\x26cp\x3d3\x26pf\x3dp\x26sclient\x3dpsy\x26source\x3dhp\x26aq\x3d\x26aqi\x3d\x26aql\x3d\x26oq\x3d\x26pbx\x3d1\x26bav\x3don.2,or.r_gc.r_pw.\x26fp\x3daee70eb115de80e6\x26biw\x3d1440\x26bih\x3d653\x26tch\x3d1\x26ech\x3d4\x26psi\x3dWWb0TYasBu_q0QGW5IjmAg.1307862617656.1",
    d: "[\x22que\x22,[[\x22que\x22,0,\x220\x22],[\x22que\\u003Cb\\u003E es el amor\\u003C\\/b\\u003E\x22,0,\x221\x22],[\x22que\\u003Cb\\u003Epasa\\u003C\\/b\\u003E\x22,0,\x222\x22],[\x22que\\u003Cb\\u003E me dices\\u003C\\/b\\u003E\x22,0,\x223\x22],[\x22que\\u003Cb\\u003E significa mi nombre\\u003C\\/b\\u003E\x22,0,\x224\x22]],{}]"
};

console.dir(test);

yields (in Google Chrome)

Object
    c: 1
    d: "["que",[["que",0,"0"],["que\u003Cb\u003E es el amor\u003C\/b\u003E",0,"1"],["que\u003Cb\u003Epasa\u003C\/b\u003E",0,"2"],["que\u003Cb\u003E me dices\u003C\/b\u003E",0,"3"],["que\u003Cb\u003E significa mi nombre\u003C\/b\u003E",0,"4"]],{}]"
    e: "tGj0TZ-XLaXh0QGyw7nuDA"
    u: "http://www.google.com/s?hl=es&xhr=t&q=que&cp=3&pf=p&sclient=psy&source=hp&aq=&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=aee70eb115de80e6&biw=1440&bih=653&tch=1&ech=4&psi=WWb0TYasBu_q0QGW5IjmAg.1307862617656.1"
    __proto__: Object

You could go on: