Ejemplo n.º 1
0
        private void LoadSettings()
        {
            config = config.Load();
            // General Settings
            cbenablegatekeeper.Checked   = config.EnableGateKeeper;
            cbdenyemptyuseragent.Checked = config.DenyEmptyUserAgent;
            txtaccessdeniedmessage.Text  = config.AccessDeniedMessage;
            cbdisplaycontactform.Checked = config.DisplayContactForm;
            txtcontactformurl.Text       = config.ContactFormUrl;


            // Hotlink Settings
            cbblockhotlinking.Checked         = config.BlockHotLinking;
            cbdisplayhotlinkdenyimage.Checked = config.DisplayHotLinkDenyImage;
            txthotlinkallowedsites.Text       = config.HotLinkAllowedSites;
            txthotlinkexpression.Text         = config.HotLinkExpression;
            txthotlinkdenyimage.Text          = config.HotLinkDenyImage;

            // HoneyPot Settings
            cbenablehoneypot.Checked = config.EnableHoneyPot;
            txthoneypotpath.Text     = config.HoneyPotPath;
            cbpermanantlydenyhoneypotviolator.Checked = config.PersistHoneyPotDeny;
            cbnotifyadmin.Checked           = config.NotifyAdmin;
            cbenablehoneypotlogging.Checked = config.EnableHoneyPotLogging;
            cbenablehoneypotstats.Checked   = config.EnableHoneyPotStats;
            txthoneypotstatspath.Text       = config.HoneyPotStatsPath;

            // HttpBL Settings
            cbenablehttpbl.Checked        = config.EnableHttpBL;
            cbdenyhttpblsuspect.Checked   = config.DenyHttpBLSuspect;
            cbenablehttpbllogging.Checked = config.EnableHttpBLLogging;
            cbhttpblpostonly.Checked      = config.HttpBLPostOnly;
            txthttpblkeycode.Text         = config.HttpBLKeyCode;
            txthttpbltimeout.Text         = config.HttpBLTimeout.ToString();
            txtthreatscorethreshold.Text  = config.ThreatScoreThreshold.ToString();

            // Email Settings
            txtadminemailaddress.Text        = config.SmtpEmailAddress;
            txtsmtpservername.Text           = config.SmtpServerName;
            txtsmtpportnumber.Text           = config.SmtpServerPort.ToString();
            txtsmtpusername.Text             = config.SmtpUserName;
            cbstorepasswordencrypted.Checked = config.StorePasswordEncrypted;
            txtsmtppassword.Text             = config.StorePasswordEncrypted ? Encryption.Decrypt(config.SmtpPassword) : config.SmtpPassword;
            cbsmtpenablessl.Checked          = config.SmtpEnableSSL;
            txtsmtpmessagesubject.Text       = config.SmtpMessageSubject;
            txtsmtpmessagebody.Text          = config.SmtpMessageBody;
        }
Ejemplo n.º 2
0
        private void ProcessRequest(Object sender, EventArgs e)
        {
            //SemanticModule module = new SemanticModule();
            application = sender as HttpApplication;
            HttpContext context = application.Context;

            Uri url = WebSiteControllerModule.GetFullUrl(application.Context);

            if (url == null || url.AbsoluteUri.EndsWith("null"))
            {
                return;
            }

            /*
             * else
             * {
             *  if (url.DnsSafeHost == "clubcloud.kampong.nl")
             *  {
             *      System.UriBuilder builder = new UriBuilder(url);
             *      builder.Host = "kampong.clubcloud.nl";
             *      string newurl = builder.ToString();
             *
             *      try
             *      {
             *          context.RewritePath(builder.ToString());
             *      }
             *      catch(Exception ex)
             *      {
             *          ex.ToString();
             *          //context.Response.Redirect(builder.ToString());
             *      }
             *
             *  }
             * }
             */

            GateKeeperSettings gatekeeper = new GateKeeperSettings();

            gatekeeper = gatekeeper.Load();

            if (url.OriginalString.ToLower().Contains(gatekeeper.HoneyPotPath.ToLower()) && !string.IsNullOrEmpty(gatekeeper.HoneyPotPath))
            {
                return;
            }


            if (url.OriginalString.ToLower().Contains("_layouts") || url.OriginalString.ToLower().Contains("_login") || url.OriginalString.ToLower().Contains("_vti_bin") || url.OriginalString.ToLower().Contains("_catalogs") || url.OriginalString.ToLower().Contains("_windows") || url.OriginalString.ToLower().Contains("_forms") || url.OriginalString.ToLower().Contains("_trust"))
            {
                return;
            }


            try
            {
                bool handled = false;

                #region Controlled
                bool isControlled = false;

                using (SPSite site = new SPSite(url.OriginalString))
                {
                    CheckUrlOnZones(site, url, out url, out isControlled);
                }

                if (isControlled)
                {
                    using (SPSite site = new SPSite(url.OriginalString))
                    {
                        System.Collections.Generic.List <WebSiteControllerRule> rules = WebSiteControllerConfig.GetRulesForPage(site.WebApplication, url, this.RuleType);
                        WebSiteControllerRule rule = null;

                        foreach (WebSiteControllerRule arule in rules)
                        {
                            if (arule.RuleType == this.RuleType && arule.Properties.ContainsKey("OriginalUrl"))
                            {
                                if (arule.Url.ToLower() == url.ToString().ToLower() && !arule.IsDisabled)
                                {
                                    rule = arule;
                                    break;
                                }
                            }
                        }

                        if (rule != null)
                        {
                            //WebSiteControllerRule rule = rules[rules.Count - 1];
                            string OriginalUrl = rule.Properties["OriginalUrl"].ToString();

                            string httpsAdjustedUrl = rule.Url;
                            if (url.ToString().StartsWith("https:", StringComparison.InvariantCultureIgnoreCase))
                            {
                                httpsAdjustedUrl = httpsAdjustedUrl.Replace("http", "https");
                            }

                            Match match = new Regex(httpsAdjustedUrl).Match(url.ToString());
                            if (match.Groups.Count > 1)
                            {
                                string[] matches = new string[match.Groups.Count - 1];
                                for (int i = 1; i < match.Groups.Count; i++)
                                {
                                    matches[i - 1] = match.Groups[i].Value;
                                }

                                OriginalUrl = String.Format(OriginalUrl, matches);
                            }


                            if (OriginalUrl.IndexOf(".aspx") >= 1)
                            {
                                if (CheckIfExists(OriginalUrl, url))
                                {
                                    application.Context.RewritePath("~/" + welcomepage);
                                }
                                else
                                {
                                    application.Server.ClearError();
                                    application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                                    throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                                }
                            }

                            //application.Context.RewritePath("~/" + OriginalUrl);
                            handled = true;
                        }
                        else
                        {
                            handled = false;
                        }
                    }
                }

                #endregion

                if (!handled)
                {
                    if (!application.Context.Request.Url.LocalPath.Contains("."))
                    {
                        //if (url.LocalPath.IndexOf(".aspx") >= 1)
                        //{
                        if (CheckIfExists(url.AbsolutePath, url))
                        {
                            if (islist)
                            {
                                //SPBasePermissions locked = (SPBasePermissions.ViewListItems | SPBasePermissions.Open | SPBasePermissions.ViewPages | SPBasePermissions.UseClientIntegration);
                                //SPBasePermissions permission = site.OpenWeb().AnonymousPermMask64;

                                //if ((locked != permission) || context.User.Identity.IsAuthenticated)
                                //{
                                application.Context.Response.Redirect("~/" + welcomepage, false);
                                //}
                                //else
                                //{
                                //    application.Server.ClearError();
                                //    application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                                //    throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                                //}
                            }
                            else
                            {
                                if (isweb)
                                {
                                    try
                                    {
                                        //application.Context.RewritePath("~/" + site.RootWeb.RootFolder.WelcomePage);

                                        //SPWeb cweb = SPContext.Current.Web;
                                        //SPFolder croot = cweb.RootFolder;
                                        //string cwelcome = croot.WelcomePage;
                                        //SPSecurity.RunWithElevatedPrivileges(delegate()
                                        //{
                                        using (SPSite site = new SPSite(url.OriginalString))
                                        {
                                            using (SPWeb web = site.OpenWeb())
                                            {
                                                SPFolder root        = web.RootFolder;
                                                string   welcomepage = string.Empty;
                                                if (root.Exists)
                                                {
                                                    welcomepage = root.WelcomePage;
                                                }
                                                else
                                                {
                                                    welcomepage = web.RootFolder.WelcomePage;
                                                }
                                                if (issubcollection)
                                                {
                                                    welcomepage = SPUtility.ConcatUrls(web.ServerRelativeUrl, welcomepage);
                                                }
                                                application.Context.RewritePath("~/" + welcomepage);
                                            }
                                        }
                                        //});
                                    }
                                    catch (Exception ex)
                                    {
                                        SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
                                        application.Context.RewritePath("~/" + welcomepage);
                                    }
                                }
                                else
                                {
                                    application.Context.RewritePath("~/" + welcomepage);
                                }
                            }
                        }
                        else
                        {
                            //TODO Catch SharePoint Designer requests.
                            if (SPContext.Current == null)
                            {
                                string useragent = application.Request.UserAgent;
                                if (useragent == "Microsoft Office Protocol Discovery")
                                {
                                    return;
                                }

                                application.Server.ClearError();
                                application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                                throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                                //return;
                            }
                            else
                            {
                                application.Server.ClearError();
                                application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                                throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                            }
                        }
                        //}
                    }
                    else
                    {
                        if (url.LocalPath.IndexOf(".aspx") >= 1)
                        {
                            if (!CheckIfExists(url.AbsolutePath, url))
                            {
                                application.Server.ClearError();
                                application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                                throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                            }
                            else
                            {
                                if ((url.AbsolutePath != welcomepage) && (url.AbsolutePath != "/" + welcomepage))
                                {
                                    application.Context.RewritePath("~/" + welcomepage, true);
                                }
                            }
                        }

                        /*
                         * else
                         * {
                         *  if (url.IsFile)
                         *  {
                         *      application.Server.ClearError();
                         *      application.Response.StatusCode = (int)HttpStatusCode.NotFound;
                         *      throw (new HttpException((int)HttpStatusCode.NotFound, ""));
                         *  }
                         * }
                         */
                    }
                }
            }

            catch (HttpException)
            {
                throw;
            }
            catch (Exception ex)
            {
                SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
                application.Server.ClearError();
                application.Response.StatusCode = (int)HttpStatusCode.BadRequest;
                WebSiteControllerRule rule = WebSiteControllerConfig.GetRule("ErrorCode", "400");
                string page = rule.Properties["ErrorPage"].ToString();
                context.Response.Redirect("/" + page + "?aspxerrorpath=" + url, false);
            }
            finally
            {
            }
            //HttpContext context = application.Context;

            if (((context != null) && (context.Request != null)) && ((context.Request.Browser != null) && (context.Request.Browser.Adapters != null)))
            {
                string fullName = typeof(HtmlForm).FullName;

                if (!context.Request.Browser.Adapters.Contains(fullName))
                {
                    context.Request.Browser.Adapters[fullName] = typeof(WebSiteAdapter).AssemblyQualifiedName;
                }

                /*
                 * fullName = typeof(Page).FullName;
                 * if (!context.Request.Browser.Adapters.Contains(fullName))
                 * {
                 *  context.Request.Browser.Adapters[fullName] = typeof(WebSitePage).AssemblyQualifiedName;
                 * }
                 */
            }
        }