private static bool IsRequestWithCanary(HttpRequest request, OwaRequestType requestType, bool isAuthenticated) { if (!isAuthenticated) { return(false); } if (requestType != OwaRequestType.EsoRequest) { switch (requestType) { case OwaRequestType.ProxyPing: case OwaRequestType.KeepAlive: case OwaRequestType.Resource: case OwaRequestType.PublishedCalendarView: case OwaRequestType.ICalHttpHandler: case OwaRequestType.HealthPing: case OwaRequestType.SpeechReco: return(false); } if (string.Compare(request.Path, OwaUrl.Default14Page.ImplicitUrl, true, CultureInfo.InvariantCulture) == 0) { return(false); } if (string.CompareOrdinal(request.HttpMethod, "POST") == 0) { return(string.Compare(request.Path, OwaUrl.SessionDataPage.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && string.Compare(request.Path, OwaUrl.PreloadSessionDataPage.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && string.Compare(request.Path, OwaUrl.PLT1Page.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && !UrlUtilities.IsRemoteNotificationRequest(request)); } return(string.CompareOrdinal(request.HttpMethod, "GET") != 0 || requestType == OwaRequestType.Oeh || (requestType == OwaRequestType.ServiceRequest && OwaRequestHandler.IsGetRequestWithCanary(request))); } return(false); }
private static void SetTimeoutForRequest(HttpContext httpContext, OwaRequestType requestType) { if (requestType == OwaRequestType.ServiceRequest && (httpContext.Request.QueryString["action"] == "CreateAttachment" || httpContext.Request.QueryString["action"] == "CreateAttachmentFromLocalFile" || httpContext.Request.Path.EndsWith("CreateAttachmentFromForm"))) { httpContext.Server.ScriptTimeout = RequestDispatcher.AttachmentTimeout; ExTraceGlobals.CoreCallTracer.TraceDebug <int>(0L, "[RequestDispatcher::SetTimeoutForRequest] Request timeout is going to be {0}.", httpContext.Server.ScriptTimeout); } }
// Token: 0x06000FDF RID: 4063 RVA: 0x00063078 File Offset: 0x00061278 private bool ShouldInterceptRequest(HttpContext httpContext, bool avoidUserContextAccess = false) { if (Globals.OwaVDirType == OWAVDirType.Calendar) { return(true); } if (RequestDispatcherUtilities.IsPremiumRequest(httpContext.Request)) { return(false); } OwaRequestType requestType = Utilities.GetRequestType(httpContext.Request); return(requestType == OwaRequestType.LanguagePage || requestType == OwaRequestType.Attachment || requestType == OwaRequestType.WebReadyRequest || RequestDispatcherUtilities.IsDownLevelClient(httpContext, avoidUserContextAccess)); }
private static void InternalOnPostAuthorizeRequest(object sender) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] entry."); RequestDetailsLogger getRequestDetailsLogger = OwaApplication.GetRequestDetailsLogger; SubActivityScopeLogger subActivityScopeLogger = SubActivityScopeLogger.Create(getRequestDetailsLogger, OwaServerLogger.LoggerData.OnPostAuthorizeRequestLatencyDetails); HttpApplication httpApplication = (HttpApplication)sender; HttpContext context = httpApplication.Context; if (!context.Request.IsAuthenticated && (context.Request.Url.LocalPath.EndsWith("service.svc", StringComparison.OrdinalIgnoreCase) || context.Request.Url.LocalPath.EndsWith("Speech.reco", StringComparison.OrdinalIgnoreCase))) { ExTraceGlobals.CoreCallTracer.TraceDebug <string>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] unauthorized request. Request URL={0}.", context.Request.Url.OriginalString); context.Response.StatusCode = 401; httpApplication.CompleteRequest(); return; } RequestContext requestContext = RequestContext.Get(httpApplication.Context); subActivityScopeLogger.LogNext("a"); RequestDispatcher.DispatchRequest(requestContext); subActivityScopeLogger.LogNext("b"); OwaRequestType requestType = requestContext.RequestType; RequestDispatcherUtilities.SetXFrameOptionsHeader(RequestContext.Current, requestType); subActivityScopeLogger.LogNext("c"); if (context.User != null && context.User.Identity != null) { if (context.User.Identity is ClientSecurityContextIdentity) { IMailboxContext mailboxContext = UserContextManager.GetMailboxContext(context, null, false); subActivityScopeLogger.LogNext("d"); if (OwaRequestHandler.IsProxyLogonRequest(requestType)) { ExTraceGlobals.CoreCallTracer.TraceDebug <OwaRequestType>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] proxy logon request. RequestType={0}", requestType); return; } RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationBegin); bool flag = OwaRequestHandler.IsRequestWithCanary(context.Request, requestType, context.Request.IsAuthenticated); bool flag2 = OwaRequestHandler.IsAfterLogonRequest(context.Request); string originalIdentitySid = OwaRequestHandler.GetOriginalIdentitySid(context); CanaryLogEvent.CanaryStatus canaryStatus = CanaryLogEvent.CanaryStatus.None; bool flag3 = !flag || flag2; if (!flag3) { Canary15Cookie.CanaryValidationResult canaryValidationResult; flag3 = Canary15Cookie.ValidateCanaryInHeaders(context, originalIdentitySid, Canary15Profile.Owa, out canaryValidationResult); canaryStatus |= (CanaryLogEvent.CanaryStatus)canaryValidationResult; } OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag, CanaryLogEvent.CanaryStatus.IsCanaryNeeded); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag3, CanaryLogEvent.CanaryStatus.IsCanaryValid); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag2, CanaryLogEvent.CanaryStatus.IsCanaryAfterLogonRequest); Canary15Cookie canary15Cookie = Canary15Cookie.TryCreateFromHttpContext(context, originalIdentitySid, Canary15Profile.Owa); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsAboutToExpire, CanaryLogEvent.CanaryStatus.IsCanaryAboutToExpire); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsRenewed, CanaryLogEvent.CanaryStatus.IsCanaryRenewed); subActivityScopeLogger.LogNext("e"); bool flag4 = flag || canary15Cookie.IsAboutToExpire; if (flag4) { canary15Cookie = new Canary15Cookie(originalIdentitySid, Canary15Profile.Owa); } if (canary15Cookie.IsRenewed || flag4) { context.Response.SetCookie(canary15Cookie.HttpCookie); CanaryLogEvent logEvent = new CanaryLogEvent(context, mailboxContext, canaryStatus, canary15Cookie.CreationTime, canary15Cookie.LogData); OwaServerLogger.AppendToLog(logEvent); subActivityScopeLogger.LogNext("f"); } if (flag3) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryCreationTime, canary15Cookie.CreationTime); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryLogData, canary15Cookie.LogData); subActivityScopeLogger.LogNext("g"); } else { if (RequestDispatcherUtilities.IsDownLevelClient(context, false)) { throw new OwaCanaryException(Canary15Profile.Owa.Name, canary15Cookie.Value); } context.Response.StatusCode = 449; context.Response.End(); } RequestDetailsLoggerBase <RequestDetailsLogger> requestDetailsLogger = getRequestDetailsLogger; Enum key = OwaServerLogger.LoggerData.CanaryStatus; int num = (int)canaryStatus; RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(requestDetailsLogger, key, num.ToString("X")); RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationEnd); subActivityScopeLogger.LogEnd(); return; } } else { ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] httpContext.User or httpContext.User.Identity is <NULL>."); } }
private static bool IsProxyLogonRequest(OwaRequestType requestType) { return(requestType == OwaRequestType.ProxyLogon || requestType == OwaRequestType.ProxyPing); }
private static DispatchStepResult InternalDispatchRequest(RequestContext requestContext) { HttpRequest request = requestContext.HttpContext.Request; requestContext.RequestType = RequestDispatcherUtilities.GetRequestType(request); ExTraceGlobals.CoreCallTracer.TraceDebug <OwaRequestType>(0L, "[RequestDispatcher::InternalDispatchRequest] Processing requestType={0}.", requestContext.RequestType); OwaRequestType requestType = requestContext.RequestType; if (requestType <= OwaRequestType.LanguagePage) { switch (requestType) { case OwaRequestType.Invalid: requestContext.HttpStatusCode = HttpStatusCode.BadRequest; return(DispatchStepResult.EndResponse); case OwaRequestType.Authorize: break; case OwaRequestType.Logoff: case OwaRequestType.Aspx: goto IL_C2; case OwaRequestType.EsoRequest: return(DispatchStepResult.Stop); default: switch (requestType) { case OwaRequestType.ProxyPing: RequestDispatcherUtilities.RespondProxyPing(requestContext); return(DispatchStepResult.EndResponse); case OwaRequestType.LanguagePage: break; default: goto IL_C2; } break; } requestContext.HttpContext.Response.AppendHeader("X-OWA-Version", Globals.ApplicationVersion); return(DispatchStepResult.Stop); } if (requestType == OwaRequestType.Resource) { return(DispatchStepResult.Stop); } switch (requestType) { case OwaRequestType.WopiRequest: return(DispatchStepResult.Stop); case OwaRequestType.RemoteNotificationRequest: return(DispatchStepResult.Stop); case OwaRequestType.GroupSubscriptionRequest: return(DispatchStepResult.Stop); } IL_C2: if (!requestContext.HttpContext.Request.IsAuthenticated) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::InternalDispatchRequest] Request not authenticated. returning."); requestContext.HttpStatusCode = HttpStatusCode.Unauthorized; return(DispatchStepResult.EndResponse); } DispatchStepResult dispatchStepResult = RequestDispatcher.DispatchIfLogoffRequest(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLogoffRequest returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } dispatchStepResult = RequestDispatcher.DispatchIfLastPendingGet(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLastPendingGet returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } dispatchStepResult = RequestDispatcher.DispatchIfGetUserPhotoRequest(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfGetUserPhotoRequest returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } requestContext.UserContext = UserContextManager.GetMailboxContext(requestContext.HttpContext, null, true); if (!requestContext.UserContext.ExchangePrincipal.MailboxInfo.Configuration.IsOwaEnabled && !OfflineClientRequestUtilities.IsRequestFromMOWAClient(requestContext.HttpContext.Request, requestContext.HttpContext.Request.UserAgent)) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::InternalDispatchRequest] OWA Disabled: redirecting to error page."); throw new AccountDisabledException(new LocalizedString(Strings.GetLocalizedString(531497785))); } if (RequestDispatcher.ShouldBlockConnection(requestContext.HttpContext, requestContext.UserContext.LogonIdentity)) { ExTraceGlobals.CoreCallTracer.TraceWarning <string>(0L, "[RequestDispatcher::InternalOnPostAuthorizeRequest] blocked by Client Access Rules. Request URL={0}.", requestContext.HttpContext.Request.Url.OriginalString); if (requestContext.UserContext.LogonIdentity.UserOrganizationId != null && !OrganizationId.ForestWideOrgId.Equals(requestContext.UserContext.LogonIdentity.UserOrganizationId)) { requestContext.DestinationUrl = OwaUrl.LogoffPageBlockedByClientAccessRules.GetExplicitUrl(requestContext.HttpContext.Request); } else { requestContext.DestinationUrl = OwaUrl.LogoffBlockedByClientAccessRules.GetExplicitUrl(requestContext.HttpContext.Request); } return(DispatchStepResult.RedirectToUrl); } dispatchStepResult = RequestDispatcher.ValidateExplicitLogonPermissions(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] ValidateExplicitLogonPermissions returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } dispatchStepResult = RequestDispatcher.DispatchIfLanguagePost(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLanguagePost returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } if (requestContext.UserContext is UserContext) { dispatchStepResult = RequestDispatcher.ValidateAndSetThreadCulture(requestContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] ValidateAndSetThreadCulture returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } } Uri originalRequestUrlFromContext = UrlUtilities.GetOriginalRequestUrlFromContext(requestContext.HttpContext); dispatchStepResult = RequestDispatcher.SendAppCacheRedirect(requestContext, originalRequestUrlFromContext); if (dispatchStepResult != DispatchStepResult.Continue) { ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] SendAppCacheRedirect returned {0}. returning.", dispatchStepResult); return(dispatchStepResult); } requestContext.HttpContext.Response.AppendHeader("X-OWA-Version", Globals.ApplicationVersion); requestContext.HttpContext.Response.AppendHeader("X-OWA-OWSVersion", ExchangeVersion.Latest.Version.ToString()); requestContext.HttpContext.Response.AppendHeader("X-OWA-MinimumSupportedOWSVersion", ExchangeVersionType.V2_6.ToString()); RequestDispatcher.SetTimeoutForRequest(requestContext.HttpContext, requestContext.RequestType); RequestDispatcher.CheckAndAddHostNameChangedCookie(requestContext, request); return(RequestDispatcher.DoFinalDispatch(requestContext)); }
internal static void SetXFrameOptionsHeader(RequestContext requestContext, OwaRequestType requestType) { if (requestContext == null) { return; } HttpContext httpContext = requestContext.HttpContext; if (httpContext == null || !httpContext.Request.HttpMethod.Equals("GET") || (httpContext.Request.UserAgent != null && httpContext.Request.UserAgent.Contains("MSAppHost"))) { return; } switch (requestType) { case OwaRequestType.EsoRequest: case OwaRequestType.Oeh: case OwaRequestType.ProxyPing: case OwaRequestType.KeepAlive: case OwaRequestType.Resource: case OwaRequestType.PublishedCalendarView: case OwaRequestType.ICalHttpHandler: case OwaRequestType.HealthPing: case OwaRequestType.SpeechReco: break; case OwaRequestType.Form15: case OwaRequestType.ProxyLogon: case OwaRequestType.LanguagePage: case OwaRequestType.LanguagePost: case OwaRequestType.Attachment: case OwaRequestType.WebPart: case OwaRequestType.ServiceRequest: goto IL_9D; default: if (requestType != OwaRequestType.SuiteServiceProxyPage) { goto IL_9D; } break; } return; IL_9D: string value = "SAMEORIGIN"; if (RequestDispatcherUtilities.IsCmdWebPart(httpContext.Request)) { UserContext userContext = (requestContext.UserContext ?? UserContextManager.GetMailboxContext(httpContext, null, true)) as UserContext; if (userContext != null) { ConfigurationContext configurationContext = new ConfigurationContext(userContext); if (configurationContext != null) { switch ((int)configurationContext.GetFeaturesEnabled(Feature.WebPartsDefaultOrigin | Feature.WebPartsEnableOrigins)) { case 0: case 1: value = "DENY"; break; case 2: value = null; break; } } } } if (!string.IsNullOrEmpty(value)) { httpContext.Response.Headers.Set("X-Frame-Options", value); } }