private void LoadSettings()
{
config = config.Load();
// General Settings
cbenablegatekeeper.Checked = config.EnableGateKeeper;
cbdenyemptyuseragent.Checked = config.DenyEmptyUserAgent;
txtaccessdeniedmessage.Text = config.AccessDeniedMessage;
cbdisplaycontactform.Checked = config.DisplayContactForm;
txtcontactformurl.Text = config.ContactFormUrl;
// Hotlink Settings
cbblockhotlinking.Checked = config.BlockHotLinking;
cbdisplayhotlinkdenyimage.Checked = config.DisplayHotLinkDenyImage;
txthotlinkallowedsites.Text = config.HotLinkAllowedSites;
txthotlinkexpression.Text = config.HotLinkExpression;
txthotlinkdenyimage.Text = config.HotLinkDenyImage;
// HoneyPot Settings
cbenablehoneypot.Checked = config.EnableHoneyPot;
txthoneypotpath.Text = config.HoneyPotPath;
cbpermanantlydenyhoneypotviolator.Checked = config.PersistHoneyPotDeny;
cbnotifyadmin.Checked = config.NotifyAdmin;
cbenablehoneypotlogging.Checked = config.EnableHoneyPotLogging;
cbenablehoneypotstats.Checked = config.EnableHoneyPotStats;
txthoneypotstatspath.Text = config.HoneyPotStatsPath;
// HttpBL Settings
cbenablehttpbl.Checked = config.EnableHttpBL;
cbdenyhttpblsuspect.Checked = config.DenyHttpBLSuspect;
cbenablehttpbllogging.Checked = config.EnableHttpBLLogging;
cbhttpblpostonly.Checked = config.HttpBLPostOnly;
txthttpblkeycode.Text = config.HttpBLKeyCode;
txthttpbltimeout.Text = config.HttpBLTimeout.ToString();
txtthreatscorethreshold.Text = config.ThreatScoreThreshold.ToString();
// Email Settings
txtadminemailaddress.Text = config.SmtpEmailAddress;
txtsmtpservername.Text = config.SmtpServerName;
txtsmtpportnumber.Text = config.SmtpServerPort.ToString();
txtsmtpusername.Text = config.SmtpUserName;
cbstorepasswordencrypted.Checked = config.StorePasswordEncrypted;
txtsmtppassword.Text = config.StorePasswordEncrypted ? Encryption.Decrypt(config.SmtpPassword) : config.SmtpPassword;
cbsmtpenablessl.Checked = config.SmtpEnableSSL;
txtsmtpmessagesubject.Text = config.SmtpMessageSubject;
txtsmtpmessagebody.Text = config.SmtpMessageBody;
}
private void UpdateSettings()
{
config = config.Load();
config.EnableGateKeeper = cbenablegatekeeper.Checked;
config.DisplayContactForm = cbdisplaycontactform.Checked;
config.ContactFormUrl = txtcontactformurl.Text;
config.DenyEmptyUserAgent = cbdenyemptyuseragent.Checked;
config.BlockHotLinking = cbblockhotlinking.Checked;
config.HotLinkExpression = txthotlinkexpression.Text;
config.DisplayHotLinkDenyImage = cbdisplayhotlinkdenyimage.Checked;
config.HotLinkDenyImage = txthotlinkdenyimage.Text;
config.HotLinkAllowedSites = txthotlinkallowedsites.Text;
config.EnableHoneyPot = cbenablehoneypot.Checked;
config.HoneyPotPath = txthoneypotpath.Text;
config.EnableHoneyPotLogging = cbenablehoneypotlogging.Checked;
config.PersistHoneyPotDeny = cbpermanantlydenyhoneypotviolator.Checked;
config.EnableHoneyPotStats = cbenablehoneypotstats.Checked;
config.HoneyPotStatsPath = txthoneypotstatspath.Text;
config.NotifyAdmin = cbnotifyadmin.Checked;
config.SmtpEmailAddress = txtadminemailaddress.Text;
config.SmtpMessageSubject = txtsmtpmessagesubject.Text;
config.SmtpMessageBody = txtsmtpmessagebody.Text;
config.SmtpServerName = txtsmtpservername.Text;
config.SmtpServerPort = int.Parse(txtsmtpportnumber.Text);
config.SmtpEnableSSL = cbsmtpenablessl.Checked;
config.SmtpUserName = txtsmtpusername.Text;
config.StorePasswordEncrypted = cbstorepasswordencrypted.Checked;
config.SmtpPassword = cbstorepasswordencrypted.Checked ? Encryption.Encrypt(txtsmtppassword.Text) : txtsmtppassword.Text;
config.AccessDeniedMessage = txtaccessdeniedmessage.Text;
config.EnableHttpBL = cbenablehttpbl.Checked;
config.DenyHttpBLSuspect = cbdenyhttpblsuspect.Checked;
config.EnableHttpBLLogging = cbenablehttpbllogging.Checked;
config.HttpBLPostOnly = cbhttpblpostonly.Checked;
config.HttpBLKeyCode = txthttpblkeycode.Text;
config.HttpBLTimeout = int.Parse(txthttpbltimeout.Text);
config.ThreatScoreThreshold = int.Parse(txtthreatscorethreshold.Text);
config.Save();
Response.Redirect(Request.RawUrl, true);
}
private void ProcessRequest(Object sender, EventArgs e)
{
//SemanticModule module = new SemanticModule();
application = sender as HttpApplication;
HttpContext context = application.Context;
Uri url = WebSiteControllerModule.GetFullUrl(application.Context);
if (url == null || url.AbsoluteUri.EndsWith("null"))
{
return;
}
/*
* else
* {
* if (url.DnsSafeHost == "clubcloud.kampong.nl")
* {
* System.UriBuilder builder = new UriBuilder(url);
* builder.Host = "kampong.clubcloud.nl";
* string newurl = builder.ToString();
*
* try
* {
* context.RewritePath(builder.ToString());
* }
* catch(Exception ex)
* {
* ex.ToString();
* //context.Response.Redirect(builder.ToString());
* }
*
* }
* }
*/
GateKeeperSettings gatekeeper = new GateKeeperSettings();
gatekeeper = gatekeeper.Load();
if (url.OriginalString.ToLower().Contains(gatekeeper.HoneyPotPath.ToLower()) && !string.IsNullOrEmpty(gatekeeper.HoneyPotPath))
{
return;
}
if (url.OriginalString.ToLower().Contains("_layouts") || url.OriginalString.ToLower().Contains("_login") || url.OriginalString.ToLower().Contains("_vti_bin") || url.OriginalString.ToLower().Contains("_catalogs") || url.OriginalString.ToLower().Contains("_windows") || url.OriginalString.ToLower().Contains("_forms") || url.OriginalString.ToLower().Contains("_trust"))
{
return;
}
try
{
bool handled = false;
#region Controlled
bool isControlled = false;
using (SPSite site = new SPSite(url.OriginalString))
{
CheckUrlOnZones(site, url, out url, out isControlled);
}
if (isControlled)
{
using (SPSite site = new SPSite(url.OriginalString))
{
System.Collections.Generic.List <WebSiteControllerRule> rules = WebSiteControllerConfig.GetRulesForPage(site.WebApplication, url, this.RuleType);
WebSiteControllerRule rule = null;
foreach (WebSiteControllerRule arule in rules)
{
if (arule.RuleType == this.RuleType && arule.Properties.ContainsKey("OriginalUrl"))
{
if (arule.Url.ToLower() == url.ToString().ToLower() && !arule.IsDisabled)
{
rule = arule;
break;
}
}
}
if (rule != null)
{
//WebSiteControllerRule rule = rules[rules.Count - 1];
string OriginalUrl = rule.Properties["OriginalUrl"].ToString();
string httpsAdjustedUrl = rule.Url;
if (url.ToString().StartsWith("https:", StringComparison.InvariantCultureIgnoreCase))
{
httpsAdjustedUrl = httpsAdjustedUrl.Replace("http", "https");
}
Match match = new Regex(httpsAdjustedUrl).Match(url.ToString());
if (match.Groups.Count > 1)
{
string[] matches = new string[match.Groups.Count - 1];
for (int i = 1; i < match.Groups.Count; i++)
{
matches[i - 1] = match.Groups[i].Value;
}
OriginalUrl = String.Format(OriginalUrl, matches);
}
if (OriginalUrl.IndexOf(".aspx") >= 1)
{
if (CheckIfExists(OriginalUrl, url))
{
application.Context.RewritePath("~/" + welcomepage);
}
else
{
application.Server.ClearError();
application.Response.StatusCode = (int)HttpStatusCode.NotFound;
throw (new HttpException((int)HttpStatusCode.NotFound, ""));
}
}
//application.Context.RewritePath("~/" + OriginalUrl);
handled = true;
}
else
{
handled = false;
}
}
}
#endregion
if (!handled)
{
if (!application.Context.Request.Url.LocalPath.Contains("."))
{
//if (url.LocalPath.IndexOf(".aspx") >= 1)
//{
if (CheckIfExists(url.AbsolutePath, url))
{
if (islist)
{
//SPBasePermissions locked = (SPBasePermissions.ViewListItems | SPBasePermissions.Open | SPBasePermissions.ViewPages | SPBasePermissions.UseClientIntegration);
//SPBasePermissions permission = site.OpenWeb().AnonymousPermMask64;
//if ((locked != permission) || context.User.Identity.IsAuthenticated)
//{
application.Context.Response.Redirect("~/" + welcomepage, false);
//}
//else
//{
// application.Server.ClearError();
// application.Response.StatusCode = (int)HttpStatusCode.NotFound;
// throw (new HttpException((int)HttpStatusCode.NotFound, ""));
//}
}
else
{
if (isweb)
{
try
{
//application.Context.RewritePath("~/" + site.RootWeb.RootFolder.WelcomePage);
//SPWeb cweb = SPContext.Current.Web;
//SPFolder croot = cweb.RootFolder;
//string cwelcome = croot.WelcomePage;
//SPSecurity.RunWithElevatedPrivileges(delegate()
//{
using (SPSite site = new SPSite(url.OriginalString))
{
using (SPWeb web = site.OpenWeb())
{
SPFolder root = web.RootFolder;
string welcomepage = string.Empty;
if (root.Exists)
{
welcomepage = root.WelcomePage;
}
else
{
welcomepage = web.RootFolder.WelcomePage;
}
if (issubcollection)
{
welcomepage = SPUtility.ConcatUrls(web.ServerRelativeUrl, welcomepage);
}
application.Context.RewritePath("~/" + welcomepage);
}
}
//});
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
application.Context.RewritePath("~/" + welcomepage);
}
}
else
{
application.Context.RewritePath("~/" + welcomepage);
}
}
}
else
{
//TODO Catch SharePoint Designer requests.
if (SPContext.Current == null)
{
string useragent = application.Request.UserAgent;
if (useragent == "Microsoft Office Protocol Discovery")
{
return;
}
application.Server.ClearError();
application.Response.StatusCode = (int)HttpStatusCode.NotFound;
throw (new HttpException((int)HttpStatusCode.NotFound, ""));
//return;
}
else
{
application.Server.ClearError();
application.Response.StatusCode = (int)HttpStatusCode.NotFound;
throw (new HttpException((int)HttpStatusCode.NotFound, ""));
}
}
//}
}
else
{
if (url.LocalPath.IndexOf(".aspx") >= 1)
{
if (!CheckIfExists(url.AbsolutePath, url))
{
application.Server.ClearError();
application.Response.StatusCode = (int)HttpStatusCode.NotFound;
throw (new HttpException((int)HttpStatusCode.NotFound, ""));
}
else
{
if ((url.AbsolutePath != welcomepage) && (url.AbsolutePath != "/" + welcomepage))
{
application.Context.RewritePath("~/" + welcomepage, true);
}
}
}
/*
* else
* {
* if (url.IsFile)
* {
* application.Server.ClearError();
* application.Response.StatusCode = (int)HttpStatusCode.NotFound;
* throw (new HttpException((int)HttpStatusCode.NotFound, ""));
* }
* }
*/
}
}
}
catch (HttpException)
{
throw;
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
application.Server.ClearError();
application.Response.StatusCode = (int)HttpStatusCode.BadRequest;
WebSiteControllerRule rule = WebSiteControllerConfig.GetRule("ErrorCode", "400");
string page = rule.Properties["ErrorPage"].ToString();
context.Response.Redirect("/" + page + "?aspxerrorpath=" + url, false);
}
finally
{
}
//HttpContext context = application.Context;
if (((context != null) && (context.Request != null)) && ((context.Request.Browser != null) && (context.Request.Browser.Adapters != null)))
{
string fullName = typeof(HtmlForm).FullName;
if (!context.Request.Browser.Adapters.Contains(fullName))
{
context.Request.Browser.Adapters[fullName] = typeof(WebSiteAdapter).AssemblyQualifiedName;
}
/*
* fullName = typeof(Page).FullName;
* if (!context.Request.Browser.Adapters.Contains(fullName))
* {
* context.Request.Browser.Adapters[fullName] = typeof(WebSitePage).AssemblyQualifiedName;
* }
*/
}
}
