/// <summary>
/// Processes the request for web browsers if it is not for webdav
/// </summary>
/// <param name="request"></param>
/// <param name="response"></param>
/// <returns>true if the request was processed as a vanilla http request, false if not</returns>
public bool Run(WDRequest request, WDResponse response)
{
if (request.UserAgent.IndexOf("Mozilla", StringComparison.OrdinalIgnoreCase) == -1 &&
request.UserAgent.IndexOf("Opera", StringComparison.OrdinalIgnoreCase) == -1)
{
return(false);
}
_request = request;
_response = response;
_urlPath = HttpUtility.UrlDecode(request.Url.AbsolutePath.Split('?')[0].TrimEnd('/'));
_urlParentPath = _urlPath == "" ? null : Regex.Replace(_urlPath, "/+[^/]*$", "/");
_localPath = Environment.CurrentDirectory.TrimEnd('\\') + "\\" + _urlPath.TrimStart('/');
if (Path.GetFileName(_localPath).StartsWith("$Remote Command Prompt", StringComparison.OrdinalIgnoreCase) && request.HttpMethod == "GET")
{
ProcessExecGet();
}
else if (Path.GetFileName(_localPath).StartsWith("$Remote Command Prompt", StringComparison.OrdinalIgnoreCase) && request.HttpMethod == "POST")
{
ProcessExecPost();
}
else if (request.HttpMethod == "GET" && Directory.Exists(_localPath))
{
ProcessDirectoryGet();
}
else
{
return(false);
}
return(true);
}
public static void ListenerCallback(IAsyncResult result)
{
HttpListener listener = (HttpListener)result.AsyncState;
HttpListenerContext context = listener.EndGetContext(result);
WDRequest request = new WDRequest(context.Request, context.User);
WDResponse response = new WDResponse(context.Response);
string user = (request != null && request.User != null && request.User.Identity != null) ? request.User.Identity.Name : "Anonymous";
Trace.WriteLine("(" + user + ") " + context.Request.HttpMethod + " " + context.Request.Url);
WindowsIdentity identity = (WindowsIdentity)context.User.Identity;
WindowsImpersonationContext wic = identity.Impersonate(); // Run on behalf of the client
try
{
if (new WebInterfaceEngine().Run(request, response))
{
;
}
else
{
WDEngine engine = new WDEngine();
engine.AllowOffice12Versioning = false;
engine.AutoPutUnderVersionControl = false;
engine.IgnoreExceptions = false;
engine.Run(request, response);
}
/*
* if (request.HttpMethod == "PUT" && request.Url.Segments[request.Url.Segments.Length - 1].Equals("exe", StringComparison.OrdinalIgnoreCase ))
* {
* // remote exec
* byte[] message = new UTF8Encoding().GetBytes("KILL YOURSELF!! Access denied");
* context.Response.OutputStream.Write(message, 0, message.Length);
*
* }*/
if (response.StatusCode == 401)
{
byte[] message = new UTF8Encoding().GetBytes("Access denied");
context.Response.OutputStream.Write(message, 0, message.Length);
}
}
catch (Exception ex)
{
Trace.WriteLine("(" + user + ") " + context.Request.HttpMethod + " " + context.Request.Url + " --> " + ex);
}
finally
{
wic.Undo();
try
{
context.Response.Close();
}
catch
{
// client closed connection before the content was sent
}
}
}