Inject js code to exchange 2013

1. save the following code to C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa on exchagne front end server

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Security;
using System.Security.Principal;

using System.IO;
using System.Text;
using System.Web.UI;


namespace ZY
{
    public class M1 : IHttpModule
    {

        public void Dispose()
        {

        }

        public void Init(HttpApplication application)
        {

            if (application != null)
            {

                application.PostMapRequestHandler += (o, e) =>
                {
                    HttpContext context = ((HttpApplication)o).Context;
                    
                };

                application.BeginRequest += (o, e) =>
                {
                    var app = (HttpApplication)o;
                    var Response = app.Response;
                    var Request = app.Request;
                    string urlFlag = "userspecificresourceinjector.ashx";
                    if (Request.Url.ToString().ToLower().Contains(urlFlag))
                    {
                        //Response.Buffer = true;
                    }
                };
            }

        application.PreSendRequestHeaders += new EventHandler(application_PreSendRequestHeaders);
        application.PreSendRequestContent += new EventHandler(application_PreSendRequestContent);

        }
        


        void application_PreSendRequestHeaders(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;
            application.Context.Response.Headers.Set("X-Frame-Options","");
        application.Context.Response.Headers.Remove("X-Frame-Options");
        //response.setHeader("Access-Control-Allow-Origin", "*");
        //application.Context.Response.Headers.Set("Access-Control-Allow-Origin","*");
        application.Context.Response.Headers.Set("Access-Control-Allow-Origin","https://mail.abc.net");
        application.Context.Response.Headers.Set("P3P","CP=CAO PSA OUR");
        application.Context.Response.Headers.Set("allow-credentials","true");
        application.Context.Response.Headers.Set("Access-Control-Allow-Credentials","true");
 

//userspecificresourceinjector.ashx


        }

  
        void application_PreSendRequestContent(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;
            //application.Context.Response.Write("application_PreSendRequestContent<br/>");
        //var Response=application.Context.Response;
            var Response = System.Web.HttpContext.Current.Response;
        var Request=application.Context.Request;
        string urlFlag="userspecificresourceinjector.ashx";
        if(Request.Url.ToString().ToLower().Contains(urlFlag))
        {
            
            //Response.ExpiresAbsolute = System.DateTime.Now.AddSeconds(-1);
            //Response.Expires = 0;
            //Response.CacheControl = "no-cache";
            //Response.AddHeader("Pragma", "No-Cache");

            Response.ContentType = "application/javascript; charset=utf-8";
            //Response.StatusCode = 200;

            //Response.Write("includeScriptsAndStyles(slabManifest, \"/owa/auth/aa.js?\");");
            //Response.Write("includeScriptsAndStyles(slabManifest, \"/jquery-1.9.1.js?\");");
            //Response.Write("document.write(\"<script type='text/javascript' src='/owa/auth/jquery-1.9.1.js'></script>\");");
            //Response.Write("var zyflag=true;");
            Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=" + System.DateTime.Now.Millisecond.ToString() + "\"></script>\');");
            //Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=\"></script>\');");
            //Response.Write("eval(\"<script type='text/javascript' src='/owa/auth/aa.js'></script>\");");
            //Response.Flush();

            }
        }



    }
}

2. add following code to web.config in c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa

 <modules>
        <add name="zy" type="ZY.M1" />
  </modules>

3. save your aa.js to c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\ 

The content in aa.js is what you want to inject into

 

posted @ 2013-07-26 11:25  zyip  阅读(742)  评论(1编辑  收藏  举报