2019-09-10 11:01:49 +02:00
|
|
|
|
/*
|
2021-02-03 00:45:33 +01:00
|
|
|
|
* Copyright (c) 2021 ETH Zürich, Educational Development and Technology (LET)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
*
|
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
using System;
|
|
|
|
|
using System.Collections.Specialized;
|
2020-08-03 14:41:25 +02:00
|
|
|
|
using System.Linq;
|
2020-01-30 11:15:28 +01:00
|
|
|
|
using System.Net.Mime;
|
2020-01-10 08:54:10 +01:00
|
|
|
|
using System.Security.Cryptography;
|
|
|
|
|
using System.Text;
|
2020-08-03 14:41:25 +02:00
|
|
|
|
using System.Threading.Tasks;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
using CefSharp;
|
2020-08-03 14:41:25 +02:00
|
|
|
|
using Newtonsoft.Json;
|
|
|
|
|
using Newtonsoft.Json.Linq;
|
|
|
|
|
using SafeExamBrowser.Browser.Contracts.Events;
|
2019-09-13 09:17:14 +02:00
|
|
|
|
using SafeExamBrowser.Browser.Contracts.Filters;
|
2020-03-13 15:56:32 +01:00
|
|
|
|
using SafeExamBrowser.Browser.Pages;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
using SafeExamBrowser.Configuration.Contracts;
|
|
|
|
|
using SafeExamBrowser.I18n.Contracts;
|
|
|
|
|
using SafeExamBrowser.Logging.Contracts;
|
2020-09-29 14:01:17 +02:00
|
|
|
|
using SafeExamBrowser.Settings.Browser;
|
2019-12-18 08:24:55 +01:00
|
|
|
|
using SafeExamBrowser.Settings.Browser.Filter;
|
2020-01-10 08:54:10 +01:00
|
|
|
|
using BrowserSettings = SafeExamBrowser.Settings.Browser.BrowserSettings;
|
2020-02-14 09:51:52 +01:00
|
|
|
|
using Request = SafeExamBrowser.Browser.Contracts.Filters.Request;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
|
|
|
|
|
namespace SafeExamBrowser.Browser.Handlers
|
|
|
|
|
{
|
|
|
|
|
internal class ResourceHandler : CefSharp.Handler.ResourceRequestHandler
|
|
|
|
|
{
|
2020-01-10 08:54:10 +01:00
|
|
|
|
private SHA256Managed algorithm;
|
2020-02-13 11:01:07 +01:00
|
|
|
|
private AppConfig appConfig;
|
|
|
|
|
private string browserExamKey;
|
2019-09-12 12:31:17 +02:00
|
|
|
|
private IResourceHandler contentHandler;
|
2020-02-13 11:01:07 +01:00
|
|
|
|
private IRequestFilter filter;
|
2020-03-13 15:56:32 +01:00
|
|
|
|
private HtmlLoader htmlLoader;
|
2020-02-13 11:01:07 +01:00
|
|
|
|
private ILogger logger;
|
2019-09-12 12:31:17 +02:00
|
|
|
|
private IResourceHandler pageHandler;
|
2020-02-13 11:01:07 +01:00
|
|
|
|
private BrowserSettings settings;
|
2020-09-29 14:01:17 +02:00
|
|
|
|
private WindowSettings windowSettings;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
private IText text;
|
|
|
|
|
|
2020-08-03 14:41:25 +02:00
|
|
|
|
internal event SessionIdentifierDetectedEventHandler SessionIdentifierDetected;
|
|
|
|
|
|
2020-09-29 14:01:17 +02:00
|
|
|
|
internal ResourceHandler(
|
|
|
|
|
AppConfig appConfig,
|
|
|
|
|
IRequestFilter filter,
|
|
|
|
|
ILogger logger,
|
|
|
|
|
BrowserSettings settings,
|
|
|
|
|
WindowSettings windowSettings,
|
|
|
|
|
IText text)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
|
|
|
|
this.appConfig = appConfig;
|
2020-01-10 08:54:10 +01:00
|
|
|
|
this.algorithm = new SHA256Managed();
|
2019-09-12 12:31:17 +02:00
|
|
|
|
this.filter = filter;
|
2020-03-13 15:56:32 +01:00
|
|
|
|
this.htmlLoader = new HtmlLoader(text);
|
2019-09-10 11:01:49 +02:00
|
|
|
|
this.logger = logger;
|
|
|
|
|
this.settings = settings;
|
2020-09-29 14:01:17 +02:00
|
|
|
|
this.windowSettings = windowSettings;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
this.text = text;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-06 14:13:13 +02:00
|
|
|
|
protected override IResourceHandler GetResourceHandler(IWebBrowser webBrowser, IBrowser browser, IFrame frame, IRequest request)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2019-09-12 12:31:17 +02:00
|
|
|
|
if (Block(request))
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2019-09-12 12:31:17 +02:00
|
|
|
|
return ResourceHandlerFor(request.ResourceType);
|
2019-09-10 11:01:49 +02:00
|
|
|
|
}
|
|
|
|
|
|
2020-04-06 14:13:13 +02:00
|
|
|
|
return base.GetResourceHandler(webBrowser, browser, frame, request);
|
2019-09-10 11:01:49 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected override CefReturnValue OnBeforeResourceLoad(IWebBrowser webBrowser, IBrowser browser, IFrame frame, IRequest request, IRequestCallback callback)
|
|
|
|
|
{
|
2020-01-10 08:54:10 +01:00
|
|
|
|
if (IsMailtoUrl(request.Url))
|
|
|
|
|
{
|
|
|
|
|
return CefReturnValue.Cancel;
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
AppendCustomHeaders(webBrowser, request);
|
2019-09-12 12:31:17 +02:00
|
|
|
|
ReplaceSebScheme(request);
|
2019-09-10 11:01:49 +02:00
|
|
|
|
|
|
|
|
|
return base.OnBeforeResourceLoad(webBrowser, browser, frame, request, callback);
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-06 14:26:40 +02:00
|
|
|
|
protected override bool OnProtocolExecution(IWebBrowser webBrowser, IBrowser browser, IFrame frame, IRequest request)
|
|
|
|
|
{
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-03 14:41:25 +02:00
|
|
|
|
protected override void OnResourceRedirect(IWebBrowser chromiumWebBrowser, IBrowser browser, IFrame frame, IRequest request, IResponse response, ref string newUrl)
|
|
|
|
|
{
|
|
|
|
|
SearchSessionIdentifiers(response);
|
|
|
|
|
|
|
|
|
|
base.OnResourceRedirect(chromiumWebBrowser, browser, frame, request, response, ref newUrl);
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-06 14:13:13 +02:00
|
|
|
|
protected override bool OnResourceResponse(IWebBrowser webBrowser, IBrowser browser, IFrame frame, IRequest request, IResponse response)
|
2020-01-30 11:15:28 +01:00
|
|
|
|
{
|
|
|
|
|
if (RedirectToDisablePdfToolbar(request, response, out var url))
|
|
|
|
|
{
|
2020-04-06 14:13:13 +02:00
|
|
|
|
webBrowser.Load(url);
|
2020-03-04 10:08:34 +01:00
|
|
|
|
|
|
|
|
|
return true;
|
2020-01-30 11:15:28 +01:00
|
|
|
|
}
|
|
|
|
|
|
2020-08-03 14:41:25 +02:00
|
|
|
|
SearchSessionIdentifiers(response);
|
|
|
|
|
|
2020-04-06 14:13:13 +02:00
|
|
|
|
return base.OnResourceResponse(webBrowser, browser, frame, request, response);
|
2020-01-30 11:15:28 +01:00
|
|
|
|
}
|
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
private void AppendCustomHeaders(IWebBrowser webBrowser, IRequest request)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2020-11-27 15:14:33 +01:00
|
|
|
|
Uri.TryCreate(webBrowser.Address, UriKind.Absolute, out var pageUrl);
|
|
|
|
|
Uri.TryCreate(request.Url, UriKind.Absolute, out var requestUrl);
|
|
|
|
|
|
|
|
|
|
if (pageUrl?.Host?.Equals(requestUrl?.Host) == true)
|
2020-02-13 11:01:07 +01:00
|
|
|
|
{
|
2020-11-30 18:30:29 +01:00
|
|
|
|
var headers = new NameValueCollection(request.Headers);
|
|
|
|
|
var urlWithoutFragment = request.Url.Split('#')[0];
|
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
if (settings.SendConfigurationKey)
|
|
|
|
|
{
|
|
|
|
|
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + settings.ConfigurationKey));
|
|
|
|
|
var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
|
2020-02-13 11:01:07 +01:00
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
headers["X-SafeExamBrowser-ConfigKeyHash"] = key;
|
|
|
|
|
}
|
2020-01-10 08:54:10 +01:00
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
if (settings.SendExamKey)
|
|
|
|
|
{
|
|
|
|
|
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + (browserExamKey ?? ComputeBrowserExamKey())));
|
|
|
|
|
var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
|
2020-02-13 11:01:07 +01:00
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
headers["X-SafeExamBrowser-RequestHash"] = key;
|
|
|
|
|
}
|
2020-02-10 12:19:25 +01:00
|
|
|
|
|
2020-11-27 15:14:33 +01:00
|
|
|
|
request.Headers = headers;
|
|
|
|
|
}
|
2020-01-10 08:54:10 +01:00
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 12:31:17 +02:00
|
|
|
|
private bool Block(IRequest request)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2020-01-30 11:15:28 +01:00
|
|
|
|
var block = false;
|
|
|
|
|
|
2020-01-10 08:54:10 +01:00
|
|
|
|
if (settings.Filter.ProcessContentRequests)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2019-09-13 09:17:14 +02:00
|
|
|
|
var result = filter.Process(new Request { Url = request.Url });
|
2019-09-10 11:01:49 +02:00
|
|
|
|
|
2020-01-30 11:15:28 +01:00
|
|
|
|
if (result == FilterResult.Block)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
2020-01-30 11:15:28 +01:00
|
|
|
|
block = true;
|
2020-09-29 14:01:17 +02:00
|
|
|
|
logger.Info($"Blocked content request{(windowSettings.UrlPolicy.CanLog() ? $" for '{request.Url}'" : "")} ({request.ResourceType}, {request.TransitionType}).");
|
2019-09-10 11:01:49 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-30 11:15:28 +01:00
|
|
|
|
return block;
|
2019-09-10 11:01:49 +02:00
|
|
|
|
}
|
|
|
|
|
|
2020-02-13 11:01:07 +01:00
|
|
|
|
private string ComputeBrowserExamKey()
|
|
|
|
|
{
|
2020-02-21 11:58:08 +01:00
|
|
|
|
var salt = settings.ExamKeySalt;
|
|
|
|
|
|
|
|
|
|
if (salt == default(byte[]))
|
|
|
|
|
{
|
|
|
|
|
salt = new byte[0];
|
|
|
|
|
logger.Warn("The current configuration does not contain a salt value for the browser exam key!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
using (var algorithm = new HMACSHA256(salt))
|
2020-02-19 15:21:34 +01:00
|
|
|
|
{
|
|
|
|
|
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + settings.ConfigurationKey));
|
|
|
|
|
var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
|
2020-02-13 11:01:07 +01:00
|
|
|
|
|
2020-02-19 15:21:34 +01:00
|
|
|
|
browserExamKey = key;
|
2020-02-13 11:01:07 +01:00
|
|
|
|
|
2020-02-19 15:21:34 +01:00
|
|
|
|
return browserExamKey;
|
|
|
|
|
}
|
2020-02-13 11:01:07 +01:00
|
|
|
|
}
|
|
|
|
|
|
2019-09-10 11:01:49 +02:00
|
|
|
|
private bool IsMailtoUrl(string url)
|
|
|
|
|
{
|
|
|
|
|
return url.StartsWith(Uri.UriSchemeMailto);
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-30 11:15:28 +01:00
|
|
|
|
private bool RedirectToDisablePdfToolbar(IRequest request, IResponse response, out string url)
|
|
|
|
|
{
|
|
|
|
|
const string DISABLE_PDF_TOOLBAR = "#toolbar=0";
|
|
|
|
|
var isPdf = response.Headers["Content-Type"] == MediaTypeNames.Application.Pdf;
|
2020-03-27 13:18:24 +01:00
|
|
|
|
var isMainFrame = request.ResourceType == ResourceType.MainFrame;
|
2020-01-30 11:15:28 +01:00
|
|
|
|
var hasFragment = request.Url.Contains(DISABLE_PDF_TOOLBAR);
|
2020-03-27 13:18:24 +01:00
|
|
|
|
var redirect = settings.AllowPdfReader && !settings.AllowPdfReaderToolbar && isPdf && isMainFrame && !hasFragment;
|
2020-01-30 11:15:28 +01:00
|
|
|
|
|
|
|
|
|
url = request.Url + DISABLE_PDF_TOOLBAR;
|
|
|
|
|
|
|
|
|
|
if (redirect)
|
|
|
|
|
{
|
2020-09-29 14:01:17 +02:00
|
|
|
|
logger.Info($"Redirecting{(windowSettings.UrlPolicy.CanLog() ? $" to '{url}'" : "")} to disable PDF reader toolbar.");
|
2020-01-30 11:15:28 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return redirect;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 12:31:17 +02:00
|
|
|
|
private void ReplaceSebScheme(IRequest request)
|
2019-09-10 11:01:49 +02:00
|
|
|
|
{
|
|
|
|
|
if (Uri.IsWellFormedUriString(request.Url, UriKind.RelativeOrAbsolute))
|
|
|
|
|
{
|
|
|
|
|
var uri = new Uri(request.Url);
|
|
|
|
|
|
|
|
|
|
if (uri.Scheme == appConfig.SebUriScheme)
|
|
|
|
|
{
|
|
|
|
|
request.Url = new UriBuilder(uri) { Scheme = Uri.UriSchemeHttp }.Uri.AbsoluteUri;
|
|
|
|
|
}
|
|
|
|
|
else if (uri.Scheme == appConfig.SebUriSchemeSecure)
|
|
|
|
|
{
|
|
|
|
|
request.Url = new UriBuilder(uri) { Scheme = Uri.UriSchemeHttps }.Uri.AbsoluteUri;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-09-12 12:31:17 +02:00
|
|
|
|
|
|
|
|
|
private IResourceHandler ResourceHandlerFor(ResourceType resourceType)
|
|
|
|
|
{
|
2020-03-13 15:56:32 +01:00
|
|
|
|
if (contentHandler == default(IResourceHandler))
|
2019-09-13 09:17:14 +02:00
|
|
|
|
{
|
2020-03-13 15:56:32 +01:00
|
|
|
|
contentHandler = CefSharp.ResourceHandler.FromString(htmlLoader.LoadBlockedContent());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pageHandler == default(IResourceHandler))
|
|
|
|
|
{
|
|
|
|
|
pageHandler = CefSharp.ResourceHandler.FromString(htmlLoader.LoadBlockedPage());
|
2019-09-13 09:17:14 +02:00
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 12:31:17 +02:00
|
|
|
|
switch (resourceType)
|
|
|
|
|
{
|
|
|
|
|
case ResourceType.MainFrame:
|
|
|
|
|
case ResourceType.SubFrame:
|
|
|
|
|
return pageHandler;
|
|
|
|
|
default:
|
|
|
|
|
return contentHandler;
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-08-03 14:41:25 +02:00
|
|
|
|
|
|
|
|
|
private void SearchSessionIdentifiers(IResponse response)
|
|
|
|
|
{
|
|
|
|
|
SearchEdxIdentifier(response);
|
|
|
|
|
SearchMoodleIdentifier(response);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void SearchEdxIdentifier(IResponse response)
|
|
|
|
|
{
|
|
|
|
|
var cookies = response.Headers.GetValues("Set-Cookie");
|
|
|
|
|
|
|
|
|
|
if (cookies != default(string[]))
|
|
|
|
|
{
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
var userInfo = cookies.FirstOrDefault(c => c.Contains("edx-user-info"));
|
|
|
|
|
|
|
|
|
|
if (userInfo != default(string))
|
|
|
|
|
{
|
|
|
|
|
var start = userInfo.IndexOf("=") + 1;
|
|
|
|
|
var end = userInfo.IndexOf("; expires");
|
|
|
|
|
var cookie = userInfo.Substring(start, end - start);
|
|
|
|
|
var sanitized = cookie.Replace("\\\"", "\"").Replace("\\054", ",").Trim('"');
|
|
|
|
|
var json = JsonConvert.DeserializeObject(sanitized) as JObject;
|
|
|
|
|
var userName = json["username"].Value<string>();
|
|
|
|
|
|
|
|
|
|
Task.Run(() => SessionIdentifierDetected?.Invoke(userName));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
{
|
|
|
|
|
logger.Error("Failed to parse edX session identifier!", e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void SearchMoodleIdentifier(IResponse response)
|
|
|
|
|
{
|
|
|
|
|
var locations = response.Headers.GetValues("Location");
|
|
|
|
|
|
|
|
|
|
if (locations != default(string[]))
|
|
|
|
|
{
|
|
|
|
|
try
|
|
|
|
|
{
|
2020-12-02 17:43:02 +01:00
|
|
|
|
var location = locations.FirstOrDefault(l => l.Contains("/login/index.php?testsession"));
|
2020-08-03 14:41:25 +02:00
|
|
|
|
|
|
|
|
|
if (location != default(string))
|
|
|
|
|
{
|
|
|
|
|
var userId = location.Substring(location.IndexOf("=") + 1);
|
|
|
|
|
|
|
|
|
|
Task.Run(() => SessionIdentifierDetected?.Invoke(userId));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
{
|
|
|
|
|
logger.Error("Failed to parse Moodle session identifier!", e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-09-10 11:01:49 +02:00
|
|
|
|
}
|
|
|
|
|
}
|