2019-09-10 11:01:49 +02:00
/ *
2021-02-03 00:45:33 +01:00
* Copyright ( c ) 2021 ETH Zürich , Educational Development and Technology ( LET )
2019-09-10 11:01:49 +02:00
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License , v . 2.0 . If a copy of the MPL was not distributed with this
* file , You can obtain one at http : //mozilla.org/MPL/2.0/.
* /
using System ;
using System.Collections.Specialized ;
2020-08-03 14:41:25 +02:00
using System.Linq ;
2021-08-31 18:15:26 +02:00
using System.Net ;
2021-02-23 15:32:08 +01:00
using System.Net.Http ;
2020-01-30 11:15:28 +01:00
using System.Net.Mime ;
2020-01-10 08:54:10 +01:00
using System.Security.Cryptography ;
using System.Text ;
2020-08-03 14:41:25 +02:00
using System.Threading.Tasks ;
2019-09-10 11:01:49 +02:00
using CefSharp ;
2020-08-03 14:41:25 +02:00
using Newtonsoft.Json ;
using Newtonsoft.Json.Linq ;
using SafeExamBrowser.Browser.Contracts.Events ;
2019-09-13 09:17:14 +02:00
using SafeExamBrowser.Browser.Contracts.Filters ;
2020-03-13 15:56:32 +01:00
using SafeExamBrowser.Browser.Pages ;
2019-09-10 11:01:49 +02:00
using SafeExamBrowser.Configuration.Contracts ;
using SafeExamBrowser.I18n.Contracts ;
using SafeExamBrowser.Logging.Contracts ;
2020-09-29 14:01:17 +02:00
using SafeExamBrowser.Settings.Browser ;
2019-12-18 08:24:55 +01:00
using SafeExamBrowser.Settings.Browser.Filter ;
2020-01-10 08:54:10 +01:00
using BrowserSettings = SafeExamBrowser . Settings . Browser . BrowserSettings ;
2020-02-14 09:51:52 +01:00
using Request = SafeExamBrowser . Browser . Contracts . Filters . Request ;
2019-09-10 11:01:49 +02:00
namespace SafeExamBrowser.Browser.Handlers
{
internal class ResourceHandler : CefSharp . Handler . ResourceRequestHandler
{
2020-01-10 08:54:10 +01:00
private SHA256Managed algorithm ;
2020-02-13 11:01:07 +01:00
private AppConfig appConfig ;
private string browserExamKey ;
2019-09-12 12:31:17 +02:00
private IResourceHandler contentHandler ;
2020-02-13 11:01:07 +01:00
private IRequestFilter filter ;
2020-03-13 15:56:32 +01:00
private HtmlLoader htmlLoader ;
2020-02-13 11:01:07 +01:00
private ILogger logger ;
2019-09-12 12:31:17 +02:00
private IResourceHandler pageHandler ;
2021-10-04 18:10:36 +02:00
private string sessionIdentifier ;
2020-02-13 11:01:07 +01:00
private BrowserSettings settings ;
2020-09-29 14:01:17 +02:00
private WindowSettings windowSettings ;
2019-09-10 11:01:49 +02:00
private IText text ;
2020-08-03 14:41:25 +02:00
internal event SessionIdentifierDetectedEventHandler SessionIdentifierDetected ;
2020-09-29 14:01:17 +02:00
internal ResourceHandler (
AppConfig appConfig ,
IRequestFilter filter ,
ILogger logger ,
BrowserSettings settings ,
WindowSettings windowSettings ,
IText text )
2019-09-10 11:01:49 +02:00
{
this . appConfig = appConfig ;
2020-01-10 08:54:10 +01:00
this . algorithm = new SHA256Managed ( ) ;
2019-09-12 12:31:17 +02:00
this . filter = filter ;
2020-03-13 15:56:32 +01:00
this . htmlLoader = new HtmlLoader ( text ) ;
2019-09-10 11:01:49 +02:00
this . logger = logger ;
this . settings = settings ;
2020-09-29 14:01:17 +02:00
this . windowSettings = windowSettings ;
2019-09-10 11:01:49 +02:00
this . text = text ;
}
2020-04-06 14:13:13 +02:00
protected override IResourceHandler GetResourceHandler ( IWebBrowser webBrowser , IBrowser browser , IFrame frame , IRequest request )
2019-09-10 11:01:49 +02:00
{
2019-09-12 12:31:17 +02:00
if ( Block ( request ) )
2019-09-10 11:01:49 +02:00
{
2019-09-12 12:31:17 +02:00
return ResourceHandlerFor ( request . ResourceType ) ;
2019-09-10 11:01:49 +02:00
}
2020-04-06 14:13:13 +02:00
return base . GetResourceHandler ( webBrowser , browser , frame , request ) ;
2019-09-10 11:01:49 +02:00
}
protected override CefReturnValue OnBeforeResourceLoad ( IWebBrowser webBrowser , IBrowser browser , IFrame frame , IRequest request , IRequestCallback callback )
{
2020-01-10 08:54:10 +01:00
if ( IsMailtoUrl ( request . Url ) )
{
return CefReturnValue . Cancel ;
}
2020-11-27 15:14:33 +01:00
AppendCustomHeaders ( webBrowser , request ) ;
2019-09-12 12:31:17 +02:00
ReplaceSebScheme ( request ) ;
2019-09-10 11:01:49 +02:00
return base . OnBeforeResourceLoad ( webBrowser , browser , frame , request , callback ) ;
}
2020-08-06 14:26:40 +02:00
protected override bool OnProtocolExecution ( IWebBrowser webBrowser , IBrowser browser , IFrame frame , IRequest request )
{
return true ;
}
2020-08-03 14:41:25 +02:00
protected override void OnResourceRedirect ( IWebBrowser chromiumWebBrowser , IBrowser browser , IFrame frame , IRequest request , IResponse response , ref string newUrl )
{
2021-02-23 15:32:08 +01:00
SearchSessionIdentifiers ( request , response ) ;
2020-08-03 14:41:25 +02:00
base . OnResourceRedirect ( chromiumWebBrowser , browser , frame , request , response , ref newUrl ) ;
}
2020-04-06 14:13:13 +02:00
protected override bool OnResourceResponse ( IWebBrowser webBrowser , IBrowser browser , IFrame frame , IRequest request , IResponse response )
2020-01-30 11:15:28 +01:00
{
if ( RedirectToDisablePdfToolbar ( request , response , out var url ) )
{
2020-04-06 14:13:13 +02:00
webBrowser . Load ( url ) ;
2020-03-04 10:08:34 +01:00
return true ;
2020-01-30 11:15:28 +01:00
}
2021-02-23 15:32:08 +01:00
SearchSessionIdentifiers ( request , response ) ;
2020-08-03 14:41:25 +02:00
2020-04-06 14:13:13 +02:00
return base . OnResourceResponse ( webBrowser , browser , frame , request , response ) ;
2020-01-30 11:15:28 +01:00
}
2020-11-27 15:14:33 +01:00
private void AppendCustomHeaders ( IWebBrowser webBrowser , IRequest request )
2019-09-10 11:01:49 +02:00
{
2020-11-27 15:14:33 +01:00
Uri . TryCreate ( webBrowser . Address , UriKind . Absolute , out var pageUrl ) ;
Uri . TryCreate ( request . Url , UriKind . Absolute , out var requestUrl ) ;
if ( pageUrl ? . Host ? . Equals ( requestUrl ? . Host ) = = true )
2020-02-13 11:01:07 +01:00
{
2020-11-30 18:30:29 +01:00
var headers = new NameValueCollection ( request . Headers ) ;
var urlWithoutFragment = request . Url . Split ( '#' ) [ 0 ] ;
2020-11-27 15:14:33 +01:00
if ( settings . SendConfigurationKey )
{
var hash = algorithm . ComputeHash ( Encoding . UTF8 . GetBytes ( urlWithoutFragment + settings . ConfigurationKey ) ) ;
var key = BitConverter . ToString ( hash ) . ToLower ( ) . Replace ( "-" , string . Empty ) ;
2020-02-13 11:01:07 +01:00
2020-11-27 15:14:33 +01:00
headers [ "X-SafeExamBrowser-ConfigKeyHash" ] = key ;
}
2020-01-10 08:54:10 +01:00
2020-11-27 15:14:33 +01:00
if ( settings . SendExamKey )
{
var hash = algorithm . ComputeHash ( Encoding . UTF8 . GetBytes ( urlWithoutFragment + ( browserExamKey ? ? ComputeBrowserExamKey ( ) ) ) ) ;
var key = BitConverter . ToString ( hash ) . ToLower ( ) . Replace ( "-" , string . Empty ) ;
2020-02-13 11:01:07 +01:00
2020-11-27 15:14:33 +01:00
headers [ "X-SafeExamBrowser-RequestHash" ] = key ;
}
2020-02-10 12:19:25 +01:00
2020-11-27 15:14:33 +01:00
request . Headers = headers ;
}
2020-01-10 08:54:10 +01:00
}
2019-09-12 12:31:17 +02:00
private bool Block ( IRequest request )
2019-09-10 11:01:49 +02:00
{
2020-01-30 11:15:28 +01:00
var block = false ;
2021-08-31 18:15:26 +02:00
var url = WebUtility . UrlDecode ( request . Url ) ;
var isValidUri = Uri . TryCreate ( url , UriKind . Absolute , out _ ) ;
2020-01-30 11:15:28 +01:00
2021-08-31 18:15:26 +02:00
if ( settings . Filter . ProcessContentRequests & & isValidUri )
2019-09-10 11:01:49 +02:00
{
2021-08-31 18:15:26 +02:00
var result = filter . Process ( new Request { Url = url } ) ;
2019-09-10 11:01:49 +02:00
2020-01-30 11:15:28 +01:00
if ( result = = FilterResult . Block )
2019-09-10 11:01:49 +02:00
{
2020-01-30 11:15:28 +01:00
block = true ;
2021-08-31 18:15:26 +02:00
logger . Info ( $"Blocked content request{(windowSettings.UrlPolicy.CanLog() ? $" for ' { url } ' " : " ")} ({request.ResourceType}, {request.TransitionType})." ) ;
2019-09-10 11:01:49 +02:00
}
}
2021-08-31 18:15:26 +02:00
else if ( ! isValidUri )
{
logger . Warn ( $"Filter could not process request{(windowSettings.UrlPolicy.CanLog() ? $" for ' { url } ' " : " ")} ({request.ResourceType}, {request.TransitionType})!" ) ;
}
2019-09-10 11:01:49 +02:00
2020-01-30 11:15:28 +01:00
return block ;
2019-09-10 11:01:49 +02:00
}
2020-02-13 11:01:07 +01:00
private string ComputeBrowserExamKey ( )
{
2020-02-21 11:58:08 +01:00
var salt = settings . ExamKeySalt ;
if ( salt = = default ( byte [ ] ) )
{
salt = new byte [ 0 ] ;
logger . Warn ( "The current configuration does not contain a salt value for the browser exam key!" ) ;
}
using ( var algorithm = new HMACSHA256 ( salt ) )
2020-02-19 15:21:34 +01:00
{
var hash = algorithm . ComputeHash ( Encoding . UTF8 . GetBytes ( appConfig . CodeSignatureHash + appConfig . ProgramBuildVersion + settings . ConfigurationKey ) ) ;
var key = BitConverter . ToString ( hash ) . ToLower ( ) . Replace ( "-" , string . Empty ) ;
2020-02-13 11:01:07 +01:00
2020-02-19 15:21:34 +01:00
browserExamKey = key ;
2020-02-13 11:01:07 +01:00
2020-02-19 15:21:34 +01:00
return browserExamKey ;
}
2020-02-13 11:01:07 +01:00
}
2019-09-10 11:01:49 +02:00
private bool IsMailtoUrl ( string url )
{
return url . StartsWith ( Uri . UriSchemeMailto ) ;
}
2020-01-30 11:15:28 +01:00
private bool RedirectToDisablePdfToolbar ( IRequest request , IResponse response , out string url )
{
const string DISABLE_PDF_TOOLBAR = "#toolbar=0" ;
var isPdf = response . Headers [ "Content-Type" ] = = MediaTypeNames . Application . Pdf ;
2020-03-27 13:18:24 +01:00
var isMainFrame = request . ResourceType = = ResourceType . MainFrame ;
2020-01-30 11:15:28 +01:00
var hasFragment = request . Url . Contains ( DISABLE_PDF_TOOLBAR ) ;
2020-03-27 13:18:24 +01:00
var redirect = settings . AllowPdfReader & & ! settings . AllowPdfReaderToolbar & & isPdf & & isMainFrame & & ! hasFragment ;
2020-01-30 11:15:28 +01:00
url = request . Url + DISABLE_PDF_TOOLBAR ;
if ( redirect )
{
2020-09-29 14:01:17 +02:00
logger . Info ( $"Redirecting{(windowSettings.UrlPolicy.CanLog() ? $" to ' { url } ' " : " ")} to disable PDF reader toolbar." ) ;
2020-01-30 11:15:28 +01:00
}
return redirect ;
}
2019-09-12 12:31:17 +02:00
private void ReplaceSebScheme ( IRequest request )
2019-09-10 11:01:49 +02:00
{
if ( Uri . IsWellFormedUriString ( request . Url , UriKind . RelativeOrAbsolute ) )
{
var uri = new Uri ( request . Url ) ;
if ( uri . Scheme = = appConfig . SebUriScheme )
{
request . Url = new UriBuilder ( uri ) { Scheme = Uri . UriSchemeHttp } . Uri . AbsoluteUri ;
}
else if ( uri . Scheme = = appConfig . SebUriSchemeSecure )
{
request . Url = new UriBuilder ( uri ) { Scheme = Uri . UriSchemeHttps } . Uri . AbsoluteUri ;
}
}
}
2019-09-12 12:31:17 +02:00
private IResourceHandler ResourceHandlerFor ( ResourceType resourceType )
{
2020-03-13 15:56:32 +01:00
if ( contentHandler = = default ( IResourceHandler ) )
2019-09-13 09:17:14 +02:00
{
2020-03-13 15:56:32 +01:00
contentHandler = CefSharp . ResourceHandler . FromString ( htmlLoader . LoadBlockedContent ( ) ) ;
}
if ( pageHandler = = default ( IResourceHandler ) )
{
pageHandler = CefSharp . ResourceHandler . FromString ( htmlLoader . LoadBlockedPage ( ) ) ;
2019-09-13 09:17:14 +02:00
}
2019-09-12 12:31:17 +02:00
switch ( resourceType )
{
case ResourceType . MainFrame :
case ResourceType . SubFrame :
return pageHandler ;
default :
return contentHandler ;
}
}
2020-08-03 14:41:25 +02:00
2021-02-23 15:32:08 +01:00
private void SearchSessionIdentifiers ( IRequest request , IResponse response )
2020-08-03 14:41:25 +02:00
{
2021-04-21 19:53:52 +02:00
var success = TrySearchGenericSessionIdentifier ( response ) ;
if ( ! success )
{
SearchEdxIdentifier ( response ) ;
SearchMoodleIdentifier ( request , response ) ;
}
}
private bool TrySearchGenericSessionIdentifier ( IResponse response )
{
var ids = response . Headers . GetValues ( "X-LMS-USER-ID" ) ;
if ( ids ! = default ( string [ ] ) )
{
var userId = ids . FirstOrDefault ( ) ;
2021-10-04 18:10:36 +02:00
if ( userId ! = default ( string ) & & sessionIdentifier ! = userId )
2021-04-21 19:53:52 +02:00
{
2021-10-04 18:10:36 +02:00
sessionIdentifier = userId ;
Task . Run ( ( ) = > SessionIdentifierDetected ? . Invoke ( sessionIdentifier ) ) ;
2021-04-21 19:53:52 +02:00
logger . Info ( "Generic LMS session detected." ) ;
return true ;
}
}
return false ;
2020-08-03 14:41:25 +02:00
}
private void SearchEdxIdentifier ( IResponse response )
{
var cookies = response . Headers . GetValues ( "Set-Cookie" ) ;
if ( cookies ! = default ( string [ ] ) )
{
try
{
var userInfo = cookies . FirstOrDefault ( c = > c . Contains ( "edx-user-info" ) ) ;
if ( userInfo ! = default ( string ) )
{
var start = userInfo . IndexOf ( "=" ) + 1 ;
var end = userInfo . IndexOf ( "; expires" ) ;
var cookie = userInfo . Substring ( start , end - start ) ;
var sanitized = cookie . Replace ( "\\\"" , "\"" ) . Replace ( "\\054" , "," ) . Trim ( '"' ) ;
var json = JsonConvert . DeserializeObject ( sanitized ) as JObject ;
var userName = json [ "username" ] . Value < string > ( ) ;
2021-10-04 18:10:36 +02:00
if ( sessionIdentifier ! = userName )
{
sessionIdentifier = userName ;
Task . Run ( ( ) = > SessionIdentifierDetected ? . Invoke ( sessionIdentifier ) ) ;
logger . Info ( "EdX session detected." ) ;
}
2020-08-03 14:41:25 +02:00
}
}
catch ( Exception e )
{
logger . Error ( "Failed to parse edX session identifier!" , e ) ;
}
}
}
2021-02-23 15:32:08 +01:00
private void SearchMoodleIdentifier ( IRequest request , IResponse response )
{
var success = TrySearchByLocation ( response ) ;
if ( ! success )
{
TrySearchBySession ( request , response ) ;
}
}
private bool TrySearchByLocation ( IResponse response )
2020-08-03 14:41:25 +02:00
{
var locations = response . Headers . GetValues ( "Location" ) ;
if ( locations ! = default ( string [ ] ) )
{
try
{
2020-12-02 17:43:02 +01:00
var location = locations . FirstOrDefault ( l = > l . Contains ( "/login/index.php?testsession" ) ) ;
2020-08-03 14:41:25 +02:00
if ( location ! = default ( string ) )
{
var userId = location . Substring ( location . IndexOf ( "=" ) + 1 ) ;
2021-10-04 18:10:36 +02:00
if ( sessionIdentifier ! = userId )
{
sessionIdentifier = userId ;
Task . Run ( ( ) = > SessionIdentifierDetected ? . Invoke ( sessionIdentifier ) ) ;
logger . Info ( "Moodle session detected." ) ;
}
2021-02-23 15:32:08 +01:00
return true ;
2020-08-03 14:41:25 +02:00
}
}
catch ( Exception e )
{
logger . Error ( "Failed to parse Moodle session identifier!" , e ) ;
}
}
2021-02-23 15:32:08 +01:00
return false ;
}
2021-03-04 17:25:19 +01:00
private void TrySearchBySession ( IRequest request , IResponse response )
2021-02-23 15:32:08 +01:00
{
var cookies = response . Headers . GetValues ( "Set-Cookie" ) ;
if ( cookies ! = default ( string [ ] ) )
{
var session = cookies . FirstOrDefault ( c = > c . Contains ( "MoodleSession" ) ) ;
if ( session ! = default ( string ) )
{
2021-03-04 17:25:19 +01:00
var requestUrl = request . Url ;
2021-02-23 15:32:08 +01:00
2021-03-04 17:25:19 +01:00
Task . Run ( async ( ) = >
{
try
2021-02-23 15:32:08 +01:00
{
2021-03-04 17:25:19 +01:00
var start = session . IndexOf ( "=" ) + 1 ;
var end = session . IndexOf ( ";" ) ;
var value = session . Substring ( start , end - start ) ;
var uri = new Uri ( requestUrl ) ;
var message = new HttpRequestMessage ( HttpMethod . Get , $"{uri.Scheme}{Uri.SchemeDelimiter}{uri.Host}/theme/boost_ethz/sebuser.php" ) ;
2021-02-23 15:32:08 +01:00
using ( var handler = new HttpClientHandler { UseCookies = false } )
using ( var client = new HttpClient ( handler ) )
{
message . Headers . Add ( "Cookie" , $"MoodleSession={value}" ) ;
2021-03-04 17:25:19 +01:00
var result = await client . SendAsync ( message ) ;
if ( result . IsSuccessStatusCode )
{
var userId = await result . Content . ReadAsStringAsync ( ) ;
2021-10-04 18:10:36 +02:00
if ( int . TryParse ( userId , out var id ) & & id > 0 & & sessionIdentifier ! = userId )
2021-03-04 17:25:19 +01:00
{
#pragma warning disable CS4014
2021-10-04 18:10:36 +02:00
sessionIdentifier = userId ;
Task . Run ( ( ) = > SessionIdentifierDetected ? . Invoke ( sessionIdentifier ) ) ;
2021-03-04 17:25:19 +01:00
logger . Info ( "Moodle session detected." ) ;
2021-10-04 18:10:36 +02:00
#pragma warning restore CS4014
2021-03-04 17:25:19 +01:00
}
}
else
{
logger . Error ( $"Failed to retrieve Moodle session identifier! Response: {result.StatusCode} {result.ReasonPhrase}" ) ;
}
2021-02-23 15:32:08 +01:00
}
2021-03-04 17:25:19 +01:00
}
catch ( Exception e )
2021-02-23 15:32:08 +01:00
{
2021-03-04 17:25:19 +01:00
logger . Error ( "Failed to parse Moodle session identifier!" , e ) ;
2021-02-23 15:32:08 +01:00
}
2021-03-04 17:25:19 +01:00
} ) ;
2021-02-23 15:32:08 +01:00
}
}
2020-08-03 14:41:25 +02:00
}
2019-09-10 11:01:49 +02:00
}
}