admin/FcltISAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

user_key logging gebaseerd op een userid cookie

Browse Source 
svn path=/FcltISAPI/trunk/; revision=20246
This commit is contained in:
Jos Groot Lipman
2013-12-20 20:14:34 +00:00
parent b163403964
commit c073ade075
1 changed files with 104 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
fcltisapi.cpp
View File

@@ -4,28 +4,36 @@
#include "tchar.h"
#include "strsafe.h"
#define FCLT_ISAPI_VERSION "0.91"
// http://believeinmiraclesx.wordpress.com/2013/11/19/isapi-filter-set-httponly-for-mulitple-cookies/
// http://stackoverflow.com/questions/17649213/how-to-set-multiple-cookies-in-isapi-filter
#define bufferSize 4096 // increase size if using many cookies
#define fclt_userid_cookie "userid"
DWORD OnPreprocHeaders (HTTP_FILTER_CONTEXT* pFC,
HTTP_FILTER_PREPROC_HEADERS* pHeaderInfo)
{
//pHeaderInfo->SetHeader(pFC,"FCLT_VERSION:","123"); // komt niet in Request.Servervariables?
//pHeaderInfo->SetHeader(pFC,"FCLT-VERSION:","123"); // Request.Servervariables("HTTP_FCLT_VERSION");
//pHeaderInfo->SetHeader(pFC,"FCLT_VERSION:", FCLT_ISAPI_VERSION); // komt niet in Request.Servervariables?
pHeaderInfo->SetHeader(pFC,"FCLT-VERSION:", FCLT_ISAPI_VERSION); // Request.Servervariables("HTTP_FCLT_VERSION");
return 0;
}
// Onderschept alle uitgaande cookies en plakt er httponly achteraan
DWORD OnSendResponse (HTTP_FILTER_CONTEXT* pFC,
HTTP_FILTER_SEND_RESPONSE* pResponseInfo)
{
// Hard coded cookie length (2k bytes)
CHAR szCookie[2048];
DWORD cbCookieOriginal = sizeof(szCookie) / sizeof(szCookie[0]);
DWORD cbCookie = cbCookieOriginal;
DWORD cbCookie = sizeof(szCookie) / sizeof(szCookie[0]);
CHAR *szHeader = "Set-Cookie:";
CHAR *szHttpOnly = "; HttpOnly";
if (pResponseInfo->GetHeader(pFC,szHeader,szCookie,&cbCookie))
{
if (SUCCEEDED(StringCchCat(szCookie,
/* http://msdn.microsoft.com/en-us/library/ms972826 ondersteunt maar <20><>n cookie
if (SUCCEEDED(StringCchCat(szCookie,
cbCookieOriginal,
szHttpOnly)))
{
@@ -39,8 +47,49 @@ DWORD OnSendResponse (HTTP_FILTER_CONTEXT* pFC,
else
{
pResponseInfo->SetHeader(pFC,szHeader,"");
}
}
}*/
// Met meerdere cookies
// ASPFIXATION=UWVAnJAYKAozuKPNBuKpCIINamAJZqMwRhut; path=/Facilitor5iWork/,userid=33083; path=/Facilitor5iWork/
// maar pas op met:
// fcltidxxxx; expires=Sun, 16-Dec-2012 21:54:34 GMT; path=/Facilitor5iWork/
// Daar zit wel een komma in maar toch is het maar <20><>n cookie
//pResponseInfo->SetHeader(pFC,szHeader,""); // alle standaard cookies wissen? Waarom?
CHAR outCookie[2048];
DWORD cboutCookie = sizeof(outCookie) / sizeof(outCookie[0]);
char * token;
char *next_token = NULL;
// the last occurence of semicolon
char * semi;
token = strtok_s (szCookie,",", &next_token);
while (token != NULL)
{
strcpy_s(outCookie, token);
// Eindigt de cookie tot zoverre op 'expires=Sun'?
char *expires = strstr ( token, "expires=");
if (expires + strlen("expires=Sun") == token + strlen(token) )
{ // plak dan het volgende token er ook nog achter
token = strtok_s (NULL, ",", &next_token);
if (token != NULL)
strcat_s (outCookie, cboutCookie, token);
}
semi = strrchr(token, ';');
//if the last character is ;
if (semi - token == strlen(token) - 1){
strcat_s (outCookie, cboutCookie, " HttpOnly");
}
else{
strcat_s (outCookie, cboutCookie, "; HttpOnly");
}
pResponseInfo->SetHeader(pFC, szHeader, outCookie); // 1-voor-1 terug
memset(outCookie, 0, cboutCookie);
token = strtok_s (NULL, ",", &next_token);
}
}
// Altijd Server: Microsoft-IIS/6.0 verwijderen
pResponseInfo->SetHeader(pFC, "Server:", "FACILITOR");
@@ -52,6 +101,48 @@ DWORD OnSendResponse (HTTP_FILTER_CONTEXT* pFC,
return SF_STATUS_REQ_NEXT_NOTIFICATION;
}
char *getUserName(char buffer[])
{
char seps[] = ";= "; //cookies are separated by ; values by = then ignore spaces
char *token;
char *next_token = NULL;
token = strtok_s ( buffer, seps, &next_token );
while( token != NULL ){
/* While there are tokens in "buffer" */
if (!strcmp(token, fclt_userid_cookie))
{
token = strtok_s ( NULL, seps, &next_token );
if (strlen(token) < 32)
return token;
else
return "too_long_userid_cookie"; // safety
}
token = strtok_s( NULL, seps, &next_token );
}
return "-\0"; //this is the Anonymous user in the logfiles a "dash"
}
// Onderschept binnenkomende cookies en zoekt naar userid voor de logging
DWORD OnLog(HTTP_FILTER_CONTEXT* pFC, PHTTP_FILTER_LOG pLog)
{
char szBuffer[bufferSize-1] = "\0"; //NULL;
DWORD dwSize = bufferSize;
// Het was gemakkelijker geweest als we hier de uitgaande headers
// konden uitlezen naar helaas
// if (pResponseInfo->GetHeader(pFC,"FCLT_USER_ID:",szCookie,&cbCookie))
// Misschien uitlezen in OnSendResponse en dan bewaren (AllocMem)
// in HTTP_FILTER_CONTEXT::pFilterContext?
pFC->GetServerVariable(pFC, "HTTP_COOKIE", szBuffer, &dwSize);
if (strlen (szBuffer) > 0){
pLog->pszClientUserName = getUserName(szBuffer);
}
return SF_STATUS_REQ_NEXT_NOTIFICATION;
}
BOOL WINAPI GetFilterVersion(
PHTTP_FILTER_VERSION pVer
)
@@ -61,8 +152,9 @@ BOOL WINAPI GetFilterVersion(
/* Notify me when headers have been processed */
pVer->dwFlags = SF_NOTIFY_ORDER_DEFAULT |
SF_NOTIFY_PREPROC_HEADERS |
SF_NOTIFY_SEND_RESPONSE ;
SF_NOTIFY_PREPROC_HEADERS | // Om version toe te voegen
SF_NOTIFY_SEND_RESPONSE | // Om cookies te manipuleren
SF_NOTIFY_LOG; // Om userid te loggen
return TRUE;
};
@@ -82,6 +174,9 @@ DWORD WINAPI HttpFilterProc(
case SF_NOTIFY_SEND_RESPONSE:
dwRet = OnSendResponse( pFC, (PHTTP_FILTER_SEND_RESPONSE) pvData );
break;
case SF_NOTIFY_LOG:
dwRet = OnLog( pFC, (PHTTP_FILTER_LOG) pvData );
break;
default:
dwRet = SF_STATUS_REQ_NEXT_NOTIFICATION;
break;