Posted By

stoyan on 08/07/09


Tagged

javascript c xss proxy


Versions (?)

Who likes this?

2 people have marked this snippet as a favorite

umang_nine
danfinrud55


C# proxy for JavaScript applications


 / Published in: C#
 

*save as proxy.asxh and put it in your IIS virtual directory *consider using other methods to circumvent XSS: JSONP, dojox.io.xhrWindowNamePlugin, etc.

  1. <%@ WebHandler Language="C#" Class="proxy" %>
  2. /*
  3.   This proxy page does not have any security checks. It is highly recommended
  4.   that a user deploying this proxy page on their web server, add appropriate
  5.   security checks, for example checking request path, username/password, target
  6.   url, etc.
  7. */
  8. using System;
  9. using System.Web;
  10.  
  11. public class proxy : IHttpHandler {
  12.  
  13. public void ProcessRequest (HttpContext context) {
  14.  
  15. string uri = context.Request.QueryString[0];
  16. System.Net.WebRequest req = System.Net.WebRequest.Create(new Uri(uri));
  17. req.Method = context.Request.HttpMethod;
  18.  
  19. byte[] bytes = new byte[context.Request.InputStream.Length];
  20. context.Request.InputStream.Read(bytes,0,(int)context.Request.InputStream.Length);
  21. req.ContentLength = bytes.Length;
  22. req.ContentType = "application/x-www-form-urlencoded";
  23. System.IO.Stream outputStream = req.GetRequestStream();
  24. outputStream.Write(bytes, 0, bytes.Length);
  25. outputStream.Close();
  26.  
  27. System.Net.WebResponse res = req.GetResponse();
  28. context.Response.ContentType = res.ContentType;
  29.  
  30. System.IO.StreamReader sr = new System.IO.StreamReader(res.GetResponseStream());
  31. string strResponse = sr.ReadToEnd();
  32. context.Response.Write(strResponse);
  33. context.Response.End();
  34. }
  35.  
  36. public bool IsReusable {
  37. get {
  38. return false;
  39. }
  40. }
  41.  
  42. }

Report this snippet  

You need to login to post a comment.