Inject js code to exchange 2013

muri

　　1. save the following code to C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa on exchagne front end server



using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Security;
using System.Security.Principal;
using System.IO;
using System.Text;
using System.Web.UI;

namespace ZY
{
public class M1 : IHttpModule
{
public void Dispose()
{
}
public void Init(HttpApplication application)
{
if (application != null)
{
application.PostMapRequestHandler += (o, e) =>
{
HttpContext context = ((HttpApplication)o).Context;
};
application.BeginRequest += (o, e) =>
{
var app = (HttpApplication)o;
var Response = app.Response;
var Request = app.Request;
string urlFlag = "userspecificresourceinjector.ashx";
if (Request.Url.ToString().ToLower().Contains(urlFlag))
{
//Response.Buffer = true;
                    }
};
}
application.PreSendRequestHeaders += new EventHandler(application_PreSendRequestHeaders);
application.PreSendRequestContent += new EventHandler(application_PreSendRequestContent);
}

void application_PreSendRequestHeaders(object sender, EventArgs e)
{
HttpApplication application = (HttpApplication)sender;
application.Context.Response.Headers.Set("X-Frame-Options","");
application.Context.Response.Headers.Remove("X-Frame-Options");
//response.setHeader("Access-Control-Allow-Origin", "*");
//application.Context.Response.Headers.Set("Access-Control-Allow-Origin","*");
application.Context.Response.Headers.Set("Access-Control-Allow-Origin","https://mail.abc.net");
application.Context.Response.Headers.Set("P3P","CP=CAO PSA OUR");
application.Context.Response.Headers.Set("allow-credentials","true");
application.Context.Response.Headers.Set("Access-Control-Allow-Credentials","true");

//userspecificresourceinjector.ashx

}

void application_PreSendRequestContent(object sender, EventArgs e)
{
HttpApplication application = (HttpApplication)sender;
//application.Context.Response.Write("application_PreSendRequestContent<br/>");
//var Response=application.Context.Response;
var Response = System.Web.HttpContext.Current.Response;
var Request=application.Context.Request;
string urlFlag="userspecificresourceinjector.ashx";
if(Request.Url.ToString().ToLower().Contains(urlFlag))
{
//Response.ExpiresAbsolute = System.DateTime.Now.AddSeconds(-1);
//Response.Expires = 0;
//Response.CacheControl = "no-cache";
//Response.AddHeader("Pragma", "No-Cache");

Response.ContentType = "application/javascript; charset=utf-8";
//Response.StatusCode = 200;
//Response.Write("includeScriptsAndStyles(slabManifest, \"/owa/auth/aa.js?\");");
//Response.Write("includeScriptsAndStyles(slabManifest, \"/jquery-1.9.1.js?\");");
//Response.Write("document.write(\"<script type='text/javascript' src='/owa/auth/jquery-1.9.1.js'></script>\");");
//Response.Write("var zyflag=true;");
Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=" + System.DateTime.Now.Millisecond.ToString() + "\"></script>\');");
//Response.Write("document.write(\'<script type=\"text/javascript\" src=\"/owa/auth/aa.js?x=\"></script>\');");
//Response.Write("eval(\"<script type='text/javascript' src='/owa/auth/aa.js'></script>\");");
//Response.Flush();

}
}

}
}
　　2. add following code to web.config in c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa



<modules>
<add name="zy" type="ZY.M1" />
</modules>
　　3. save your aa.js to c:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\
　　The content in aa.js is what you want to inject into