logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
ntroncoso  
#1 Posted : Wednesday, March 22, 2017 3:41:53 PM(UTC)
ntroncoso


Rank: Guest

Joined: 3/22/2017(UTC)
Posts: 1
United States

I wrote custom SC extension that does 2 very simple things:

Code:
public Guid FindSession(string name)
{
	var session = SessionManagerPool.Demux.GetSessions().FirstOrDefault(s => s.Name == name);
	if (session == null)
		 return new Guid();
	
	return session.SafeNav(s => s.SessionID);
}

public Guid FindOrCreateSession(string name, string host)
{
	var session = SessionManagerPool.Demux.GetSessions().FirstOrDefault(s => s.Name == name);
	
	if (session == null)
		session = SessionManagerPool.Demux.CreateSession(SessionType.Support, name, host, false, name);
		
	return session.SafeNav(s => s.SessionID);
}


As you can see, the second method "FindOrCreateSession" is just a copy of what came from the start template. It still seems to work.

The first method "FindSession" is what doesn't work. It is suppose to get a session Guid by name, if it exists. That's all.

I use this in PHP like this:

Code:
$session = file_get_contents("https://sc.company.com/App_Extensions/68646de4-bab4-4a1b-aa17-4271b3d3defb/Service.ashx/FindSession/" . $sessionName);
if (!empty($session) && trim($session, '"') != "00000000-0000-0000-0000-000000000000")
{
    // The session exists. Do things
}
else
{
    // Session does not exist. Do other things
}


My issue, after upgrading from 5.6.10957.6018 > 6.1.12292.6236, is that the method always returns "00000000-0000-0000-0000-000000000000" now.

I did some digging, and it turns out that the name being passed in is always null. I test this with an example method:

Code:
public string test(string name)
{
    return "name===" + name + "===";
}


Calling:

Quote:
https://sc.company.com/App_Extensions/68646de4-bab4-4a1b-aa17-4271b3d3defb/Service.ashx/test/SampleSessionName


Will return "name======"

What has changed that this doesn't work anymore?
Alexander  
#2 Posted : Thursday, March 23, 2017 4:23:02 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 713
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
In 6.0, we disabled passing web-method parameters via GET to protect against CSRF attacks.
You'll need to send the request as POST, with the parameters as a JSON array in the body of the request (like ["sessionname"] or ["sessionname", "host"]).

(Alternatively, you could put <add key="WebServiceAllowHttpGetOperations" value="true" /> in your web.config to make it act like before, but that's not recommended as a long-term fix.)
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.