none
Using HttpListener for peer-to-peer communication? RRS feed

  • Question

  • So if we want external requests to hit the http server we've hosted with this listener...do we have to add prefix like follows:

    HttpListener server = new HttpListener();
    server.Prefixes.Add("http://*:8080"); //Note the '*'

    Because listening on all interfaces requires elevated permissions. And that may be a problem.

    -Arun


    I am a bundle of mistakes intertwined together with good intentions

    Friday, February 10, 2017 2:31 AM

All replies

  • Hi Arun,

    >> do we have to add prefix like follows

    Yes, to receive all requests sent to port 8080 when the requested URI is not handled by any HttpListener, the prefix is "http://*:8080/". Similarly, to specify that the HttpListener accepts all requests sent to a port, replace the host element with the "+" character, "https://+:8080".

    >> And that may be a problem.

    What is the problem for elevated permission? If the current login account is not admin, you could try below code in Command Prompt under admin account to grant permission, and then no-admin account would be able to run above code.

    netsh http add urlacl url=http://+:1111/ user=Everyone

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, February 10, 2017 8:03 AM
  • But would this be the same principle rdpclip.exe uses? Or does it use some proprietary protocol?

    But why this access restriction? I recall TcpListener listening on any port doesn't have such access problems as far as I can recall.


    I am a bundle of mistakes intertwined together with good intentions

    Friday, February 10, 2017 12:04 PM
  • Hi deostroll,

    >> why this access restriction?

    I think it is related with the different implementation of HttpListener and TcpListener.

    Based on source code of HttpListener, it will call AddAllPrefixes() in the Start(), and HttpAddUrlToUrlGroup will check the permission.

    But for TcpListener, Start() will call Listen(int backlog) which will not check access permission, the verification is done for Bind, Bind(EndPoint localEP) will create the permission the user would need for the call.

    Here is related code for creating permission.

    //
                // for now security is implemented only on IPEndPoint
                // If EndPoint is of other type - unmanaged code permisison is demanded
                //
                if (ipSnapshot != null)
                {
                    // Take a snapshot that will make it immutable and not derived.
                    ipSnapshot = ipSnapshot.Snapshot();                                
                    // DualMode: Do the security check on the users IPv4 address, but map to IPv6 before binding.
                    endPointSnapshot = RemapIPEndPoint(ipSnapshot);
     
                    //
                    // create the permissions the user would need for the call
                    //
                    SocketPermission socketPermission
                        = new SocketPermission(
                            NetworkAccess.Accept,
                            Transport,
                            ipSnapshot.Address.ToString(),
                            ipSnapshot.Port);
                    //
                    // demand for them
                    //
                    socketPermission.Demand();
     
                    // Here the permission check has succeded.
                    // NB: if local port is 0, then winsock will assign some>1024,
                    //     so assuming that this is safe. We will not check the
                    //     NetworkAccess.Accept permissions in Receive.
                }
                else {
                    //<
     
     
     
     
     
                    ExceptionHelper.UnmanagedPermission.Demand();
                }
    

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, February 13, 2017 5:09 AM