xampp/wamp based Apache server custom reply

Question

How can I send a custom response upon a custom request on a xampp/wamp based Apache server upon a connection to a specific port?

I'm trying to reply to the \0 a flash app is requesting in order to allow a crossdomain http GET request.

The flash policy request, is made to port 843 by default and i'd like to keep it that way.

The port should get a \0 (ending with a null char,\0 is just for the reference) and replying with something like:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
    <cross-domain-policy>
        <site-control permitted-cross-domain-policies="master-only"/>
        <allow-http-request-headers-from domain="*" headers="*" secure="true" />
      <allow-access-from domain="*" to-ports="*" />
    </cross-domain-policy>

As far as i know, the request should be return as a plain text, although Content-type, might be needed as well.

I've tried using the following: http://socketpolicyserver.com/ and although it listens to the port and accepts connections, it doesn't reply with the specified xml upon request.

Any methods / ways of achieving a proper reply will be appreciated,

with regards,

Mike.

!---UPDATE--->

I wrote a simple C# web server which listens to port 843, and serves the aforementioned policy - it worked out just fine, however, when using a SecureSocket connection for a secure connection (i.e opening a socket to a HTTPS/SSL protocol) - the request that is sent is encrypted using the hosts certificate. As far as i know, there's no way of listening or acquiring the servers certificate and decrypting the data via an external app hence, the only way is to somehow 'teach' Apache to respond with the crossdomain policy after a proper request is sent via an appropriate port.

Another idea i have is to read the server's certificate file stored in the Apache directory regardless of what happens on the server itself, though imo it's an overkill.

Would love to hear your comments,

Mike.

Answer 1

So here's how i eventually solved it:

I've used this guys code with some modifications: http://www.switchonthecode.com/tutorials/csharp-tutorial-simple-threaded-tcp-server

and created a simple multithreaded web server that listens to port 843, and provides a somewhat general policy upon the appropriate flash request.

There were several examples provided by Adobe, but for some reason, windows didn't like those.

Also note that if you're using the SecureSocket object of flash it should allegedly use the target servers (IIS'/Apaches'/Tomcats' etc..) SSL credentials and will initiate a client Authentication using the public key of the target servers certificate, then again, it might not so this code doesn't have SSL support, although i've started implementing one using C#'s SSL Streams, so far without any luck. If you can make it work via SSL, please let me know.

Hope this code will help,

Mike.

using System;
using System.Text;
using System.Net.Sockets;
using System.Threading;
using System.Net;
using System.IO;

namespace TCPSexyServer
{
    class Server
{
    private TcpListener tcpListener;
    private Thread listenThread;

    private void ListenForClients(int p)
    {
        throw new NotImplementedException();
    }

    public Server()
    {
        this.tcpListener = new TcpListener(IPAddress.Any, 843);
        this.listenThread = new Thread(new ThreadStart(ListenForClients));
        this.listenThread.Start();
    }

    private void ListenForClients()
    {
        this.tcpListener.Start();

        while (true)
        {
            //blocks until a client has connected to the server
            TcpClient client = this.tcpListener.AcceptTcpClient();

            //create a thread to handle communication 
            //with connected client
            Thread clientThread = new Thread(new ParameterizedThreadStart(HandleClientComm));
            clientThread.Start(client);
        }
    }

    private void HandleClientComm(object client)
    {
        TcpClient tcpClient = (TcpClient)client;
        NetworkStream clientStream = tcpClient.GetStream();
        byte[] message = new byte[4096];
        int bytesRead;

        while (true)
        {
            bytesRead = 0;

            try
            {
                //blocks until a client sends a message
                bytesRead = clientStream.Read(message, 0, 4096);
            }
            catch
            {
                //a socket error has occured
                break;
            }

            if (bytesRead == 0)
            {
                //the client has disconnected from the server
                break;
            }

            //message has successfully been received

            UTF8Encoding encoder = new UTF8Encoding();

            string sentData = encoder.GetString(message, 0, bytesRead);
            Console.WriteLine(sentData);
            if (sentData == "<policy-file-request/>\0")
            {
                String policy = "<?xml version=\"1.0\"?>\n" +
                                "<!DOCTYPE cross-domain-policy SYSTEM \"/xml/dtds/cross-domain-policy.dtd\">\n" +
                                "<cross-domain-policy>\n" +
                                "<site-control permitted-cross-domain-policies=\"master-only\"/>\n" +
                                "<allow-http-request-headers-from domain=\"*\" headers=\"*\" secure=\"true\" />\n" +
                                "<allow-access-from domain=\"*\" to-ports=\"*\" />\n" +
                                "</cross-domain-policy>\0";
                byte[] buffer = encoder.GetBytes(policy);
                clientStream.Write(buffer, 0, buffer.Length);
                clientStream.Flush();
                Console.WriteLine(policy);
            }
            else
            {
                tcpClient.Close();
            }
            System.Diagnostics.Debug.WriteLine(encoder.GetString(message, 0, bytesRead));
        }

        tcpClient.Close();
    }

        public static void Main(string[] args)
        {
            Server blah = new Server();
       }

    }
}