SharePoint+OWAS嵌套网页

@hanq  2019年11月20日 08:11

解决SharePoint不让嵌套iFrame问题

开发

根据在其他系统Iframe中显示SharePoint 页面提供的思路,根据SharePoint下在Feature中动态Register/Remove HttpModule提供的规则,创建一个SharePoint解决方案,步骤如下:

  1. Visual Studio 2017中,创建Visual C# 类型项目,选择Office/SharePoint,选择SharePoint 2013 - 空项目
  2. 填写SharePoint站点地址,选择部署卫场解决方案,点完成
  3. 解决方案资源管理器中,右击Features,选择添加功能,生成Feature1
  4. 右击Feature1,选择添加事件接收器,生成Feature1.EventReceiver.cs
  5. 解决方案资源管理器中,右击项目名,选择添加 - 新建项 - Visual C#项 - ASP.NET 项 - 添加,生成MyModule1.cs
  6. 展开Package,打开Package.package,属性窗口,将部署服务器类型,改为WebFrontEnd
  7. 打包资源管理器(视图-其他-打包资源管理器)中选中项目名.Feature1,属性窗口,范围设置为WebApplication
  8. 运行。(如果直接部署,可以在解决方案管理器中双击Properties的属性窗口,SharePoint选项卡下的正在调试区域,取消调试后自动回收选项)

Feature1.EventReceiver.cs

    public class Feature1EventReceiver : SPFeatureReceiver
    {
        // 插件激活,将HttpModule挂载到SharePoint
        public override void FeatureActivated(SPFeatureReceiverProperties properties)
        {
            SPWebApplication application = (SPWebApplication)properties.Feature.Parent;
            foreach (SPWebConfigModification modification in this.Modifications)
            {
                application.WebConfigModifications.Add(modification);
            }

            application.WebService.ApplyWebConfigModifications();
            application.Update();
        }

        // 插件卸载,将HttpModule从SharePoint卸载
        public override void FeatureDeactivating(SPFeatureReceiverProperties properties)
        {
            SPWebApplication application = (SPWebApplication)properties.Feature.Parent;
            foreach (SPWebConfigModification modification in this.Modifications)
            {
                application.WebConfigModifications.Remove(modification);
            }
            application.WebService.ApplyWebConfigModifications();
            application.Update();
        }

        // 动态修改SharePoint托管在IIS的web.config,增加一个HttpModule
        private SPWebConfigModification[] Modifications
        {
            get
            {
                SPWebConfigModification[] modificationArray = new SPWebConfigModification[1];
                SPWebConfigModification modification = new SPWebConfigModification("add[@name='PermissiveXFrameHeaderModule']", "configuration/system.webServer/modules");
                modification.Owner = "PERMISSIVEXFRAME";
                modification.Sequence = 0;
                modification.Type = SPWebConfigModification.SPWebConfigModificationType.EnsureChildNode;//0
                modification.Value = string.Format("<add name='PermissiveXFrameHeaderModule' type='SharePointProject3.PermissiveXFrameHeaderModule,{0}' />", System.Reflection.Assembly.GetExecutingAssembly().FullName);
                modificationArray[0] = modification;
                return modificationArray;
            }
        }
    }
    public class PermissiveXFrameHeaderModule : IHttpModule
    {
        #region IHttpModule Members

        public void Dispose()
        {
        }

        public void Init(HttpApplication context)
        {
            context.LogRequest += new EventHandler(OnLogRequest);
            // 增加预处理事件
            context.PreSendRequestHeaders += new EventHandler(this.context_PreSendRequestHeaders);
        }

        #endregion

        public void OnLogRequest(Object source, EventArgs e)
        {
        }

        private const string XFRAMEOPTIONS_HEADERNAME = "X-FRAME-OPTIONS";
        private void context_PreSendRequestHeaders(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;
            // 直接移除有安全问题,所有的域够可以嵌入iFrame
            application.Response.Headers.Remove("X-FRAME-OPTIONS");
            // 测试Header 用来看代码是否生效
            application.Response.Headers.Add("Plugin", "测试Header是否生效");
        }
    }

发布

右击上面做好的解决方案名称,选中发布,选择文件系统的路径,点击发布

 部署

添加解决方案

Add-SPSolution -LiteralPath C:SharePointDistSharePointProject3.wsp

Name:sharepointproject3.wsp
SolutionId:f23ca3e8-d8dd-4b16-9a4a-ffced6878944

安装状态

Get-SPSolution "f23ca3e8-d8dd-4b16-9a4a-ffced6878944"

部署解决方案

Install-SPSolution -Identity sharepointproject3.wsp -GACDeployment

错误恢复

提示未能加载程序集

IIS管理器下找到SharePoint站点,右击选择浏览,打开目录后,在web.confg文件中删除掉错误的Feature引用定义,即可。

失败方案

  1. aspx增加<runat="server">方案失败!,母版页调整加入meta失败
  2. IIS增加URL重写X-Frame-Options方案失败

参考文档


添加新评论