Table of Contents
Sharepoint in place Office Editing protocol
Overview
Sharepoint offers to the users a powerful mechanism: it allows them to “edit” office documents and save them back in the sharepoint site transparently: no upload or dowload procedures are in place: the user points to the document, the document opens itself automagically and the changes made are saved back into the sharepoint again when the edition is ended.
I've investigated what's behind the scenes in this feature of sharepoint and it seems that there
is a SOAP communication between Internet Explorer in the first place and word in the second
place. In the case of the “open with windows explorer” feature, the communication that takes place
is between the sharepoint server and a process called svchost.exe
.
Tools
- A sledgehammer
- Internet Explorer
- a running Sharepoint server
What happens when the user opens for editing on a word document in a sharepoint server
I will put all the sessions in webtest format. It's an xml format that more or less explain itself:
<?xml version="1.0" encoding="utf-8"?> <TestCase Name="FiddlerGeneratedWebTest" Id="" Owner="" Description="" Priority="0" Enabled="True" CssProjectStructure="" CssIteration="" DeploymentItemsEditable="" CredentialUserName="" CredentialPassword="" PreAuthenticate="True" Proxy="" RequestCallbackClass="" TestCaseCallbackClass=""> <Items> <Request Method="GET" Version="1.1" Url="https://mysharepointserver/dga/_layouts/inplview.aspx" ThinkTime="10" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="DNT" Value="1" /> </Headers> <QueryStringParameters> <QueryStringParameter Name="Cmd" Value="Ctx" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="List" Value="{0CAABD41-0FDF-4E19-ACCA-B45E35FE2C7A}" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="View" Value="{1CE3C326-0401-44C4-80EB-B6EF9C52EF25}" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="ViewCount" Value="48" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="IsXslView" Value="TRUE" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="Field" Value="LinkFilename" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="ID" Value="1" UrlEncode="True" UseToGroupResults="False" /> <QueryStringParameter Name="ListViewPageUrl" Value="https://mysharepointserver/dga/stuff/Forms/AllItems.aspx" UrlEncode="True" UseToGroupResults="False" /> </QueryStringParameters> </Request> <Request Method="OPTIONS" Version="1.1" Url="https://mysharepointserver/dga/stuff/" ThinkTime="2" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers /> </Request> <!--- FROM THIS POINT, MICROSOFT WORD TAKES CONTROL OF THE DOWNLOAD PROCESS ---> <Request Method="GET" Version="1.1" Url="https://mysharepointserver/_vti_inf.html" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Date" Value="Thu, 03 Dec 2015 14:11:11 GMT" /> <Header Name="MIME-Version" Value="1.0" /> </Headers> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/_vti_bin/shtml.dll/_vti_rpc" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Date" Value="Thu, 03 Dec 2015 14:11:12 GMT" /> <Header Name="MIME-Version" Value="1.0" /> <Header Name="Content-Type" Value="application/x-www-form-urlencoded" /> <Header Name="X-Vermeer-Content-Type" Value="application/x-www-form-urlencoded" /> </Headers> <FormPostHttpBody ContentType="application/x-www-form-urlencoded"> <FormPostParameter Name="method" Value="server version:14.0.0.7001" UrlEncode="True" /> </FormPostHttpBody> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/_vti_bin/shtml.dll/_vti_rpc" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Date" Value="Thu, 03 Dec 2015 14:11:12 GMT" /> <Header Name="MIME-Version" Value="1.0" /> <Header Name="Content-Type" Value="application/x-www-form-urlencoded" /> <Header Name="X-Vermeer-Content-Type" Value="application/x-www-form-urlencoded" /> </Headers> <FormPostHttpBody ContentType="application/x-www-form-urlencoded"> <FormPostParameter Name="method" Value="url to web url:14.0.0.6129" UrlEncode="True" /> <FormPostParameter Name="url" Value="/dga/stuff/test.docx" UrlEncode="True" /> <FormPostParameter Name="flags" Value="0" UrlEncode="True" /> </FormPostHttpBody> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/dga/_vti_bin/_vti_aut/author.dll" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Date" Value="Thu, 03 Dec 2015 14:11:12 GMT" /> <Header Name="MIME-Version" Value="1.0" /> <Header Name="Content-Type" Value="application/x-www-form-urlencoded" /> <Header Name="X-Vermeer-Content-Type" Value="application/x-www-form-urlencoded" /> </Headers> <FormPostHttpBody ContentType="application/x-www-form-urlencoded"> <FormPostParameter Name="method" Value="open service:14.0.0.6129" UrlEncode="True" /> <FormPostParameter Name="service_name" Value="/dga" UrlEncode="True" /> </FormPostHttpBody> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/dga/_vti_bin/_vti_aut/author.dll" ThinkTime="2" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Date" Value="Thu, 03 Dec 2015 14:11:12 GMT" /> <Header Name="MIME-Version" Value="1.0" /> <Header Name="Content-Type" Value="application/x-www-form-urlencoded" /> <Header Name="X-Vermeer-Content-Type" Value="application/x-www-form-urlencoded" /> </Headers> <FormPostHttpBody ContentType="application/x-www-form-urlencoded"> <FormPostParameter Name="method" Value="getDocsMetaInfo:14.0.0.6129" UrlEncode="True" /> <FormPostParameter Name="url_list" Value="[https://mysharepointserver/dga/stuff/test.docx;https://mysharepointserver/dga/stuff]" UrlEncode="True" /> <FormPostParameter Name="listHiddenDocs" Value="false" UrlEncode="True" /> <FormPostParameter Name="listLinkInfo" Value="false" UrlEncode="True" /> </FormPostHttpBody> </Request> <Request Method="HEAD" Version="1.1" Url="https://mysharepointserver/dga/stuff/test.docx" ThinkTime="1" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers /> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/dga/_vti_bin/cellstorage.svc/CellStorageService" ThinkTime="26" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Pragma" Value="no-cache" /> <Header Name="Content-Type" Value="multipart/related; type="application/xop+xml"; boundary="urn:uuid:78860c35-0752-46ea-8dec-c424c086534a"; start="<c7d89fa5-b62d-4b78-86c5-141dd2e21bf6@tempuri.org>"; start-Info="text/xml; charset=utf-8"" /> <Header Name="SOAPAction" Value=""http://schemas.microsoft.com/sharepoint/soap/ICellStorages/ExecuteCellStorageRequest"" /> </Headers> <StringHttpBody ContentType="multipart/related; type="application/xop+xml"; boundary="urn:uuid:78860c35-0752-46ea-8dec-c424c086534a"; start="<c7d89fa5-b62d-4b78-86c5-141dd2e21bf6@tempuri.org>"; start-Info="text/xml; charset=utf-8"">BsAD0AIgBoAHQAdABwAHMAOgAvAC8AdwB0AHIAYQBiAGEAagBhAG4AZABvAGoAdQBuAHQAbwB....YANQAzADQAYQAtAC0ADQAKAA==</StringHttpBody> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/_vti_bin/webs.asmx" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Content-Type" Value="text/xml; charset=utf-8" /> <Header Name="SOAPAction" Value="http://schemas.microsoft.com/sharepoint/soap/WebUrlFromPageUrl" /> <Header Name="X-Office-Version" Value="14.0.7128" /> </Headers> <StringHttpBody ContentType="text/xml; charset=utf-8">PAA/A....QA+AAoA</StringHttpBody> </Request> </Items> </TestCase>
What happens when the user clicks on the "save" button on word
<!--- THIS REQUEST ARE ISSUED FROM WORD ---> <?xml version="1.0" encoding="utf-8"?> <TestCase Name="FiddlerGeneratedWebTest" Id="" Owner="" Description="" Priority="0" Enabled="True" CssProjectStructure="" CssIteration="" DeploymentItemsEditable="" CredentialUserName="" CredentialPassword="" PreAuthenticate="True" Proxy="" RequestCallbackClass="" TestCaseCallbackClass=""> <Items> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/dga/_vti_bin/cellstorage.svc/CellStorageService" ThinkTime="4" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Pragma" Value="no-cache" /> <Header Name="Content-Type" Value="multipart/related; type="application/xop+xml"; boundary="urn:uuid:203b806c-1c05-4d67-8a49-997fdac01720"; start="<a84ee7f4-7cb0-4f44-9aa1-fd26bef7a882@tempuri.org>"; start-Info="text/xml; charset=utf-8"" /> <Header Name="SOAPAction" Value=""http://schemas.microsoft.com/sharepoint/soap/ICellStorages/ExecuteCellStorageRequest"" /> </Headers> <StringHttpBody ContentType="multipart/related; type="application/xop+xml"; boundary="urn:uuid:203b806c-1c05-4d67-8a49-997fdac01720"; start="<a84ee7f4-7cb0-4f44-9aa1-fd26bef7a882@tempuri.org>"; start-Info="text/xml; charset=utf-8"">(A LOT OF STUFF GOES HERE)kAGEAYwAwADEANwAyADAALQAtAA0ACgA=</StringHttpBody> </Request> <Request Method="POST" Version="1.1" Url="https://mysharepointserver/dga/_vti_bin/cellstorage.svc/CellStorageService" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Pragma" Value="no-cache" /> <Header Name="Content-Type" Value="multipart/related; type="application/xop+xml"; boundary="urn:uuid:2a3a2e2a-5623-4780-8def-84feb83db219"; start="<10b084df-1ede-4ecf-9512-dfe7470d095b@tempuri.org>"; start-Info="text/xml; charset=utf-8"" /> <Header Name="SOAPAction" Value=""http://schemas.microsoft.com/sharepoint/soap/ICellStorages/ExecuteCellStorageRequest"" /> </Headers> <StringHttpBody ContentType="multipart/related; type="application/xop+xml"; boundary="urn:uuid:2a3a2e2a-5623-4780-8def-84feb83db219"; start="<10b084df-1ede-4ecf-9512-dfe7470d095b@tempuri.org>"; start-Info="text/xml; charset=utf-8"">(A LOT OF STUFF GOES HERE)4AdAAtAEkARAA6ACAAPAAxADAAYgAwADgANABkAGYALQAxAGUAZABlAC0ANABlAGMAZgAtADkANQAxADIALQBkAGYAZQA3ADQANwAwAGQAMAA5ADUAYgBAAHQAZQBtAHAAdQByAGkALgBvAHIAZwA+AA0ACgBDAG8AbgB0AGUAbgB0AC0AVAByAGEAbgBzAGYAZQByAC0ARQBuAGMAbwBkAGkAbgBnADoAIAA4AGIAaQB0AA0ACgBDAG8AbgB0AGUAbgB0AC0AVAB5AHAAZQA6ACAAYQBwAHAAbABpAGMAYQB0AGkAbwBuAC8AeABvAHAAKwB4AG0AbAA7AGMAaABhAHIAcwBlAHQAPQB1AHQAZgAtADgAOwB0AHkAcABlAD0AIgB0AGUAeAB0AC8AeABtAGwAOwAgAGMAaABhAHIAcwBlAHQAPQB1AHQAZgAtADgAIgANAAoADQAKADwAcwA6AEUAbgB2AGUAbABvAHAAZQAgAHgAbQBsAG4AcwA6AHMAPQAiAGgAdAB0AHAAOgAvAC8AcwBjAGgAZQBtAGEAcwAuAHgAbQBsAHMAbwBhAHAALgBvAHIAZwAvAHMAbwBhAHAALwBlAG4AdgBlAGwAbwBwAGUALwAiAD4APABzADoAQgBvAGQAeQA+ADwAUgBlAHEAdQBlAHMAdABWAGUAcgBzAGkAbwBuACAAVgBlAHIAcwBpAG8AbgA9ACIAMgAiACAATQBpAG4AbwByAFYAZQByAHMAaQBvAG4APQAiADAAIgAgAHgAbQBsAG4AcwA9ACIAaAB0AHQAcAA6AC8ALwBzAGMAaABlAG0AYQBzAC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvAHMAaABhAHIAZQBwAG8AaQBuAHQALwBzAG8AYQBwAC8AIgAvAD4APABSAGUAcQB1AGUAcwB0AEMAbwBsAGwAZQBjAHQAaQBvAG4AIABDAG8AcgByAGUAbABhAHQAaQBvAG4ASQBkAD0AIgB7ADAAMAAyAEYARABGADEAOAAtAEQAQwAyADgALQA0ADcAQgA4AC0AQgAyADYAMgAtADUAMQA2ADMANgAxADIAMQAxADEAMgBCAH0AIgAgAHgAbQBsAG4AcwA9ACIAaAB0AHQAcAA6AC8ALwBzAGMAaABlAG0AYQBzAC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvAHMAaABhAHIAZQBwAG8AaQBuAHQALwBzAG8AYQBwAC8AIgA+ADwAUgBlAHEAdQBlAHMAdAAgAFUAcgBsAD0AIgBoAHQAdABwAHMAOgAvAC8AdwB0AHIAYQBiAGEAagBhAG4AZABvAGoAdQBuAHQAbwBzAC8AZABnAGEALwBzAHQAdQBmAGYALwB0AGUAcwB0AC4AZABvAGMAeAAiACAAUgBlAHEAdQBlAHMAdABUAG8AawBlAG4APQAiADEAIgA+ADwAUwB1AGIAUgBlAHEAdQBlAHMAdAAgAFQAeQBwAGUAPQAiAEMAbwBhAHUAdABoACIAIABTAHUAYgBSAGUAcQB1AGUAcwB0AFQAbwBrAGUAbgA9ACIAMQAiAD4APABTAHUAYgBSAGUAcQB1AGUAcwB0AEQAYQB0AGEAIABDAG8AYQB1AHQAaABSAGUAcQB1AGUAcwB0AFQAeQBwAGUAPQAiAEUAeABpAHQAQwBvAGEAdQB0AGgAbwByAGkAbgBnACIAIABTAGMAaABlAG0AYQBMAG8AYwBrAEkARAA9ACIAMgA5ADMANQA4AEUAQwAxAC0ARQA4ADEAMwAtADQANwA5ADMALQA4AEUANwAwAC0ARQBEADAAMwA0ADQARQA3AEIANwAzAEMAIgAgAEMAbABpAGUAbgB0AEkARAA9ACIAewA0ADcAMAA1AEIAMAA3AEYALQBFADgANQAwAC0ANABEADgANQAtAEIAMgBGADcALQA5AEQAOAAxAEQAOQBCADIANwAxADAAQwB9ACIALwA+ADwALwBTAHUAYgBSAGUAcQB1AGUAcwB0AD4APABTAHUAYgBSAGUAcQB1AGUAcwB0ACAAVAB5AHAAZQA9ACIAUwBjAGgAZQBtAGEATABvAGMAawAiACAAUwB1AGIAUgBlAHEAdQBlAHMAdABUAG8AawBlAG4APQAiADIAIgAgAEQAZQBwAGUAbgBkAHMATwBuAD0AIgAxACIAIABEAGUAcABlAG4AZABlAG4AYwB5AFQAeQBwAGUAPQAiAE8AbgBOAG8AdABTAHUAcABwAG8AcgB0AGUAZAAiAD4APABTAHUAYgBSAGUAcQB1AGUAcwB0AEQAYQB0AGEAIABTAGMAaABlAG0AYQBMAG8AYwBrAFIAZQBxAHUAZQBzAHQAVAB5AHAAZQA9ACIAUgBlAGwAZQBhAHMAZQBMAG8AYwBrACIAIABTAGMAaABlAG0AYQBMAG8AYwBrAEkARAA9ACIAMgA5ADMANQA4AEUAQwAxAC0ARQA4ADEAMwAtADQANwA5ADMALQA4AEUANwAwAC0ARQBEADAAMwA0ADQARQA3AEIANwAzAEMAIgAgAEMAbABpAGUAbgB0AEkARAA9ACIAewA0ADcAMAA1AEIAMAA3AEYALQBFADgANQAwAC0ANABEADgANQAtAEIAMgBGADcALQA5AEQAOAAxAEQAOQBCADIANwAxADAAQwB9ACIALwA+ADwALwBTAHUAYgBSAGUAcQB1AGUAcwB0AD4APAAvAFIAZQBxAHUAZQBzAHQAPgA8AC8AUgBlAHEAdQBlAHMAdABDAG8AbABsAGUAYwB0AGkAbwBuAD4APAAvAHMAOgBCAG8AZAB5AD4APAAvAHMAOgBFAG4AdgBlAGwAbwBwAGUAPgANAAoALQAtAHUAcgBuADoAdQB1AGkAZAA6ADIAYQAzAGEAMgBlADIAYQAtADUANgAyADMALQA0ADcAOAAwAC0AOABkAGUAZgAtADgANABmAGUAYgA4ADMAZABiADIAMQA5AC0ALQANAAoA</StringHttpBody> </Request> </Items> </TestCase>
What happens when the user click on "See this in windows explorer"
<!--- THIS CONTENT IS MOVED BY A PROCESS CALLED SVCHOST.EXE ---> <?xml version="1.0" encoding="utf-8"?> <TestCase Name="FiddlerGeneratedWebTest" Id="" Owner="" Description="" Priority="0" Enabled="True" CssProjectStructure="" CssIteration="" DeploymentItemsEditable="" CredentialUserName="" CredentialPassword="" PreAuthenticate="True" Proxy="" RequestCallbackClass="" TestCaseCallbackClass=""> <Items> <Request Method="PROPFIND" Version="1.1" Url="https://mysharepointserver/dga/stuff" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Depth" Value="0" /> <Header Name="translate" Value="f" /> </Headers> </Request> <Request Method="PROPFIND" Version="1.1" Url="https://mysharepointserver/dga" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Depth" Value="0" /> <Header Name="translate" Value="f" /> </Headers> </Request> <Request Method="PROPFIND" Version="1.1" Url="https://mysharepointserver/dga/stuff" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Depth" Value="1" /> <Header Name="translate" Value="f" /> </Headers> </Request> <Request Method="PROPFIND" Version="1.1" Url="https://mysharepointserver/dga/stuff" ThinkTime="0" Timeout="60" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8"> <Headers> <Header Name="Depth" Value="0" /> <Header Name="translate" Value="f" /> </Headers> </Request> </Items> </TestCase>