[asterisk-users] how to launch a URl when dialing a number

A J Stiles asterisk_list at earthshod.co.uk
Fri May 31 11:44:15 CDT 2013


On Friday 31 May 2013, Alex Villací­s Lasso wrote:
>  From this discussion, I am guessing the following scenario. Please correct
> me if I am wrong. - There are (at least) three roles in your scenario: the
> Asterisk server, the PHP webserver (which may or may not be the same
> machine as the Asterisk server), and the client PC. - Apparently your
> client PC runs a softphone (but the exact nature of the telephony client
> is not important). - A call is connected from the phone to your Asterisk,
> is directed to your context, and dials some trunk (Zap/g1 in your
> snippet). - You then want, somehow, to make the Asterisk server reach out
> to your client PC (which runs a GUI and has a web browser) and force it to
> open an arbitrary web page on the PHP webserver, presumably a callcenter
> data collecting form.
> 
> The problematic issue is the last part. Especially the implication of
> remotely opening a web page on some random PC.
> 
> If the above scenario is in fact what you were planning to do, maybe you
> need to rethink your design. In the default case, there is no way to make
> a remote PC open an arbitrary URL on its GUI. Think about the security
> implications. You should instead have the web interface already open, and
> program a Click2Call capability that contacts the Asterisk server and uses
> AMI to execute an Originate action with your context as your target. Then
> the web page would load your target URL in order to handle the call. Or,
> if the calls come from an external source, you should program some kind of
> monitor that alerts the web interface that the call was handled by the
> context.

Actually, that *is* doable, because I have done it!

I wrote a little daemon, which runs on each agent's workstation, listening for 
UDP messages and delivering system notifications.  The daemon is started 
through a symlink in /home/*/.kde/Autostart, so it runs under the logged-in 
user's ID; and one of the supported message types instructs the daemon to open 
a URL in iceweasel.  Since iceweasel probably is already running, it just 
opens a new tab in the existing browser process.

This isn't quite as insecure as it sounds, because I made sure to bake in the 
following security measures:

*  You can't actually execute arbitrary commands just by sending UDP messages.  
The daemon is doing some sanity-checking -- the worst you can do is display an 
arbitrary web page.

*  All this is happening on the inside of a firewall, which blocks access from 
agents' workstations to most outside IP addresses.  Any web page you can 
display is safe-for-work.

*  The firewall also doesn't let anything in on the UDP port which is used for 
notification messaging.


When an agent receives an incoming call on their DDI number, an AGI script is 
started.  It looks up the calling number in the database; and if it is found, 
a notification message is sent with the details of the caller, followed by 
another one to fetch up the user's details in our web app.


There is no reason why an AGI script should not fire off a request to open a 
browser page as an external number is dialled.  But instead of dialling the 
number manually, we use a callfile-generating CGI script  (linked from within 
the main telesales application)  to call external numbers when the agent 
follows a link.


It probably also helps greatly that all the software we use to run our call 
centre  (besides whatever is usually found in a standard Linux distribution)  
was written in-house .....

-- 
AJS

Answers come *after* questions.



More information about the asterisk-users mailing list