zoukankan      html  css  js  c++  java
  • VC++开发的ActiveX如何加入安全机制,避免IE中提示“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗?”

    在EOS6的项目中,如果采用VC++开发的ActiveX,那么第一次运行的时候,IE中就会提示,“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗?”在网上找了很多资料,原理介绍的多,但是真正如何做,介绍的比较少,因此这里把实际的步骤一步一步的记录下来了,供大家参考。

     

    1.1 去除ActiveX访问时的安全提示

    ActiveX第一次被访问时,会出现如下提示框:

     

    这是IE浏览器的安全机制造成的,我们可以采用下面的步骤来去除这个提示信息:

    1.1.1 CDemoCtl的头文件.h中增加对objsave的引用

    #include <objsafe.h> 

    1.1.2 在其protected声明区增加如下内容:

    //去掉安全警告 BEGIN

    DECLARE_INTERFACE_MAP()

    BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)

    STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);

    STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);

    END_INTERFACE_PART(ObjectSafety)

    //去掉安全警告 END

    1.1.3 CDemoCtl的实现类.cppIMPLEMENT_DYNCREATE(CActivexFirstCtrl, COleControl)这一行后增加如下内容:

         

    //去掉安全警告 BEGIN

    BEGIN_INTERFACE_MAP(CDemoCtl, COleControl)

    INTERFACE_PART(CDemoCtl, IID_IObjectSafety, ObjectSafety)

    END_INTERFACE_MAP()

    // Implementation of IObjectSafety

    STDMETHODIMP CDemoCtl::XObjectSafety::GetInterfaceSafetyOptions(

    REFIID riid,

    DWORD __RPC_FAR *pdwSupportedOptions,

    DWORD __RPC_FAR *pdwEnabledOptions)

    {

    METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)

    if (!pdwSupportedOptions || !pdwEnabledOptions)

    {

    return E_POINTER;

    }

    *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;

    *pdwEnabledOptions = 0;

    if (NULL == pThis->GetInterface(&riid))

    {

    TRACE("Requested interface is not supported.\n");

    return E_NOINTERFACE;

    }

    // What interface is being checked out anyhow?

    OLECHAR szGUID[39];

    int i = StringFromGUID2(riid, szGUID, 39);

    if (riid == IID_IDispatch)

    {

    // Client wants to know if object is safe for scripting

    *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;

    return S_OK;

    }

    else if (riid == IID_IPersistPropertyBag

    || riid == IID_IPersistStreamInit

    || riid == IID_IPersistStorage

    || riid == IID_IPersistMemory)

    {

    // Those are the persistence interfaces COleControl derived controls support

    // as indicated in AFXCTL.H

    // Client wants to know if object is safe for initializing from persistent data

    *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;

    return S_OK;

    }

    else

    {

    // Find out what interface this is, and decide what options to enable

    TRACE("We didn"t account for the safety of this interface, and it"s one we support...\n");

    return E_NOINTERFACE;

    }

    }

    STDMETHODIMP CDemoCtl::XObjectSafety::SetInterfaceSafetyOptions(

    REFIID riid,

    DWORD dwOptionSetMask,

    DWORD dwEnabledOptions)

    {

    METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)

    OLECHAR szGUID[39];

    // What is this interface anyway?

    // We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface

    int i = StringFromGUID2(riid, szGUID, 39);

    if (0 == dwOptionSetMask && 0 == dwEnabledOptions)

    {

    // the control certainly supports NO requests through the specified interface

    // so it"s safe to return S_OK even if the interface isn"t supported.

    return S_OK;

    }

    // Do we support the specified interface?

    if (NULL == pThis->GetInterface(&riid))

    {

    TRACE1("%s is not support.\n", szGUID);

    return E_FAIL;

    }

    if (riid == IID_IDispatch)

    {

    TRACE("Client asking if it"s safe to call through IDispatch.\n");

    TRACE("In other words, is the control safe for scripting?\n");

    if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)

    {

    return S_OK;

    }

    else

    {

    return E_FAIL;

    }

    }

    else if (riid == IID_IPersistPropertyBag

    || riid == IID_IPersistStreamInit

    || riid == IID_IPersistStorage

    || riid == IID_IPersistMemory)

    {

    TRACE("Client asking if it"s safe to call through IPersist*.\n");

    TRACE("In other words, is the control safe for initializing from persistent data?\n");

    if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)

    {

    return NOERROR;

    }

    else

    {

    return E_FAIL;

    }

    }

    else

    {

    TRACE1("We didn"t account for the safety of %s, and it"s one we support...\n", szGUID);

    return E_FAIL;

    }

    }

    STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::AddRef()

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (ULONG)pThis->ExternalAddRef();

    }

    STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::Release()

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (ULONG)pThis->ExternalRelease();

    }

    STDMETHODIMP CDemoCtl::XObjectSafety::QueryInterface(

    REFIID iid, LPVOID* ppvObj)

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);

    }

    //去掉安全警告 END

  • 相关阅读:
    RESTful规范1
    Django -- 发送HTML格式的邮件
    11.10 vue
    Selenium 使用
    Beautiful Soup的用法
    Pthon常用模块之requests,urllib和re
    爬虫--工具安装Jupyter anaconda
    11-3
    Python -- tabulate 模块,
    Python -- queue队列模块
  • 原文地址:https://www.cnblogs.com/zdxster/p/1945868.html
Copyright © 2011-2022 走看看