vc++怎么标记ActiveX控件为安全
2013-11-21 10:08
260 查看
1、使用atl开发dll时标记为安全时可以实现IObjectSafety接口,但这个具体我还不知道怎么做。
2、使用MFC开发ActiveX控件时可以修改注册表来标记控件为安全的,具体做法:
YourApp.ccp里增加
#include "comcat.h"
#include "Objsafe.h"
// 本控件的CLSID,注册表用-
helpstring("UTPKES Control"), control ]这个.
const CATID CATID_SafeForScripting =
{0x7dd95801,0x9882,0x11cf,{0x9f,0xa9,0x00,0xaa,0x00,0x6c,0x42,0xc4}};
const CATID CATID_SafeForInitializing =
{0x7dd95802,0x9882,0x11cf,{0x9f,0xa9,0x00,0xaa,0x00,0x6c,0x42,0xc4}};
加这两句的时候可能会报重复定义,把旧的找到删除掉
原来的定义出现在Objsafe.h文件中,将该文件拷贝一份至工程目录,并去掉此上两项的声明。
然后在YourApp.ccp中加入下面三方方法:
// 创建组件种类
HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (FAILED(hr))
return hr;
// Make sure the HKCR\Component Categories\{..catid...}
// key is registered.
CATEGORYINFO catinfo;
catinfo.catid = catid;
catinfo.lcid = 0x0409 ; // english
// Make sure the provided description is not too long.
// Only copy the first 127 characters if it is.
int len = wcslen(catDescription);
if (len>127)
len = 127;
wcsncpy(catinfo.szDescription, catDescription, len);
// Make sure the description is null terminated.
catinfo.szDescription[len] = '\0';
hr = pcr->RegisterCategories(1, &catinfo);
pcr->Release();
return hr;
}
// 注册组件种类
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
// Register your component categories information.
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Register this category as being "implemented" by the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
// 卸载组件种类
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Unregister this category as being "implemented" by the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
然后修改YourApp.cpp里的STDAPI DllRegisterServer(void)方法和STDAPI DllUnregisterServer(void)方法:
STDAPI DllRegisterServer(void)
{
HRESULT hr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE))
return ResultFromScode(SELFREG_E_CLASS);
// 标记控件初始化安全.
// 创建初始化安全组件种类
hr = CreateComponentCategory(CATID_SafeForInitializing, L"Controls safely initializable from persistent data!");
if (FAILED(hr))
return hr;
// 注册初始化安全
hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// 标记控件脚本安全
// 创建脚本安全组件种类
hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls safely scriptable!");
if (FAILED(hr))
return hr;
// 注册脚本安全组件种类
hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
if (FAILED(hr))
return hr;
return NOERROR;
}
/////////////////////////////////////////////////////////////////////////////
// DllUnregisterServer - Removes entries from the system registry
STDAPI DllUnregisterServer(void)
{
HRESULT hr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
// 删除控件初始化安全入口.
hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// 删除控件脚本安全入口
hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
if (FAILED(hr))
return hr;
//////////////////////////
return NOERROR;
}
这样就标记你的控件是安全的了
3、这样开发完以后还需要用数字证书签名才可以让浏览器下载,如果不签名的话可以使用
regsvr32 c:\YourApp.ocx来手动注册也可以使用了,当然也可以修改浏览器的设置运行不经过签名的控件也可以执行这样也可以使用。
2、使用MFC开发ActiveX控件时可以修改注册表来标记控件为安全的,具体做法:
YourApp.ccp里增加
#include "comcat.h"
#include "Objsafe.h"
// 本控件的CLSID,注册表用-
const GUID CDECL BASED_CODE _ctlid ={ 0x94BE7FE8, 0xCF75, 0x4FD3, { 0x8A,0x41,0x9D,0x5F,0xE7,0x13,0x55,0x11} }; //这个需要根据你的控件的classid来修改,也就是YourApp.odl里的 [ uuid(94BE7FE8-CF75-4FD3-8A41-9D5FE7135511),
helpstring("UTPKES Control"), control ]这个.
const CATID CATID_SafeForScripting =
{0x7dd95801,0x9882,0x11cf,{0x9f,0xa9,0x00,0xaa,0x00,0x6c,0x42,0xc4}};
const CATID CATID_SafeForInitializing =
{0x7dd95802,0x9882,0x11cf,{0x9f,0xa9,0x00,0xaa,0x00,0x6c,0x42,0xc4}};
加这两句的时候可能会报重复定义,把旧的找到删除掉
原来的定义出现在Objsafe.h文件中,将该文件拷贝一份至工程目录,并去掉此上两项的声明。
然后在YourApp.ccp中加入下面三方方法:
// 创建组件种类
HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (FAILED(hr))
return hr;
// Make sure the HKCR\Component Categories\{..catid...}
// key is registered.
CATEGORYINFO catinfo;
catinfo.catid = catid;
catinfo.lcid = 0x0409 ; // english
// Make sure the provided description is not too long.
// Only copy the first 127 characters if it is.
int len = wcslen(catDescription);
if (len>127)
len = 127;
wcsncpy(catinfo.szDescription, catDescription, len);
// Make sure the description is null terminated.
catinfo.szDescription[len] = '\0';
hr = pcr->RegisterCategories(1, &catinfo);
pcr->Release();
return hr;
}
// 注册组件种类
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
// Register your component categories information.
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Register this category as being "implemented" by the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
// 卸载组件种类
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Unregister this category as being "implemented" by the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
然后修改YourApp.cpp里的STDAPI DllRegisterServer(void)方法和STDAPI DllUnregisterServer(void)方法:
STDAPI DllRegisterServer(void)
{
HRESULT hr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE))
return ResultFromScode(SELFREG_E_CLASS);
// 标记控件初始化安全.
// 创建初始化安全组件种类
hr = CreateComponentCategory(CATID_SafeForInitializing, L"Controls safely initializable from persistent data!");
if (FAILED(hr))
return hr;
// 注册初始化安全
hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// 标记控件脚本安全
// 创建脚本安全组件种类
hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls safely scriptable!");
if (FAILED(hr))
return hr;
// 注册脚本安全组件种类
hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
if (FAILED(hr))
return hr;
return NOERROR;
}
/////////////////////////////////////////////////////////////////////////////
// DllUnregisterServer - Removes entries from the system registry
STDAPI DllUnregisterServer(void)
{
HRESULT hr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
// 删除控件初始化安全入口.
hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// 删除控件脚本安全入口
hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
if (FAILED(hr))
return hr;
//////////////////////////
return NOERROR;
}
这样就标记你的控件是安全的了
3、这样开发完以后还需要用数字证书签名才可以让浏览器下载,如果不签名的话可以使用
regsvr32 c:\YourApp.ocx来手动注册也可以使用了,当然也可以修改浏览器的设置运行不经过签名的控件也可以执行这样也可以使用。
相关文章推荐
- ActiveX控件开发的一些问题一,如何标记控件为安全
- 标记Activex控件为安全脚本
- ActiveX控件开发的一些问题一,如何标记控件为安全
- 必须要实现IObjectSafety接口,把ActiveX控件标记为安全的ActiveX控件,可以不这样做的。可以把控件注册一下就可以了
- VC++开发的ActiveX如何加入安全机制,避免IE中提示“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗?”
- 将ActiveX控件标记为安全
- VC开发的ActiveX加入安全机制,避免IE中提示“在此页上的ActiveX控件,,不安全,你想允许这种交互吗?”
- \t\t用C#编写ActiveX控件 自定义html控件 ActiveX 控件注册 标记Activex控件为脚本安全
- 如何将MFC ActiveX控件标记为安全
- Delphi开发标记为安全的ActiveX控件
- ActiveX控件如何标记控件为安全(Safe Initialization and Scripting for ActiveX Controls)
- 使用MFC开发ActiveX控件时修改注册表来标记控件为安全
- ActiveX控件如何标记控件为安全(摘抄)
- 使用ALT创建activex控件时标记安全方法
- 将ActiveX控件标记为安全
- VC++开发的ActiveX如何加入安全机制,避免IE中提示“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗?”
- Android Studio怎么查看程序安全码获取SHA1值,MD5值?
- 分享:怎么去测试一个 app 是否存在安全问题?
- win10无法启动安全中心该怎么办?
- 安全密码存储,该怎么做,不该怎么做?