OCX网络验证修改
2014-06-22 13:10
106 查看
由于网页安全限制问题,在网页在运行在客户端是没有一些计算机的控制权限,如访问硬件信息、访问USB设备。我们为得到这样控制我需要给网页加载一个组件在客户浏览器中进行运行。但是我们做了一个OCX让他运行,但是浏览器会提示这个OCX不完全,会让用户对于加载这个OCX有疑虑。即使你进行数字签名也是这样。
这时我们需要让在OCX注册时加入安全脚本申明。代码如下。
h文件声明
#include <OBJSAFE.H>
..class CPMZBRockeyInitCtrl : public COleControl
//imp safe
DECLARE_INTERFACE_MAP()
BEGIN_INTERFACE_PART(ObjSafe, IObjectSafety)
STDMETHOD_(HRESULT, GetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [out] */ DWORD __RPC_FAR *pdwSupportedOptions,
/* [out] */ DWORD __RPC_FAR *pdwEnabledOptions
);
STDMETHOD_(HRESULT, SetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [in] */ DWORD dwOptionSetMask,
/* [in] */ DWORD dwEnabledOptions
);
END_INTERFACE_PART(ObjSafe);
这样windows就会认为你这个OCX是安全的。
这时我们需要让在OCX注册时加入安全脚本申明。代码如下。
h文件声明
#include <OBJSAFE.H>
..class CPMZBRockeyInitCtrl : public COleControl
//imp safe
DECLARE_INTERFACE_MAP()
BEGIN_INTERFACE_PART(ObjSafe, IObjectSafety)
STDMETHOD_(HRESULT, GetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [out] */ DWORD __RPC_FAR *pdwSupportedOptions,
/* [out] */ DWORD __RPC_FAR *pdwEnabledOptions
);
STDMETHOD_(HRESULT, SetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [in] */ DWORD dwOptionSetMask,
/* [in] */ DWORD dwEnabledOptions
);
END_INTERFACE_PART(ObjSafe);
...CSSRockeyNetCtrlCtrl.cpp
/////////////////////////////////////////////////////////////////////////////
// IObjectSafety member functions
// Delegate AddRef, Release, QueryInterface
BEGIN_INTERFACE_MAP( CSSRockeyNetCtrlCtrl, COleControl )
INTERFACE_PART(CSSRockeyNetCtrlCtrl, IID_IObjectSafety, ObjSafe)
//INTERFACE_PART(CSSRockeyNetCtrlCtrl, IID_IOleInPlaceActiveObject, OleInplaceActiveObject)
END_INTERFACE_MAP()
ULONG FAR EXPORT CSSRockeyNetCtrlCtrl::XObjSafe::AddRef()
{
METHOD_PROLOGUE(CSSRockeyNetCtrlCtrl, ObjSafe)
return pThis->ExternalAddRef();
}
ULONG FAR EXPORT CSSRockeyNetCtrlCtrl::XObjSafe::Release()
{
METHOD_PROLOGUE(CSSRockeyNetCtrlCtrl, ObjSafe)
return pThis->ExternalRelease();
}
HRESULT FAR EXPORT CSSRockeyNetCtrlCtrl::XObjSafe::QueryInterface( REFIID iid, void FAR* FAR* ppvObj)
{
METHOD_PROLOGUE(CSSRockeyNetCtrlCtrl, ObjSafe)
return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}
STDMETHODIMP CSSRockeyNetCtrlCtrl::XObjSafe::GetInterfaceSafetyOptions(
/* [in] */ REFIID riid,
/* [out] */ DWORD __RPC_FAR *pdwSupportedOptions,
/* [out] */ DWORD __RPC_FAR *pdwEnabledOptions
)
{
METHOD_PROLOGUE_EX(CSSRockeyNetCtrlCtrl, ObjSafe)
if (!pdwSupportedOptions || !pdwEnabledOptions)
{
return E_POINTER;
}
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = 0;
if (NULL == pThis->GetInterface(&riid))
{
TRACE("Requested interface is not supported.\n");
return E_NOINTERFACE;
}
// What interface is being checked out anyhow?
OLECHAR szGUID[39];
int i = StringFromGUID2(riid, szGUID, 39);
if (riid == IID_IDispatch)
{
// Client wants to know if object is safe for scripting
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
return S_OK;
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
// Those are the persistence interfaces COleControl derived controls support
// as indicated in AFXCTL.H
// Client wants to know if object is safe for initializing from persistent data
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
return S_OK;
}
else
{
// Find out what interface this is, and decide what options to enable
TRACE("We didn't account for the safety of this interface, and it's one we support...\n");
return E_NOINTERFACE;
}
}
STDMETHODIMP CSSRockeyNetCtrlCtrl::XObjSafe::SetInterfaceSafetyOptions( /* [in] */ REFIID riid,
/* [in] */ DWORD dwOptionSetMask,
/* [in] */ DWORD dwEnabledOptions)
{
METHOD_PROLOGUE_EX(CSSRockeyNetCtrlCtrl, ObjSafe)
OLECHAR szGUID[39];
// What is this interface anyway?
// We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface
int i = StringFromGUID2(riid, szGUID, 39);
if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
{
// the control certainly supports NO requests through the specified interface
// so it's safe to return S_OK even if the interface isn't supported.
return S_OK;
}
// Do we support the specified interface?
if (NULL == pThis->GetInterface(&riid))
{
TRACE1("%s is not support.\n", szGUID);
return E_FAIL;
}
if (riid == IID_IDispatch)
{
TRACE("Client asking if it's safe to call through IDispatch.\n");
TRACE("In other words, is the control safe for scripting?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
{
return S_OK;
}
else
{
return E_FAIL;
}
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
TRACE("Client asking if it's safe to call through IPersist*.\n");
TRACE("In other words, is the control safe for initializing from persistent data?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
{
return NOERROR;
}
else
{
return E_FAIL;
}
}
else
{
TRACE1("We didn't account for the safety of %s, and it's one we support...\n", szGUID);
return E_FAIL;
}
}这样windows就会认为你这个OCX是安全的。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 网络验证的破解-用SPI修改网络封包
- XP远程连接启用网络级别身份验证方法(修改注册表的两个地方,再重新启动电脑即可)
- 验证了网络上流传魔兽世界dly的几个宏,绝对可用,给大家参考
- 利用 WMI 修改计算机的网络设置
- 有意思的发现,aspx的forms验证会自动修改Url,
- 实现验证码控件代码验证控件,方便使用验证码(修改)
- 网络培训之突破网管限制修改网卡MAC地址
- java实现身份证号码验证及修改
- 新手看招:避免网络 IP 地址被非法修改
- 修改注册控件的密码验证等问题
- 批处理修改网络打印机端口的主机地址
- 如何实现在程序中进行网络计算机的用户验证
- 注册表修改之网络篇
- 修改/proc目录下的参数优化网络性能
- 收集"琥珀无限级联动菜单-AJAX版 [睿翔网络科技修改"
- 关闭IPV6加速FC网络速度;修改
- 利用 WMI 修改计算机的网络设置
- 网络选摘之[javamail在线发邮件全部代码,包括身份验证部分]
- 命令行修改网络设置ip地址、dns、网关的方法(windows)
- 修改sql server的身份验证模式