在此页上的 ActiveX 控件和本页上的其它部份的交互可能不安全。你想允许这种交互

yangzb

浏览: 3472032 次
性别:
来自: 北京

最近访客更多访客>>

lizhensan

morelily

magicfish1981

duquancool

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

开发工具
C++

如果采用VC++开发的ActiveX，那么第一次运行的时候，IE中就会提示，“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全，你想允许这种交互吗？”在网上找了很多资料，原理介绍的多，但是真正如何做，介绍的比较少，因此这里把实际的步骤一步一步的记录下来了，供大家参考。
1.1 去除ActiveX访问时的安全提示
当ActiveX第一次被访问时，会出现如下提示框：

这是IE浏览器的安全机制造成的，我们可以采用下面的步骤来去除这个提示信息：
1.1.1 在CDemoCtl的头文件.h中增加对objsave的引用
#include <objsafe.h>
1.1.2 在其protected声明区增加如下内容：
//去掉安全警告 BEGIN
DECLARE_INTERFACE_MAP()
BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)
STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);
STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
END_INTERFACE_PART(ObjectSafety)
//去掉安全警告 END
1.1.3 在CDemoCtl的实现类.cpp的IMPLEMENT_DYNCREATE(CActivexFirstCtrl, COleControl)这一行后增加如下内容：

//去掉安全警告 BEGIN
BEGIN_INTERFACE_MAP(CDemoCtl, COleControl)
INTERFACE_PART(CDemoCtl, IID_IObjectSafety, ObjectSafety)
END_INTERFACE_MAP()
// Implementation of IObjectSafety
STDMETHODIMP CDemoCtl::XObjectSafety::GetInterfaceSafetyOptions(
REFIID riid,
DWORD __RPC_FAR *pdwSupportedOptions,
DWORD __RPC_FAR *pdwEnabledOptions)
{
METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)
if (!pdwSupportedOptions || !pdwEnabledOptions)
{
return E_POINTER;
}
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = 0;
if (NULL == pThis->GetInterface(&riid))
{
TRACE("Requested interface is not supported.\n");
return E_NOINTERFACE;
}
// What interface is being checked out anyhow?
OLECHAR szGUID[39];
int i = StringFromGUID2(riid, szGUID, 39);
if (riid == IID_IDispatch)
{
// Client wants to know if object is safe for scripting
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
return S_OK;
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
// Those are the persistence interfaces COleControl derived controls support
// as indicated in AFXCTL.H
// Client wants to know if object is safe for initializing from persistent data
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
return S_OK;
}
else
{
// Find out what interface this is, and decide what options to enable
TRACE("We didn"t account for the safety of this interface, and it"s one we support...\n");
return E_NOINTERFACE;
}
}
STDMETHODIMP CDemoCtl::XObjectSafety::SetInterfaceSafetyOptions(
REFIID riid,
DWORD dwOptionSetMask,
DWORD dwEnabledOptions)
{
METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)
OLECHAR szGUID[39];
// What is this interface anyway?
// We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface
int i = StringFromGUID2(riid, szGUID, 39);
if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
{
// the control certainly supports NO requests through the specified interface
// so it"s safe to return S_OK even if the interface isn"t supported.
return S_OK;
}
// Do we support the specified interface?
if (NULL == pThis->GetInterface(&riid))
{
TRACE1("%s is not support.\n", szGUID);
return E_FAIL;
}
if (riid == IID_IDispatch)
{
TRACE("Client asking if it"s safe to call through IDispatch.\n");
TRACE("In other words, is the control safe for scripting?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
{
return S_OK;
}
else
{
return E_FAIL;
}
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
TRACE("Client asking if it"s safe to call through IPersist*.\n");
TRACE("In other words, is the control safe for initializing from persistent data?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
{
return NOERROR;
}
else
{
return E_FAIL;
}
}
else
{
TRACE1("We didn"t account for the safety of %s, and it"s one we support...\n", szGUID);
return E_FAIL;
}
}
STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::AddRef()
{
METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)
return (ULONG)pThis->ExternalAddRef();
}
STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::Release()
{
METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)
return (ULONG)pThis->ExternalRelease();
}
STDMETHODIMP CDemoCtl::XObjectSafety::QueryInterface(
REFIID iid, LPVOID* ppvObj)
{
METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)
return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}
//去掉安全警告 END

分享到：

关于IObjectSafety和ActiveX组件的脚本安 ... | 如何编写 INF 文件

2011-11-17 19:09
浏览 14674
评论(0)
分类:互联网
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论