ActiveX学习笔记二 ActiveX在IE中安全级别问题-实现IObjectSafety接口
使用MFC开发ActiveX控件,在IE中会提示安全问题,这个可以通过实现IObjectSafety接口来解决问题
1.首先要包含头文件#include
2.然后在你的ActiveX头文件中添加
DECLARE_INTERFACE_MAP()
BEGIN_INTERFACE_PART(ObjSafe, IObjectSafety)
STDMETHOD_(HRESULT, GetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [out] */ DWORD __RPC_FAR *pdwSupportedOptions,
/* [out] */ DWORD __RPC_FAR *pdwEnabledOptions
);
STDMETHOD_(HRESULT, SetInterfaceSafetyOptions) (
/* [in] */ REFIID riid,
/* [in] */ DWORD dwOptionSetMask,
/* [in] */ DWORD dwEnabledOptions
);
END_INTERFACE_PART(ObjSafe);
3.然后在ActiveX对应的cpp文件中添加,将其中MyActiveCtrl替换成自己的ActiveCtrl类
//接口映射
BEGIN_INTERFACE_MAP(MyActiveXCtrl,COleControl)
INTERFACE_PART(MyActiveXCtrl,IID_IObjectSafety,ObjSafe)
END_INTERFACE_MAP()
// IObjectSafety member functions
// Delegate AddRef, Release, QueryInterface
ULONG FAR EXPORT MyActiveXCtrl::XObjSafe::AddRef()
{
METHOD_PROLOGUE(MyActiveXCtrl,ObjSafe)
return pThis->ExternalAddRef();
}
ULONG FAR EXPORT MyActiveXCtrl::XObjSafe::Release()
{
METHOD_PROLOGUE(MyActiveXCtrl,ObjSafe)
return pThis->ExternalRelease();
}
HRESULT FAR EXPORT MyActiveXCtrl::XObjSafe::QueryInterface(REFIID iid,void FAR* FAR* ppvObj)
{
METHOD_PROLOGUE(MyActiveXCtrl,ObjSafe)
return (HRESULT)pThis->ExternalQueryInterface(&iid,ppvObj);
}
const DWORD dwSupportedBits = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
const DWORD dwNotSupportedBits=~dwSupportedBits;
// CStopLiteCtrl::XObjSafe::GetInterfaceSafetyOptions
// Allows container to query what interfaces are safe for what. We're
// optimizing significantly by ignoring which interface the caller is
// asking for.
HRESULT STDMETHODCALLTYPE
MyActiveXCtrl::XObjSafe::GetInterfaceSafetyOptions(
/* [in] */ REFIID riid,
/* [out] */ DWORD __RPC_FAR *pdwSupportedOptions,
/* [out] */ DWORD __RPC_FAR *pdwEnabledOptions)
{
METHOD_PROLOGUE(MyActiveXCtrl,ObjSafe)
HRESULT retval = ResultFromScode(S_OK);
// does interface exist?
IUnknown FAR* punkInterface;
retval = pThis->ExternalQueryInterface(&riid, (void **)&punkInterface);
if(retval!=E_NOINTERFACE)
{ // interface exists
punkInterface->Release(); // release it--just checking!
}
// we support both kinds of safety and have always both set, regardless of interface
*pdwSupportedOptions=*pdwEnabledOptions=dwSupportedBits;
return retval; // E_NOINTERFACE if QI failed
}
/////////////////////////////////////////////////////////////////////////////
// CStopLiteCtrl::XObjSafe::SetInterfaceSafetyOptions
// Since we're always safe, this is a no-brainer--but we do check to make
// sure the interface requested exists and that the options we're asked to
// set exist and are set on (we don't support unsafe mode).
HRESULT STDMETHODCALLTYPE
MyActiveXCtrl::XObjSafe::SetInterfaceSafetyOptions(
/* [in] */ REFIID riid,
/* [in] */ DWORD dwOptionSetMask,
/* [in] */ DWORD dwEnabledOptions)
{
METHOD_PROLOGUE(MyActiveXCtrl, ObjSafe)
// does interface exist?
IUnknown FAR* punkInterface;
pThis->ExternalQueryInterface(&riid, (void * *)&punkInterface);
if(punkInterface)
{ // interface exists
punkInterface->Release(); // release it--just checking!
}
else
{ // interface doesn't exist
return ResultFromScode(E_NOINTERFACE);
}
// can't set bits we don't support
if(dwOptionSetMask & dwNotSupportedBits)
{
return ResultFromScode(E_FAIL);
}
// can't set bits we do support to zero
dwEnabledOptions&=dwSupportedBits;
// (we already know there are no extra bits in mask )
if((dwOptionSetMask&dwEnabledOptions)!=dwOptionSetMask)
{
return ResultFromScode(E_FAIL);
}
// don't need to change anything since we're always safe
return ResultFromScode(S_OK);
}
编译成功后,浏览器默认安全级别也不会再报安全问题了
参考:http://topic.csdn.net/t/20020612/20/798933.html