ActiveX控件的MFC设计之旅-第20步

网页知道的并不多,不过似乎关于ActiveX控件在网页中的问题在所有关于ActiveX控件的问题中所占的比重相当的大,而其中最常问的就是,网页中弹出来的安全警告。

关于这个问题,并不复杂,网上搜索一下可以找到一大片的回答,真正的是天下文章一大抄了。

参考资料:
http://www.newebug.com/article/cpp/2207.shtml
http://www.ccw.com.cn/htm/app/aprog/01_3_29_4.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaxctrl/html/msdn_signmark.asp

嘿,反正是抄,咱也跟着抄吧。

新建一控件tix

方法一:使用“组件类管理器(Component Categories Manager )”将自身在客户机器上注册为安全。

1.在tix.cpp中
#include "objsafe.h"
#include "comcat.h"

2.在tix.cpp中添加控件的CLSID定义
const GUID CDECL CLSID_SafeItem =
        { 0x06aa1f79, 0x1874, 0x445c, { 0xb9, 0x0a, 0x23, 0x36, 0xb7, 0x39, 0xf2, 0x54 } };
//    注意这个GUID一定要与控件的CLSID相同!
//    可以从初始化类厂的宏中拷贝并整理
//    IMPLEMENT_OLECREATE_EX(CTixCtrl, "TIX.TixCtrl.1",
//        0x6aa1f79, 0x1874, 0x445c, 0xb9, 0xa, 0x23, 0x36, 0xb7, 0x39, 0xf2, 0x54)

3.在tix.cpp中添加三个函数,用来将获得组件类管理器,并注册自己

// 创建组件种类
HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription)
{
    ICatRegister* pcr = NULL;
    HRESULT hr = S_OK;

    hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
        NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
    if (FAILED(hr))
        return hr;

    // Make sure the HKCR/Component Categories/{..catid...}
    // key is registered.
    CATEGORYINFO catinfo;
    catinfo.catid = catid;
    catinfo.lcid = 0x0409 ; // english

    // Make sure the provided description is not too long.
    // Only copy the first 127 characters if it is.
    int len = wcslen(catDescription);
    if (len>127)
        len = 127;
    wcsncpy(catinfo.szDescription, catDescription, len);
    // Make sure the description is null terminated.
    catinfo.szDescription[len] = '/0';

    hr = pcr->RegisterCategories(1, &catinfo);
        pcr->Release();

    return hr;
}

// 注册组件种类
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
    // Register your component categories information.
    ICatRegister* pcr = NULL ;
    HRESULT hr = S_OK ;
    hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
        NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
    if (SUCCEEDED(hr))
    {
        // Register this category as being "implemented" by the class.
        CATID rgcatid[1] ;
        rgcatid[0] = catid;
        hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid);
    }
    if (pcr != NULL)
        pcr->Release();
    return hr;
}

// 卸载组件种类
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
    ICatRegister* pcr = NULL ;
    HRESULT hr = S_OK ;

    hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
        NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
    if (SUCCEEDED(hr))
    {
        // Unregister this category as being "implemented" by the class.
        CATID rgcatid[1] ;
        rgcatid[0] = catid;
        hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid);
    }

    if (pcr != NULL)
        pcr->Release();

    return hr;
}

4.修改DllRegisterServer和DllUnregisterServer,以在注册控件的同时注册安全性

STDAPI DllRegisterServer(void)
{
    AFX_MANAGE_STATE(_afxModuleAddrThis);

    if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid))
        return ResultFromScode(SELFREG_E_TYPELIB);

    if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE))
        return ResultFromScode(SELFREG_E_CLASS);


    HRESULT hr;
    // 标记控件初始化安全.
    // 创建初始化安全组件种类
    hr = CreateComponentCategory(CATID_SafeForInitializing,
        L"Controls safely initializable from persistent data!");
    if (FAILED(hr))
        return hr;
    // 注册初始化安全
    hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
    if (FAILED(hr))
        return hr;

    // 标记控件脚本安全
    // 创建脚本安全组件种类
    hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls safely scriptable!");
    if (FAILED(hr))
        return hr;
    // 注册脚本安全组件种类
    hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
    if (FAILED(hr))
        return hr;

    return NOERROR;
}


/////////////////////////////////////////////////////////////////////////////
// DllUnregisterServer - Removes entries from the system registry

STDAPI DllUnregisterServer(void)
{
    AFX_MANAGE_STATE(_afxModuleAddrThis);

    HRESULT hr;
    // 删除控件初始化安全入口.
    hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
    if (FAILED(hr))
        return hr;
    // 删除控件脚本安全入口
    hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
    if (FAILED(hr))
        return hr;

    if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor))
        return ResultFromScode(SELFREG_E_TYPELIB);

    if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE))
        return ResultFromScode(SELFREG_E_CLASS);

    return NOERROR;
}

好了,这就OK了,接下来就可以在网页中试试了

方法二,让控件实现IObjectSafety接口

1.先用regsvr32 /u 卸载控件,其实是取消控件安全性的注册,然后注释掉上面我们添加的在DllRegisterServer和DllUnregisterServer中的控件安全性方面的注册代码。

2.在控件的tixctl.h中加入嵌套类声明
    DECLARE_EVENT_MAP()

    BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)
        STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);
        STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
    END_INTERFACE_PART(ObjectSafety)
    DECLARE_INTERFACE_MAP()

别忘了#include "objsafe.h"

3.在控件的tixctl.cpp中添加嵌套类实现
STDMETHODIMP CTixCtrl::XObjectSafety::GetInterfaceSafetyOptions(
            REFIID riid,
            DWORD __RPC_FAR *pdwSupportedOptions,
            DWORD __RPC_FAR *pdwEnabledOptions)
{
    METHOD_PROLOGUE_EX(CTixCtrl, ObjectSafety)

    if (!pdwSupportedOptions || !pdwEnabledOptions)
    {
        return E_POINTER;
    }

    *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
    *pdwEnabledOptions = 0;

    if (NULL == pThis->GetInterface(&riid))
    {
        TRACE("Requested interface is not supported./n");
        return E_NOINTERFACE;
    }

    // What interface is being checked out anyhow?
    OLECHAR szGUID[39];
    int i = StringFromGUID2(riid, szGUID, 39);

    if (riid == IID_IDispatch)
    {
        // Client wants to know if object is safe for scripting
        *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
        return S_OK;
    }
    else if (riid == IID_IPersistPropertyBag
            || riid == IID_IPersistStreamInit
            || riid == IID_IPersistStorage
            || riid == IID_IPersistMemory)
    {
        // Those are the persistence interfaces COleControl derived controls support
        // as indicated in AFXCTL.H
        // Client wants to know if object is safe for initializing from persistent data
        *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
        return S_OK;
    }
    else
    {
        // Find out what interface this is, and decide what options to enable
        TRACE("We didn’t account for the safety of this interface, and it’s one we support.../n");
        return E_NOINTERFACE;
    }
}

STDMETHODIMP CTixCtrl::XObjectSafety::SetInterfaceSafetyOptions(
        REFIID riid,
        DWORD dwOptionSetMask,
        DWORD dwEnabledOptions)
{
    METHOD_PROLOGUE_EX(CTixCtrl, ObjectSafety)

    OLECHAR szGUID[39];
    // What is this interface anyway?
    // We can do a quick lookup in the registry under HKEY_CLASSES_ROOT/Interface
    int i = StringFromGUID2(riid, szGUID, 39);

    if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
    {
        // the control certainly supports NO requests through the specified interface
        // so it’s safe to return S_OK even if the interface isn’t supported.
        return S_OK;
    }

    // Do we support the specified interface?
    if (NULL == pThis->GetInterface(&riid))
    {
        TRACE1("%s is not support./n", szGUID);
        return E_FAIL;
    }


    if (riid == IID_IDispatch)
    {
        TRACE("Client asking if it’s safe to call through IDispatch./n");
        TRACE("In other words, is the control safe for scripting?/n");
        if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
        {
            return S_OK;
        }
        else
        {
            return E_FAIL;
        }
    }
    else if (riid == IID_IPersistPropertyBag
            || riid == IID_IPersistStreamInit
            || riid == IID_IPersistStorage
            || riid == IID_IPersistMemory)
    {
        TRACE("Client asking if it’s safe to call through IPersist*./n");
        TRACE("In other words, is the control safe for initializing from persistent data?/n");

        if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
        {
            return NOERROR;
        }
        else
        {
            return E_FAIL;
        }
    }
    else
    {
        TRACE1("We didn’t account for the safety of %s, and it’s one we support.../n", szGUID);
        return E_FAIL;
    }
}

STDMETHODIMP_(ULONG) CTixCtrl::XObjectSafety::AddRef()
{
    METHOD_PROLOGUE_EX_(CTixCtrl, ObjectSafety)
    return (ULONG)pThis->ExternalAddRef();
}

STDMETHODIMP_(ULONG) CTixCtrl::XObjectSafety::Release()
{
    METHOD_PROLOGUE_EX_(CTixCtrl, ObjectSafety)
    return (ULONG)pThis->ExternalRelease();
}

STDMETHODIMP CTixCtrl::XObjectSafety::QueryInterface(
    REFIID iid, LPVOID* ppvObj)
{
    METHOD_PROLOGUE_EX_(CTixCtrl, ObjectSafety)
    return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}

4.加入接口映射表中
在tixctl.h中加入声明
    DECLARE_INTERFACE_MAP()
在tixctl.cpp中加入

BEGIN_INTERFACE_MAP(CTixCtrl, COleControl)
    INTERFACE_PART(CTixCtrl, IID_IObjectSafety, ObjectSafety)
END_INTERFACE_MAP()

好了,试试,没问题了吧。

你可能感兴趣的:(server,脚本,null,mfc,interface,scripting)