• 在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗


    转自 http://www.cnblogs.com/zdxster/archive/2011/01/27/1945868.html

    在EOS6的项目中,如果采用VC++开发的ActiveX,那么第一次运行的时候,IE中就会提示,“在此页上的ActiveX控件和本页上的其他部分的交互可能不安全,你想允许这种交互吗?”在网上找了很多资料,原理介绍的多,但是真正如何做,介绍的比较少,因此这里把实际的步骤一步一步的记录下来了,供大家参考。

     

    1.1 去除ActiveX访问时的安全提示

    ActiveX第一次被访问时,会出现如下提示框:

     

    这是IE浏览器的安全机制造成的,我们可以采用下面的步骤来去除这个提示信息:

    1.1.1 CDemoCtl的头文件.h中增加对objsave的引用

    #include <objsafe.h> 

    1.1.2 在其protected声明区增加如下内容:

    //去掉安全警告 BEGIN

    DECLARE_INTERFACE_MAP()

    BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)

    STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);

    STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);

    END_INTERFACE_PART(ObjectSafety)

    //去掉安全警告 END

    1.1.3 CDemoCtl的实现类.cppIMPLEMENT_DYNCREATE(CActivexFirstCtrl, COleControl)这一行后增加如下内容:

         

     

    //去掉安全警告 BEGIN

    BEGIN_INTERFACE_MAP(CDemoCtl, COleControl)

    INTERFACE_PART(CDemoCtl, IID_IObjectSafety, ObjectSafety)

    END_INTERFACE_MAP()

    // Implementation of IObjectSafety

    STDMETHODIMP CDemoCtl::XObjectSafety::GetInterfaceSafetyOptions(

    REFIID riid,

    DWORD __RPC_FAR *pdwSupportedOptions,

    DWORD __RPC_FAR *pdwEnabledOptions)

    {

    METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)

    if (!pdwSupportedOptions || !pdwEnabledOptions)

    {

    return E_POINTER;

    }

    *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER 

    | INTERFACESAFE_FOR_UNTRUSTED_DATA;

    *pdwEnabledOptions = 0;

    if (NULL == pThis->GetInterface(&riid))

    {

    TRACE("Requested interface is not supported. ");

    return E_NOINTERFACE;

    }

    // What interface is being checked out anyhow?

    OLECHAR szGUID[39];

    int i = StringFromGUID2(riid, szGUID, 39);

    if (riid == IID_IDispatch)

    {

    // Client wants to know if object is safe for scripting

    *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;

    return S_OK;

    }

    else if (riid == IID_IPersistPropertyBag

    || riid == IID_IPersistStreamInit

    || riid == IID_IPersistStorage

    || riid == IID_IPersistMemory)

    {

    // Those are the persistence interfaces COleControl derived controls support

    // as indicated in AFXCTL.H

    // Client wants to know if object is safe for initializing from persistent data

    *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;

    return S_OK;

    }

    else

    {

    // Find out what interface this is, and decide what options to enable

    TRACE("We didn"t account for the safety of this interface, and it"s one we support... ");

    return E_NOINTERFACE;

    }

    }

    STDMETHODIMP CDemoCtl::XObjectSafety::SetInterfaceSafetyOptions(

    REFIID riid,

    DWORD dwOptionSetMask,

    DWORD dwEnabledOptions)

    {

    METHOD_PROLOGUE_EX(CDemoCtl, ObjectSafety)

    OLECHAR szGUID[39];

    // What is this interface anyway?

    // We can do a quick lookup in the registry under HKEY_CLASSES_ROOTInterface

    int i = StringFromGUID2(riid, szGUID, 39);

    if (0 == dwOptionSetMask && 0 == dwEnabledOptions)

    {

    // the control certainly supports NO requests through the specified interface

    // so it"s safe to return S_OK even if the interface isn"t supported.

    return S_OK;

    }

    // Do we support the specified interface?

    if (NULL == pThis->GetInterface(&riid))

    {

    TRACE1("%s is not support. ", szGUID);

    return E_FAIL;

    }

    if (riid == IID_IDispatch)

    {

    TRACE("Client asking if it"s safe to call through IDispatch. ");

    TRACE("In other words, is the control safe for scripting? ");

    if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask 

    && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)

    {

    return S_OK;

    }

    else

    {

    return E_FAIL;

    }

    }

    else if (riid == IID_IPersistPropertyBag

    || riid == IID_IPersistStreamInit

    || riid == IID_IPersistStorage

    || riid == IID_IPersistMemory)

    {

    TRACE("Client asking if it"s safe to call through IPersist*. ");

    TRACE("In other words, is the control safe for initializing from persistent data? ");

    if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask 

    && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)

    {

    return NOERROR;

    }

    else

    {

    return E_FAIL;

    }

    }

    else

    {

    TRACE1("We didn"t account for the safety of %s, and it"s one we support... ", szGUID);

    return E_FAIL;

    }

    }

    STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::AddRef()

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (ULONG)pThis->ExternalAddRef();

    }

    STDMETHODIMP_(ULONG) CDemoCtl::XObjectSafety::Release()

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (ULONG)pThis->ExternalRelease();

    }

    STDMETHODIMP CDemoCtl::XObjectSafety::QueryInterface(

    REFIID iid, LPVOID* ppvObj)

    {

    METHOD_PROLOGUE_EX_(CDemoCtl, ObjectSafety)

    return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);

    }

    //去掉安全警告 END

  • 相关阅读:
    js获取宽和高
    弹出一个登录层,并对登录进行校验
    存储过程事务处理
    C# 冒泡算法
    正则表达式30分钟入门教程
    生成树的两种递归方式
    (转)再说ActionMessages类及其用法
    java.io.IOException:stream closed 异常的原因及处理
    log4j学习
    struts1.x的国际化
  • 原文地址:https://www.cnblogs.com/andyliu1988/p/5952409.html
Copyright © 2020-2023  润新知