Search
Module:
Directory

   Desktop Functions:

   Smart Device Functions:


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Download Visual Studio Add-In

IInternetSecurityManager (Interfaces)
 
.
Summary
IInternetSecurityManager enables client applications to influence the security of the browser components.

C# Definition:

[ComImport, GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B")]

[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]

public interface IInternetSecurityManager

{

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int SetSecuritySite([In] IntPtr pSite);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetSecuritySite([Out] IntPtr pSite);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int MapUrlToZone([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
           out UInt32 pdwZone, UInt32 dwFlags);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetSecurityId([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
            [MarshalAs(UnmanagedType.LPArray)] byte[] pbSecurityId,
            ref UInt32  pcbSecurityId, uint dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int ProcessUrlAction([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
               UInt32 dwAction, out byte pPolicy, UInt32 cbPolicy,
               byte pContext, UInt32 cbContext, UInt32 dwFlags,
               UInt32 dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int QueryCustomPolicy([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,  
            ref Guid guidKey, ref byte ppPolicy, ref UInt32 pcbPolicy,
            ref byte pContext, UInt32 cbContext, UInt32 dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int SetZoneMapping(UInt32 dwZone,
             [In,MarshalAs(UnmanagedType.LPWStr)] string lpszPattern,
             UInt32 dwFlags);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetZoneMappings(UInt32 dwZone, out UCOMIEnumString ppenumString,
              UInt32 dwFlags);

}

C# Sample Application:

This sample uses IInternetSecurityManager within an ActiveX control to determine the Zone from which the web page hosting the control is loaded. If the Zone is not My Computer, a flag is thrown indicating the zone is not safe. This is useful for cases where you want to mark a control as safe for scripting, but you want to limit the zones in which it is allowed to run or to perform certain actions, something IE security does not allow. Note that you will need to add shdocvw.dll as a reference within your project.

using System;

using System.Reflection;

using System.Runtime.InteropServices;

using System.Windows.Forms;

using SHDocVw;

namespace IEZoneSecurity

{

  [ComImport, GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B")]
  [InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
  public interface IInternetSecurityManager
  {
    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int SetSecuritySite([In] IntPtr pSite);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetSecuritySite([Out] IntPtr pSite);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int MapUrlToZone([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
             out UInt32 pdwZone, UInt32 dwFlags);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetSecurityId([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
              [MarshalAs(UnmanagedType.LPArray)] byte[] pbSecurityId,
              ref UInt32  pcbSecurityId, uint dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int ProcessUrlAction([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
             UInt32 dwAction, out byte pPolicy, UInt32 cbPolicy,
             byte pContext, UInt32 cbContext, UInt32 dwFlags,
             UInt32 dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int QueryCustomPolicy([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,  
              ref Guid guidKey, ref byte ppPolicy, ref UInt32 pcbPolicy,
              ref byte pContext, UInt32 cbContext, UInt32 dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int SetZoneMapping(UInt32 dwZone,
               [In,MarshalAs(UnmanagedType.LPWStr)] string lpszPattern,
               UInt32 dwFlags);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetZoneMappings(UInt32 dwZone, out UCOMIEnumString ppenumString,
            UInt32 dwFlags);
  }

  [ComImport, GuidAttribute("6D5140C1-7436-11CE-8034-00AA006009FA")]
  [InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
  public interface IServiceProvider
  {
    void QueryService(ref Guid guidService, ref Guid riid,
              [MarshalAs(UnmanagedType.Interface)] out object ppvObject);
  }

  public class ZoneSecurityDemo : System.Windows.Forms.Control
  {
    private Guid _IID_TopLevelBrowser = new Guid("4C96BE40-915C-11CF-99D3-00AA004AE837");
    private Guid _IID_WebBrowserApp = new Guid("0002DF05-0000-0000-C000-000000000046");
    private Guid _CLSID_SecurityManager = new Guid("7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4");

    protected bool _ZoneSafetyConfirmed = false;

    private void AssessZoneSafety()
    {
      object oleClientSiteObj = null;
      IEZoneSecurity.IServiceProvider serviceProvider = null;
      object topServiceProviderObj = null;
      IServiceProvider topServiceProvider = null;
      object webBrowserObj = null;
      SHDocVw.IWebBrowser webBrowser = null;
      try
      {
    // Get the client site service provider.
    Type iOleObjectType = this.GetType().GetInterface("IOleObject", true);
    oleClientSiteObj = iOleObjectType.InvokeMember("GetClientSite",
                               BindingFlags.Instance |
                               BindingFlags.InvokeMethod |
                               BindingFlags.Public, null,
                               this, null);
    serviceProvider = oleClientSiteObj as IEZoneSecurity.IServiceProvider;

    // Get top level browser service provider.
    Guid IID_TopLevelBrowser = _IID_TopLevelBrowser;
    Guid Riid = typeof(IEZoneSecurity.IServiceProvider).GUID;
    topServiceProviderObj = null;
    serviceProvider.QueryService(ref IID_TopLevelBrowser, ref Riid,
                     out topServiceProviderObj);
    topServiceProvider = topServiceProviderObj as IServiceProvider;

    // Get web browser object.
    Guid IID_WebBrowserApp = _IID_WebBrowserApp;
    Riid = typeof(SHDocVw.IWebBrowser).GUID;
    webBrowserObj = null;
    topServiceProvider.QueryService(ref IID_WebBrowserApp, ref Riid,
                    out webBrowserObj);
    webBrowser = webBrowserObj as SHDocVw.IWebBrowser;

    // Determine which zone the browser is currently in.
    Type t = Type.GetTypeFromCLSID(_CLSID_SecurityManager);
    object securityManager = Activator.CreateInstance(t);
    IInternetSecurityManager ISM = securityManager as IInternetSecurityManager;
    uint Zone;
    ISM.MapUrlToZone(webBrowser.LocationURL, out Zone, 0);
    Marshal.ReleaseComObject(securityManager);

    // Only accept calls from the My Computer zone.
    if (Zone == 0)
      _ZoneSafetyConfirmed = true;
      }
      catch
      {
      }
      finally
      {
    if (webBrowser != null)
      Marshal.ReleaseComObject(webBrowser);
    if (webBrowserObj != null)
      Marshal.ReleaseComObject(webBrowserObj);
    if (topServiceProvider != null)
      Marshal.ReleaseComObject(topServiceProvider);
    if (topServiceProviderObj != null)
      Marshal.ReleaseComObject(topServiceProviderObj);
    if (serviceProvider!= null)
      Marshal.ReleaseComObject(serviceProvider);
    if (oleClientSiteObj != null)
      Marshal.ReleaseComObject(oleClientSiteObj);
      }
    }
  }

}

VB Definition:

to do

VB Sample Application:

User-Defined Types:

None.

Notes:

None.

Documentation

Please edit this page!

Do you have...

  • helpful tips?
  • corrections to the existing content?
  • alternate definitions?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing any supporting types needed.

 
Access PInvoke.net directly from VS:
Terms of Use
Find References
Show Printable Version
Revisions