Search
Module:
Directory

   Desktop Functions:

   Smart Device Functions:


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Download Visual Studio Add-In

IInternetSecurityManager (Interfaces)
 
.
Summary
IInternetSecurityManager enables client applications to influence the security of the browser components.

C# Definition:

[ComImport, GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B")]

[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]

public interface IInternetSecurityManager

{

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int SetSecuritySite([In] IntPtr pSite);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetSecuritySite([Out] IntPtr pSite);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int MapUrlToZone([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
           ref UInt32 pdwZone, UInt32 dwFlags);
           out UInt32 pdwZone, UInt32 dwFlags);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetSecurityId([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
            [MarshalAs(UnmanagedType.LPArray)] byte[] pbSecurityId,
            ref UInt32  pcbSecurityId, uint dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int ProcessUrlAction([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
               UInt32 dwAction, out byte pPolicy, UInt32 cbPolicy,
               byte pContext, UInt32 cbContext, UInt32 dwFlags,
               UInt32 dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int QueryCustomPolicy([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,  
            ref Guid guidKey, ref byte ppPolicy, ref UInt32 pcbPolicy,
            ref byte pContext, UInt32 cbContext, UInt32 dwReserved);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int SetZoneMapping(UInt32 dwZone,
             [In,MarshalAs(UnmanagedType.LPWStr)] string lpszPattern,
             UInt32 dwFlags);

  [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
  int GetZoneMappings(UInt32 dwZone, out UCOMIEnumString ppenumString,
              UInt32 dwFlags);

}

C# Sample Application:

This sample uses IInternetSecurityManager within an ActiveX control to determine the Zone from which the web page hosting the control is loaded. If the Zone is not My Computer, a flag is thrown indicating the zone is not safe. This is useful for cases where you want to mark a control as safe for scripting, but you want to limit the zones in which it is allowed to run or to perform certain actions, something IE security does not allow. Note that you will need to add shdocvw.dll as a reference within your project, and that you should set "Register for COM Interop" to True in Project Properties | Configuration Properties | Build.

using System;

using System.Reflection;

using System.Runtime.InteropServices;

using System.Windows.Forms;

using SHDocVw;

namespace IEZoneSecurity

{

  [ComImport, GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B")]
  [InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
  public interface IInternetSecurityManager
  {
    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int SetSecuritySite([In] IntPtr pSite);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetSecuritySite([Out] IntPtr pSite);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int MapUrlToZone([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
             out UInt32 pdwZone, UInt32 dwFlags);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetSecurityId([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
              [MarshalAs(UnmanagedType.LPArray)] byte[] pbSecurityId,
              ref UInt32  pcbSecurityId, uint dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int ProcessUrlAction([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,
             UInt32 dwAction, out byte pPolicy, UInt32 cbPolicy,
             byte pContext, UInt32 cbContext, UInt32 dwFlags,
             UInt32 dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int QueryCustomPolicy([In,MarshalAs(UnmanagedType.LPWStr)] string pwszUrl,  
              ref Guid guidKey, ref byte ppPolicy, ref UInt32 pcbPolicy,
              ref byte pContext, UInt32 cbContext, UInt32 dwReserved);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int SetZoneMapping(UInt32 dwZone,
               [In,MarshalAs(UnmanagedType.LPWStr)] string lpszPattern,
               UInt32 dwFlags);

    [return: MarshalAs(UnmanagedType.I4)][PreserveSig]
    int GetZoneMappings(UInt32 dwZone, out UCOMIEnumString ppenumString,
            UInt32 dwFlags);
  }

  [ComImport, GuidAttribute("6D5140C1-7436-11CE-8034-00AA006009FA")]
  [InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
  public interface IServiceProvider
  {
    void QueryService(ref Guid guidService, ref Guid riid,
              [MarshalAs(UnmanagedType.Interface)] out object ppvObject);
  }

  [Guid("<interface guid>")]
  [InterfaceType(ComInterfaceType.InterfaceIsIDispatch)]
  public interface _ZoneSecurityDemo
  {
    [DispId(1)]
    void AssessZoneSafety();
  }

  [Guid("<class guid>")]
  [ClassInterface(ClassInterfaceType.None)]
  [ProgId("IEZoneSecurity.ZoneSecurityDemo")]
  public class ZoneSecurityDemo : System.Windows.Forms.Control, _ZoneSecurityDemo
  {
    private Guid _IID_TopLevelBrowser = new Guid("4C96BE40-915C-11CF-99D3-00AA004AE837");
    private Guid _IID_WebBrowserApp = new Guid("0002DF05-0000-0000-C000-000000000046");
    private Guid _CLSID_SecurityManager = new Guid("7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4");

    private bool _ZoneSafetyConfirmed = false;

    public void AssessZoneSafety()
    {
      object oleClientSiteObj = null;
      IEZoneSecurity.IServiceProvider serviceProvider = null;
      object topServiceProviderObj = null;
      IServiceProvider topServiceProvider = null;
      object webBrowserObj = null;
      SHDocVw.IWebBrowser webBrowser = null;
      try
      {
    // Get the client site service provider.
    Type iOleObjectType = this.GetType().GetInterface("IOleObject", true);
    oleClientSiteObj = iOleObjectType.InvokeMember("GetClientSite",
                               BindingFlags.Instance |
                               BindingFlags.InvokeMethod |
                               BindingFlags.Public, null,
                               this, null);
    serviceProvider = oleClientSiteObj as IEZoneSecurity.IServiceProvider;

    // Get top level browser service provider.
    Guid IID_TopLevelBrowser = _IID_TopLevelBrowser;
    Guid Riid = typeof(IEZoneSecurity.IServiceProvider).GUID;
    topServiceProviderObj = null;
    serviceProvider.QueryService(ref IID_TopLevelBrowser, ref Riid,
                     out topServiceProviderObj);
    topServiceProvider = topServiceProviderObj as IServiceProvider;

    // Get web browser object.
    Guid IID_WebBrowserApp = _IID_WebBrowserApp;
    Riid = typeof(SHDocVw.IWebBrowser).GUID;
    webBrowserObj = null;
    topServiceProvider.QueryService(ref IID_WebBrowserApp, ref Riid,
                    out webBrowserObj);
    webBrowser = webBrowserObj as SHDocVw.IWebBrowser;

    // Determine which zone the browser is currently in.
    Type t = Type.GetTypeFromCLSID(_CLSID_SecurityManager);
    object securityManager = Activator.CreateInstance(t);
    IInternetSecurityManager ISM = securityManager as IInternetSecurityManager;
    uint Zone;
    ISM.MapUrlToZone(webBrowser.LocationURL, out Zone, 0);
    Marshal.ReleaseComObject(securityManager);

    // Only accept calls from the My Computer zone.
    if (Zone == 0)
      _ZoneSafetyConfirmed = true;
      }
      catch
      {
      }
      finally
      {
    if (webBrowser != null)
      Marshal.ReleaseComObject(webBrowser);
    if (webBrowserObj != null)
      Marshal.ReleaseComObject(webBrowserObj);
    if (topServiceProvider != null)
      Marshal.ReleaseComObject(topServiceProvider);
    if (topServiceProviderObj != null)
      Marshal.ReleaseComObject(topServiceProviderObj);
    if (serviceProvider!= null)
      Marshal.ReleaseComObject(serviceProvider);
    if (oleClientSiteObj != null)
      Marshal.ReleaseComObject(oleClientSiteObj);
      }
    }
  }

}

VB Definition:

   <ComImport(), GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B")> _
   <InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)> _
   Public Interface IInternetSecurityManager
    <PreserveSig()> _
    Function SetSecuritySite(<[In]()> ByVal pSite As IntPtr) As <MarshalAs(UnmanagedType.I4)> Integer

to do

    <PreserveSig()> _
    Function GetSecuritySite(<[Out]()> ByVal pSite As IntPtr) As <MarshalAs(UnmanagedType.I4)> Integer

VB Sample Application:

    <PreserveSig()> _
    Function MapUrlToZone(<[In]()> <MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String,
       ByRef pdwZone As UInt32, ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

User-Defined Types:

None.

    <PreserveSig()> _
    Function GetSecurityId(<MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String,
        <MarshalAs(UnmanagedType.LPArray)> ByVal pbSecurityId As Byte(),
        ByRef pcbSecurityId As UInt32, ByVal dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

Notes:

I haven't been able to get this to work at all in JavaScript unless the ActiveX control in is object tags.

    <PreserveSig()> _
    Function ProcessUrlAction(<[In]()> <MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String,
           ByVal dwAction As UInt32, <[Out]()> ByVal pPolicy As Byte, ByVal cbPolicy As UInt32,
           ByVal pContext As Byte, ByVal cbContext As UInt32, ByVal dwFlags As UInt32,
           ByVal dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

So, even if your ActiveX control doesn't have any UI, don't do this:

    <PreserveSig()> _
    Function QueryCustomPolicy(<[In]()> <MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String,
        ByRef guidKey As Guid, ByRef ppPolicy As Byte, ByRef pcbPolicy As UInt32,
        ByRef pContext As Byte, ByVal cbContext As UInt32, ByVal dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

<script language=javascript>

  MyObject = new ActiveXObject("IEZoneSecurity.ZoneSecurityDemo");

</script>

    <PreserveSig()> _
    Function SetZoneMapping(ByVal dwZone As UInt32,
         <[In]()> <MarshalAs(UnmanagedType.LPWStr)> ByVal lpszPattern As String,
         ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

Instead, do this:

    <PreserveSig()> _
    Function GetZoneMappings(ByVal dwZone As UInt32, <[Out]()> ByVal ppenumString As IEnumString,
        ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer 'As UCOMIEnumString
   End Interface

Note
Not tested.

VB Sample Application:

User-Defined Types:

None.

Notes:

I haven't been able to get this to work at all in JavaScript unless the ActiveX control in is object tags.

So, even if your ActiveX control doesn't have any UI, don't do this:

<script language=javascript>

  MyObject = new ActiveXObject("IEZoneSecurity.ZoneSecurityDemo");

</script>

Instead, do this:

<body>

  <object classid="<class guid>" width=0 height=0 ID="MyObjectId" VIEWASTEXT></object>
  <script language=javascript>
    MyObject = document.getElementById("MyObjectId");
  </script>

</body>

Documentation

Please edit this page!

Do you have...

  • helpful tips?
  • corrections to the existing content?
  • alternate definitions?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing any supporting types needed.

 
Access PInvoke.net directly from VS:
Terms of Use
Edit This Page
Find References
Show Printable Version
Revisions