Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
33146079
Commit
33146079
authored
Dec 09, 2010
by
Jacek Caban
Committed by
Alexandre Julliard
Dec 09, 2010
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
mshtml: Added support for CONFIRMSAFETYACTION_LOADOBJECT flag in CONFIRMSAFETY struct.
parent
483fe277
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
54 additions
and
18 deletions
+54
-18
secmgr.c
dlls/mshtml/secmgr.c
+54
-18
No files found.
dlls/mshtml/secmgr.c
View file @
33146079
...
...
@@ -84,6 +84,30 @@ static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHost
pContext
,
cbContext
,
dwFlags
,
dwReserved
);
}
static
HRESULT
confirm_safety_load
(
HTMLDocumentNode
*
This
,
struct
CONFIRMSAFETY
*
cs
,
DWORD
*
ret
)
{
IObjectSafety
*
obj_safety
;
HRESULT
hres
;
hres
=
IUnknown_QueryInterface
(
cs
->
pUnk
,
&
IID_IObjectSafety
,
(
void
**
)
&
obj_safety
);
if
(
SUCCEEDED
(
hres
))
{
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatch
,
INTERFACESAFE_FOR_UNTRUSTED_DATA
,
INTERFACESAFE_FOR_UNTRUSTED_DATA
);
IObjectSafety_Release
(
obj_safety
);
*
ret
=
SUCCEEDED
(
hres
)
?
URLPOLICY_ALLOW
:
URLPOLICY_DISALLOW
;
}
else
{
CATID
init_catid
=
CATID_SafeForInitializing
;
hres
=
ICatInformation_IsClassOfCategories
(
This
->
catmgr
,
&
cs
->
clsid
,
1
,
&
init_catid
,
0
,
NULL
);
if
(
FAILED
(
hres
))
return
hres
;
*
ret
=
hres
==
S_OK
?
URLPOLICY_ALLOW
:
URLPOLICY_DISALLOW
;
}
return
S_OK
;
}
static
HRESULT
confirm_safety
(
HTMLDocumentNode
*
This
,
const
WCHAR
*
url
,
struct
CONFIRMSAFETY
*
cs
,
DWORD
*
ret
)
{
DWORD
policy
,
enabled_opts
,
supported_opts
;
...
...
@@ -102,7 +126,27 @@ static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct C
}
hres
=
IUnknown_QueryInterface
(
cs
->
pUnk
,
&
IID_IObjectSafety
,
(
void
**
)
&
obj_safety
);
if
(
FAILED
(
hres
))
{
if
(
SUCCEEDED
(
hres
))
{
hres
=
IObjectSafety_GetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
&
supported_opts
,
&
enabled_opts
);
if
(
FAILED
(
hres
))
supported_opts
=
0
;
enabled_opts
=
INTERFACESAFE_FOR_UNTRUSTED_CALLER
;
if
(
supported_opts
&
INTERFACE_USES_SECURITY_MANAGER
)
enabled_opts
|=
INTERFACE_USES_SECURITY_MANAGER
;
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
enabled_opts
,
enabled_opts
);
if
(
FAILED
(
hres
))
{
enabled_opts
&=
~
INTERFACE_USES_SECURITY_MANAGER
;
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatch
,
enabled_opts
,
enabled_opts
);
}
IObjectSafety_Release
(
obj_safety
);
if
(
FAILED
(
hres
))
{
*
ret
=
URLPOLICY_DISALLOW
;
return
S_OK
;
}
}
else
{
CATID
scripting_catid
=
CATID_SafeForScripting
;
if
(
!
This
->
catmgr
)
{
...
...
@@ -116,26 +160,16 @@ static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct C
if
(
FAILED
(
hres
))
return
hres
;
*
ret
=
hres
==
S_OK
?
URLPOLICY_ALLOW
:
URLPOLICY_DISALLOW
;
return
S_OK
;
if
(
hres
!=
S_OK
)
{
*
ret
=
URLPOLICY_DISALLOW
;
return
S_OK
;
}
}
hres
=
IObjectSafety_GetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
&
supported_opts
,
&
enabled_opts
);
if
(
FAILED
(
hres
))
supported_opts
=
0
;
enabled_opts
=
INTERFACESAFE_FOR_UNTRUSTED_CALLER
;
if
(
supported_opts
&
INTERFACE_USES_SECURITY_MANAGER
)
enabled_opts
|=
INTERFACE_USES_SECURITY_MANAGER
;
if
(
cs
->
dwFlags
&
CONFIRMSAFETYACTION_LOADOBJECT
)
return
confirm_safety_load
(
This
,
cs
,
ret
);
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
enabled_opts
,
enabled_opts
);
if
(
FAILED
(
hres
))
{
enabled_opts
&=
~
INTERFACE_USES_SECURITY_MANAGER
;
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatch
,
enabled_opts
,
enabled_opts
);
}
IObjectSafety_Release
(
obj_safety
);
*
ret
=
SUCCEEDED
(
hres
)
?
URLPOLICY_ALLOW
:
URLPOLICY_DISALLOW
;
*
ret
=
URLPOLICY_ALLOW
;
return
S_OK
;
}
...
...
@@ -166,6 +200,8 @@ static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHos
}
cs
=
(
struct
CONFIRMSAFETY
*
)
pContext
;
TRACE
(
"cs = {%s %p %x}
\n
"
,
debugstr_guid
(
&
cs
->
clsid
),
cs
->
pUnk
,
cs
->
dwFlags
);
hres
=
IUnknown_QueryInterface
(
cs
->
pUnk
,
&
IID_IActiveScript
,
(
void
**
)
&
active_script
);
if
(
SUCCEEDED
(
hres
))
{
FIXME
(
"Got IAciveScript iface
\n
"
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
