Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
81079eb2
Commit
81079eb2
authored
Oct 01, 2009
by
Jacek Caban
Committed by
Alexandre Julliard
Oct 01, 2009
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
mshtml: Added QueryCustomPolicy implementation.
parent
3b92a3f3
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
171 additions
and
4 deletions
+171
-4
secmgr.c
dlls/mshtml/secmgr.c
+80
-2
script.c
dlls/mshtml/tests/script.c
+91
-2
No files found.
dlls/mshtml/secmgr.c
View file @
81079eb2
...
...
@@ -27,6 +27,8 @@
#include "winbase.h"
#include "winuser.h"
#include "ole2.h"
#include "objsafe.h"
#include "activscp.h"
#include "wine/debug.h"
...
...
@@ -36,6 +38,10 @@ WINE_DEFAULT_DEBUG_CHANNEL(mshtml);
static
const
WCHAR
about_blankW
[]
=
{
'a'
,
'b'
,
'o'
,
'u'
,
't'
,
':'
,
'b'
,
'l'
,
'a'
,
'n'
,
'k'
,
0
};
/* Defined as extern in urlmon.idl, but not exported by uuid.lib */
const
GUID
GUID_CUSTOM_CONFIRMOBJECTSAFETY
=
{
0x10200490
,
0xfa38
,
0x11d0
,{
0xac
,
0x0e
,
0x00
,
0xa0
,
0xc9
,
0xf
,
0xff
,
0xc0
}};
#define HOSTSECMGR_THIS(iface) DEFINE_THIS(HTMLDocumentNode, IInternetHostSecurityManager, iface)
static
HRESULT
WINAPI
InternetHostSecurityManager_QueryInterface
(
IInternetHostSecurityManager
*
iface
,
REFIID
riid
,
void
**
ppv
)
...
...
@@ -78,12 +84,84 @@ static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHost
pContext
,
cbContext
,
dwFlags
,
dwReserved
);
}
static
DWORD
confirm_safety
(
HTMLDocumentNode
*
This
,
const
WCHAR
*
url
,
IUnknown
*
obj
)
{
DWORD
policy
,
enabled_opts
,
supported_opts
;
IObjectSafety
*
obj_safety
;
HRESULT
hres
;
/* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
hres
=
IInternetSecurityManager_ProcessUrlAction
(
This
->
secmgr
,
url
,
URLACTION_SCRIPT_SAFE_ACTIVEX
,
(
BYTE
*
)
&
policy
,
sizeof
(
policy
),
NULL
,
0
,
0
,
0
);
if
(
FAILED
(
hres
)
||
policy
!=
URLPOLICY_ALLOW
)
return
URLPOLICY_DISALLOW
;
hres
=
IUnknown_QueryInterface
(
obj
,
&
IID_IObjectSafety
,
(
void
**
)
&
obj_safety
);
if
(
FAILED
(
hres
))
return
URLPOLICY_DISALLOW
;
hres
=
IObjectSafety_GetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
&
supported_opts
,
&
enabled_opts
);
if
(
SUCCEEDED
(
hres
))
{
enabled_opts
=
INTERFACESAFE_FOR_UNTRUSTED_CALLER
;
if
(
supported_opts
&
INTERFACE_USES_SECURITY_MANAGER
)
enabled_opts
|=
INTERFACE_USES_SECURITY_MANAGER
;
hres
=
IObjectSafety_SetInterfaceSafetyOptions
(
obj_safety
,
&
IID_IDispatchEx
,
enabled_opts
,
enabled_opts
);
}
IObjectSafety_Release
(
obj_safety
);
if
(
FAILED
(
hres
))
return
URLPOLICY_DISALLOW
;
return
URLPOLICY_ALLOW
;
}
static
HRESULT
WINAPI
InternetHostSecurityManager_QueryCustomPolicy
(
IInternetHostSecurityManager
*
iface
,
REFGUID
guidKey
,
BYTE
**
ppPolicy
,
DWORD
*
pcbPolicy
,
BYTE
*
pContext
,
DWORD
cbContext
,
DWORD
dwReserved
)
{
HTMLDocumentNode
*
This
=
HOSTSECMGR_THIS
(
iface
);
FIXME
(
"(%p)->(%s %p %p %p %d %x)
\n
"
,
This
,
debugstr_guid
(
guidKey
),
ppPolicy
,
pcbPolicy
,
pContext
,
cbContext
,
dwReserved
);
return
E_NOTIMPL
;
const
WCHAR
*
url
;
HRESULT
hres
;
TRACE
(
"(%p)->(%s %p %p %p %d %x)
\n
"
,
This
,
debugstr_guid
(
guidKey
),
ppPolicy
,
pcbPolicy
,
pContext
,
cbContext
,
dwReserved
);
url
=
This
->
basedoc
.
doc_obj
->
url
?
This
->
basedoc
.
doc_obj
->
url
:
about_blankW
;
hres
=
IInternetSecurityManager_QueryCustomPolicy
(
This
->
secmgr
,
url
,
guidKey
,
ppPolicy
,
pcbPolicy
,
pContext
,
cbContext
,
dwReserved
);
if
(
hres
!=
HRESULT_FROM_WIN32
(
ERROR_NOT_FOUND
))
return
hres
;
if
(
IsEqualGUID
(
&
GUID_CUSTOM_CONFIRMOBJECTSAFETY
,
guidKey
))
{
IActiveScript
*
active_script
;
struct
CONFIRMSAFETY
*
cs
;
DWORD
policy
;
if
(
cbContext
!=
sizeof
(
struct
CONFIRMSAFETY
))
{
FIXME
(
"wrong context size
\n
"
);
return
E_FAIL
;
}
cs
=
(
struct
CONFIRMSAFETY
*
)
pContext
;
hres
=
IUnknown_QueryInterface
(
cs
->
pUnk
,
&
IID_IActiveScript
,
(
void
**
)
&
active_script
);
if
(
SUCCEEDED
(
hres
))
{
FIXME
(
"Got IAciveScript iface
\n
"
);
IActiveScript_Release
(
active_script
);
return
E_FAIL
;
}
policy
=
confirm_safety
(
This
,
url
,
cs
->
pUnk
);
*
ppPolicy
=
CoTaskMemAlloc
(
sizeof
(
policy
));
if
(
!*
ppPolicy
)
return
E_OUTOFMEMORY
;
*
(
DWORD
*
)
*
ppPolicy
=
policy
;
*
pcbPolicy
=
sizeof
(
policy
);
return
S_OK
;
}
FIXME
(
"Unknown guidKey %s
\n
"
,
debugstr_guid
(
guidKey
));
return
hres
;
}
#undef HOSTSECMGR_THIS
...
...
dlls/mshtml/tests/script.c
View file @
81079eb2
...
...
@@ -37,6 +37,10 @@
DEFINE_GUID
(
CLSID_IdentityUnmarshal
,
0x0000001b
,
0x0000
,
0x0000
,
0xc0
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x46
);
/* Defined as extern in urlmon.idl, but not exported by uuid.lib */
const
GUID
GUID_CUSTOM_CONFIRMOBJECTSAFETY
=
{
0x10200490
,
0xfa38
,
0x11d0
,{
0xac
,
0x0e
,
0x00
,
0xa0
,
0xc9
,
0xf
,
0xff
,
0xc0
}};
#ifdef _WIN64
#define CTXARG_T DWORDLONG
...
...
@@ -110,6 +114,10 @@ DEFINE_EXPECT(GetScriptDispatch);
DEFINE_EXPECT
(
funcDisp
);
DEFINE_EXPECT
(
script_testprop_d
);
DEFINE_EXPECT
(
script_testprop_i
);
DEFINE_EXPECT
(
AXQueryInterface_IActiveScript
);
DEFINE_EXPECT
(
AXQueryInterface_IObjectSafety
);
DEFINE_EXPECT
(
AXGetInterfaceSafetyOptions
);
DEFINE_EXPECT
(
AXSetInterfaceSafetyOptions
);
#define TESTSCRIPT_CLSID "{178fc163-f585-4e24-9c13-4bb7faf80746}"
...
...
@@ -519,7 +527,7 @@ static SCRIPTSTATE state;
static
HRESULT
WINAPI
ObjectSafety_QueryInterface
(
IObjectSafety
*
iface
,
REFIID
riid
,
void
**
ppv
)
{
*
ppv
=
NULL
;
ok
(
0
,
"unexpected call
\n
"
);
ok
(
0
,
"unexpected call
%s
\n
"
,
debugstr_guid
(
riid
)
);
return
E_NOINTERFACE
;
}
...
...
@@ -573,11 +581,72 @@ static const IObjectSafetyVtbl ObjectSafetyVtbl = {
static
IObjectSafety
ObjectSafety
=
{
&
ObjectSafetyVtbl
};
static
HRESULT
WINAPI
AXObjectSafety_QueryInterface
(
IObjectSafety
*
iface
,
REFIID
riid
,
void
**
ppv
)
{
*
ppv
=
NULL
;
if
(
IsEqualGUID
(
&
IID_IActiveScript
,
riid
))
{
CHECK_EXPECT
(
AXQueryInterface_IActiveScript
);
return
E_NOINTERFACE
;
}
if
(
IsEqualGUID
(
&
IID_IObjectSafety
,
riid
))
{
CHECK_EXPECT
(
AXQueryInterface_IObjectSafety
);
*
ppv
=
iface
;
return
S_OK
;
}
ok
(
0
,
"unexpected call %s
\n
"
,
debugstr_guid
(
riid
));
return
E_NOINTERFACE
;
}
static
HRESULT
WINAPI
AXObjectSafety_GetInterfaceSafetyOptions
(
IObjectSafety
*
iface
,
REFIID
riid
,
DWORD
*
pdwSupportedOptions
,
DWORD
*
pdwEnabledOptions
)
{
CHECK_EXPECT
(
AXGetInterfaceSafetyOptions
);
ok
(
IsEqualGUID
(
&
IID_IDispatchEx
,
riid
),
"unexpected riid %s
\n
"
,
debugstr_guid
(
riid
));
ok
(
pdwSupportedOptions
!=
NULL
,
"pdwSupportedOptions == NULL
\n
"
);
ok
(
pdwEnabledOptions
!=
NULL
,
"pdwEnabledOptions == NULL
\n
"
);
*
pdwSupportedOptions
=
INTERFACESAFE_FOR_UNTRUSTED_DATA
|
INTERFACE_USES_DISPEX
|
INTERFACE_USES_SECURITY_MANAGER
;
*
pdwEnabledOptions
=
INTERFACE_USES_DISPEX
;
return
S_OK
;
}
static
HRESULT
WINAPI
AXObjectSafety_SetInterfaceSafetyOptions
(
IObjectSafety
*
iface
,
REFIID
riid
,
DWORD
dwOptionSetMask
,
DWORD
dwEnabledOptions
)
{
CHECK_EXPECT
(
AXSetInterfaceSafetyOptions
);
ok
(
IsEqualGUID
(
&
IID_IDispatchEx
,
riid
),
"unexpected riid %s
\n
"
,
debugstr_guid
(
riid
));
ok
(
dwOptionSetMask
==
(
INTERFACESAFE_FOR_UNTRUSTED_CALLER
|
INTERFACE_USES_SECURITY_MANAGER
),
"dwOptionSetMask=%x
\n
"
,
dwOptionSetMask
);
ok
(
dwEnabledOptions
==
(
INTERFACESAFE_FOR_UNTRUSTED_CALLER
|
INTERFACE_USES_SECURITY_MANAGER
),
"dwEnabledOptions=%x
\n
"
,
dwOptionSetMask
);
return
S_OK
;
}
static
const
IObjectSafetyVtbl
AXObjectSafetyVtbl
=
{
AXObjectSafety_QueryInterface
,
ObjectSafety_AddRef
,
ObjectSafety_Release
,
AXObjectSafety_GetInterfaceSafetyOptions
,
AXObjectSafety_SetInterfaceSafetyOptions
};
static
IObjectSafety
AXObjectSafety
=
{
&
AXObjectSafetyVtbl
};
static
void
test_security
(
void
)
{
IInternetHostSecurityManager
*
sec_mgr
;
IServiceProvider
*
sp
;
DWORD
policy
;
DWORD
policy
,
policy_size
;
struct
CONFIRMSAFETY
cs
;
BYTE
*
ppolicy
;
HRESULT
hres
;
hres
=
IActiveScriptSite_QueryInterface
(
site
,
&
IID_IServiceProvider
,
(
void
**
)
&
sp
);
...
...
@@ -593,6 +662,26 @@ static void test_security(void)
ok
(
hres
==
S_OK
,
"ProcessUrlAction failed: %08x
\n
"
,
hres
);
ok
(
policy
==
URLPOLICY_ALLOW
,
"policy = %x
\n
"
,
policy
);
cs
.
clsid
=
CLSID_TestActiveX
;
cs
.
pUnk
=
(
IUnknown
*
)
&
AXObjectSafety
;
cs
.
dwFlags
=
0
;
SET_EXPECT
(
AXQueryInterface_IActiveScript
);
SET_EXPECT
(
AXQueryInterface_IObjectSafety
);
SET_EXPECT
(
AXGetInterfaceSafetyOptions
);
SET_EXPECT
(
AXSetInterfaceSafetyOptions
);
hres
=
IInternetHostSecurityManager_QueryCustomPolicy
(
sec_mgr
,
&
GUID_CUSTOM_CONFIRMOBJECTSAFETY
,
&
ppolicy
,
&
policy_size
,
(
BYTE
*
)
&
cs
,
sizeof
(
cs
),
0
);
CHECK_CALLED
(
AXQueryInterface_IActiveScript
);
CHECK_CALLED
(
AXQueryInterface_IObjectSafety
);
CHECK_CALLED
(
AXGetInterfaceSafetyOptions
);
CHECK_CALLED
(
AXSetInterfaceSafetyOptions
);
ok
(
hres
==
S_OK
,
"QueryCusromPolicy failed: %08x
\n
"
,
hres
);
ok
(
policy_size
==
sizeof
(
DWORD
),
"policy_size = %d
\n
"
,
policy_size
);
ok
(
*
(
DWORD
*
)
ppolicy
==
URLPOLICY_ALLOW
,
"policy = %x
\n
"
,
*
(
DWORD
*
)
ppolicy
);
CoTaskMemFree
(
ppolicy
);
IInternetHostSecurityManager_Release
(
sec_mgr
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment