ReactOS 0.4.15-dev-7931-gfd331f1
secmgr.c
Go to the documentation of this file.
1/*
2 * Copyright 2009 Jacek Caban for CodeWeavers
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18
19#include "mshtml_private.h"
20
21#include <activscp.h>
22
23static const WCHAR about_blankW[] = {'a','b','o','u','t',':','b','l','a','n','k',0};
24
25/* Defined as extern in urlmon.idl, but not exported by uuid.lib */
27 {0x10200490,0xfa38,0x11d0,{0xac,0x0e,0x00,0xa0,0xc9,0xf,0xff,0xc0}};
28
30{
31 return CONTAINING_RECORD(iface, HTMLDocumentNode, IInternetHostSecurityManager_iface);
32}
33
35{
37 return IHTMLDOMNode_QueryInterface(&This->node.IHTMLDOMNode_iface, riid, ppv);
38}
39
41{
43 return IHTMLDOMNode_AddRef(&This->node.IHTMLDOMNode_iface);
44}
45
47{
49 return IHTMLDOMNode_Release(&This->node.IHTMLDOMNode_iface);
50}
51
53 DWORD *pcbSecurityId, DWORD_PTR dwReserved)
54{
56 FIXME("(%p)->(%p %p %lx)\n", This, pbSecurityId, pcbSecurityId, dwReserved);
57 return E_NOTIMPL;
58}
59
61 BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
62{
64 const WCHAR *url;
65
66 TRACE("(%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
67
68 if(!This->basedoc.window)
69 return E_UNEXPECTED;
70
71 url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
72
73 return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy,
74 pContext, cbContext, dwFlags, dwReserved);
75}
76
78{
79 IObjectSafety *obj_safety;
81
82 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
83 if(SUCCEEDED(hres)) {
84 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch,
85 INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA);
86 IObjectSafety_Release(obj_safety);
87 *ret = SUCCEEDED(hres) ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
88 }else {
89 CATID init_catid = CATID_SafeForInitializing;
90
91 hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &init_catid, 0, NULL);
93 *ret = hres == S_OK ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
94 }
95
96 return S_OK;
97}
98
100{
101 DWORD policy, enabled_opts, supported_opts;
102 IObjectSafety *obj_safety;
104
105 TRACE("%s %p %s\n", debugstr_w(url), cs->pUnk, debugstr_guid(&cs->clsid));
106
107 /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
108
109 hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
110 (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
111 if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
112 *ret = URLPOLICY_DISALLOW;
113 return S_OK;
114 }
115
116 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
117 if(SUCCEEDED(hres)) {
118 hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
119 if(FAILED(hres))
120 supported_opts = 0;
121
122 enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
123 if(supported_opts & INTERFACE_USES_SECURITY_MANAGER)
124 enabled_opts |= INTERFACE_USES_SECURITY_MANAGER;
125
126 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
127 if(FAILED(hres)) {
128 enabled_opts &= ~INTERFACE_USES_SECURITY_MANAGER;
129 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch, enabled_opts, enabled_opts);
130 }
131 IObjectSafety_Release(obj_safety);
132
133 if(FAILED(hres)) {
134 *ret = URLPOLICY_DISALLOW;
135 return S_OK;
136 }
137 }else {
138 CATID scripting_catid = CATID_SafeForScripting;
139
140 if(!This->catmgr) {
141 hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER,
142 &IID_ICatInformation, (void**)&This->catmgr);
143 if(FAILED(hres))
144 return hres;
145 }
146
147 hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL);
148 if(FAILED(hres))
149 return hres;
150
151 if(hres != S_OK) {
152 *ret = URLPOLICY_DISALLOW;
153 return S_OK;
154 }
155 }
156
157 if(cs->dwFlags & CONFIRMSAFETYACTION_LOADOBJECT)
158 return confirm_safety_load(This, cs, ret);
159
160 *ret = URLPOLICY_ALLOW;
161 return S_OK;
162}
163
165 BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwReserved)
166{
168 const WCHAR *url;
170
171 TRACE("(%p)->(%s %p %p %p %d %x)\n", This, debugstr_guid(guidKey), ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
172
173 if(!This->basedoc.window)
174 return E_UNEXPECTED;
175
176 url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
177
178 hres = IInternetSecurityManager_QueryCustomPolicy(This->basedoc.window->secmgr, url, guidKey, ppPolicy, pcbPolicy,
179 pContext, cbContext, dwReserved);
181 return hres;
182
184 IActiveScript *active_script;
185 struct CONFIRMSAFETY *cs;
187
188 if(cbContext != sizeof(struct CONFIRMSAFETY)) {
189 FIXME("wrong context size\n");
190 return E_FAIL;
191 }
192
193 cs = (struct CONFIRMSAFETY*)pContext;
194 TRACE("cs = {%s %p %x}\n", debugstr_guid(&cs->clsid), cs->pUnk, cs->dwFlags);
195
196 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IActiveScript, (void**)&active_script);
197 if(SUCCEEDED(hres)) {
198 FIXME("Got IAciveScript iface\n");
199 IActiveScript_Release(active_script);
200 return E_FAIL;
201 }
202
204 if(FAILED(hres))
205 return hres;
206
207 *ppPolicy = CoTaskMemAlloc(sizeof(policy));
208 if(!*ppPolicy)
209 return E_OUTOFMEMORY;
210
211 *(DWORD*)*ppPolicy = policy;
212 *pcbPolicy = sizeof(policy);
213 TRACE("policy %x\n", policy);
214 return S_OK;
215 }
216
217 FIXME("Unknown guidKey %s\n", debugstr_guid(guidKey));
218 return hres;
219}
220
221static const IInternetHostSecurityManagerVtbl InternetHostSecurityManagerVtbl = {
228};
229
231{
232 This->IInternetHostSecurityManager_iface.lpVtbl = &InternetHostSecurityManagerVtbl;
233}
#define FIXME(fmt,...)
Definition: debug.h:111
#define E_OUTOFMEMORY
Definition: ddrawi.h:100
#define E_NOTIMPL
Definition: ddrawi.h:99
#define E_FAIL
Definition: ddrawi.h:102
#define NULL
Definition: types.h:112
#define DECLSPEC_HIDDEN
Definition: precomp.h:8
HRESULT WINAPI DECLSPEC_HOTPATCH CoCreateInstance(REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID iid, LPVOID *ppv)
Definition: compobj.c:3325
#define assert(x)
Definition: debug.h:53
unsigned long DWORD
Definition: ntddk_ex.h:95
WDF_INTERRUPT_POLICY policy
#define cs
Definition: i386-dis.c:442
LPVOID WINAPI CoTaskMemAlloc(SIZE_T size)
Definition: ifs.c:426
REFIID riid
Definition: atlbase.h:39
REFIID LPVOID * ppv
Definition: atlbase.h:39
#define S_OK
Definition: intsafe.h:52
#define SUCCEEDED(hr)
Definition: intsafe.h:50
#define FAILED(hr)
Definition: intsafe.h:51
#define debugstr_guid
Definition: kernel32.h:35
#define debugstr_w
Definition: kernel32.h:32
static const WCHAR url[]
Definition: encode.c:1432
HRESULT hres
Definition: protocol.c:465
_In_ HANDLE _In_ DWORD _In_ DWORD _Inout_opt_ LPOVERLAPPED _In_opt_ LPTRANSMIT_FILE_BUFFERS _In_ DWORD dwReserved
Definition: mswsock.h:95
const GUID IID_IDispatch
#define IsEqualGUID(rguid1, rguid2)
Definition: guiddef.h:147
#define REFIID
Definition: guiddef.h:118
static const WCHAR about_blankW[]
Definition: secmgr.c:23
static HRESULT WINAPI InternetHostSecurityManager_QueryInterface(IInternetHostSecurityManager *iface, REFIID riid, void **ppv)
Definition: secmgr.c:34
static ULONG WINAPI InternetHostSecurityManager_AddRef(IInternetHostSecurityManager *iface)
Definition: secmgr.c:40
static HRESULT WINAPI InternetHostSecurityManager_GetSecurityId(IInternetHostSecurityManager *iface, BYTE *pbSecurityId, DWORD *pcbSecurityId, DWORD_PTR dwReserved)
Definition: secmgr.c:52
static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHostSecurityManager *iface, REFGUID guidKey, BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwReserved)
Definition: secmgr.c:164
static ULONG WINAPI InternetHostSecurityManager_Release(IInternetHostSecurityManager *iface)
Definition: secmgr.c:46
static HTMLDocumentNode * impl_from_IInternetHostSecurityManager(IInternetHostSecurityManager *iface)
Definition: secmgr.c:29
static const IInternetHostSecurityManagerVtbl InternetHostSecurityManagerVtbl
Definition: secmgr.c:221
void HTMLDocumentNode_SecMgr_Init(HTMLDocumentNode *This)
Definition: secmgr.c:230
static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction, BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
Definition: secmgr.c:60
DECLSPEC_HIDDEN const GUID GUID_CUSTOM_CONFIRMOBJECTSAFETY
Definition: secmgr.c:26
static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret)
Definition: secmgr.c:99
static HRESULT confirm_safety_load(HTMLDocumentNode *This, struct CONFIRMSAFETY *cs, DWORD *ret)
Definition: secmgr.c:77
#define TRACE(s)
Definition: solgame.cpp:4
Definition: scsiwmi.h:51
uint32_t DWORD_PTR
Definition: typedefs.h:65
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
uint32_t ULONG
Definition: typedefs.h:59
int ret
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176
#define WINAPI
Definition: msvc.h:6
#define E_UNEXPECTED
Definition: winerror.h:2456
#define HRESULT_FROM_WIN32(x)
Definition: winerror.h:92
#define ERROR_NOT_FOUND
Definition: winerror.h:690
__wchar_t WCHAR
Definition: xmlstorage.h:180
unsigned char BYTE
Definition: xxhash.c:193