static HRESULT WINAPI SecManagerImpl_ProcessUrlAction(IInternetSecurityManager *iface,
LPCWSTR pwszUrl, DWORD dwAction,
BYTE *pPolicy, DWORD cbPolicy,
BYTE *pContext, DWORD cbContext,
DWORD dwFlags, DWORD dwReserved)
{
SecManagerImpl *This = impl_from_IInternetSecurityManager(iface);
DWORD zone, policy;
HRESULT hres;
TRACE("(%p)->(%s %08x %p %08x %p %08x %08x %08x)\n", iface, debugstr_w(pwszUrl), dwAction,
pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
if(This->custom_manager) {
hres = IInternetSecurityManager_ProcessUrlAction(This->custom_manager, pwszUrl, dwAction,
pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
if(hres != INET_E_DEFAULT_ACTION)
return hres;
}
if(dwFlags || dwReserved)
FIXME("Unsupported arguments\n");
if(!pwszUrl)
return E_INVALIDARG;
hres = map_url_to_zone(pwszUrl, &zone, NULL);
if(FAILED(hres))
return hres;
hres = get_action_policy(zone, dwAction, (BYTE*)&policy, sizeof(policy), URLZONEREG_DEFAULT);
if(FAILED(hres))
return hres;
TRACE("policy %x\n", policy);
if(cbPolicy >= sizeof(DWORD))
*(DWORD*)pPolicy = policy;
switch(GetUrlPolicyPermissions(policy)) {
case URLPOLICY_ALLOW:
case URLPOLICY_CHANNEL_SOFTDIST_PRECACHE:
return S_OK;
case URLPOLICY_DISALLOW:
return S_FALSE;
case URLPOLICY_QUERY:
FIXME("URLPOLICY_QUERY not implemented\n");
return E_FAIL;
default:
FIXME("Not implemented policy %x\n", policy);
}
return E_FAIL;
}
static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction,
BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
{
HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
const WCHAR *url;
TRACE("(%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy,
pContext, cbContext, dwFlags, dwReserved);
}
/***********************************************************************
* CoInternetIsFeatureZoneElevationEnabled (URLMON.@)
*/
HRESULT WINAPI CoInternetIsFeatureZoneElevationEnabled(LPCWSTR szFromURL, LPCWSTR szToURL,
IInternetSecurityManager *pSecMgr, DWORD dwFlags)
{
HRESULT hres;
TRACE("(%s %s %p %x)\n", debugstr_w(szFromURL), debugstr_w(szToURL), pSecMgr, dwFlags);
if(!pSecMgr || !szToURL)
return CoInternetIsFeatureEnabled(FEATURE_ZONE_ELEVATION, dwFlags);
switch(dwFlags) {
case GET_FEATURE_FROM_THREAD:
case GET_FEATURE_FROM_THREAD_LOCALMACHINE:
case GET_FEATURE_FROM_THREAD_INTRANET:
case GET_FEATURE_FROM_THREAD_TRUSTED:
case GET_FEATURE_FROM_THREAD_INTERNET:
case GET_FEATURE_FROM_THREAD_RESTRICTED:
FIXME("unsupported flags %x\n", dwFlags);
return E_NOTIMPL;
case GET_FEATURE_FROM_PROCESS:
hres = CoInternetIsFeatureEnabled(FEATURE_ZONE_ELEVATION, dwFlags);
if(hres != S_OK)
return hres;
/* fall through */
default: {
DWORD policy = URLPOLICY_DISALLOW;
hres = IInternetSecurityManager_ProcessUrlAction(pSecMgr, szToURL,
URLACTION_FEATURE_ZONE_ELEVATION, (BYTE*)&policy, sizeof(DWORD),
NULL, 0, PUAF_NOUI, 0);
if(FAILED(hres))
return S_OK;
switch(policy) {
case URLPOLICY_ALLOW:
return S_FALSE;
case URLPOLICY_QUERY:
FIXME("Ask user dialog not implemented\n");
default:
return S_OK;
}
}
}
}
/***********************************************************************
* CoInternetIsFeatureEnabledForUrl (URLMON.@)
*/
HRESULT WINAPI CoInternetIsFeatureEnabledForUrl(INTERNETFEATURELIST FeatureEntry, DWORD dwFlags, LPCWSTR szURL,
IInternetSecurityManager *pSecMgr)
{
DWORD urlaction = 0;
HRESULT hres;
TRACE("(%d %08x %s %p)\n", FeatureEntry, dwFlags, debugstr_w(szURL), pSecMgr);
if(FeatureEntry == FEATURE_MIME_SNIFFING)
urlaction = URLACTION_FEATURE_MIME_SNIFFING;
else if(FeatureEntry == FEATURE_WINDOW_RESTRICTIONS)
urlaction = URLACTION_FEATURE_WINDOW_RESTRICTIONS;
else if(FeatureEntry == FEATURE_ZONE_ELEVATION)
urlaction = URLACTION_FEATURE_ZONE_ELEVATION;
if(!szURL || !urlaction || !pSecMgr)
return CoInternetIsFeatureEnabled(FeatureEntry, dwFlags);
switch(dwFlags) {
case GET_FEATURE_FROM_THREAD:
case GET_FEATURE_FROM_THREAD_LOCALMACHINE:
case GET_FEATURE_FROM_THREAD_INTRANET:
case GET_FEATURE_FROM_THREAD_TRUSTED:
case GET_FEATURE_FROM_THREAD_INTERNET:
case GET_FEATURE_FROM_THREAD_RESTRICTED:
FIXME("unsupported flags %x\n", dwFlags);
return E_NOTIMPL;
case GET_FEATURE_FROM_PROCESS:
hres = CoInternetIsFeatureEnabled(FeatureEntry, dwFlags);
if(hres != S_OK)
return hres;
/* fall through */
default: {
DWORD policy = URLPOLICY_DISALLOW;
hres = IInternetSecurityManager_ProcessUrlAction(pSecMgr, szURL, urlaction,
(BYTE*)&policy, sizeof(DWORD), NULL, 0, PUAF_NOUI, 0);
if(hres!=S_OK || policy!=URLPOLICY_ALLOW)
return S_OK;
return S_FALSE;
}
}
}
static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret)
{
DWORD policy, enabled_opts, supported_opts;
IObjectSafety *obj_safety;
HRESULT hres;
TRACE("%s %p %s\n", debugstr_w(url), cs->pUnk, debugstr_guid(&cs->clsid));
/* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
(BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
*ret = URLPOLICY_DISALLOW;
return S_OK;
}
hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
if(SUCCEEDED(hres)) {
hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
if(FAILED(hres))
supported_opts = 0;
enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
if(supported_opts & INTERFACE_USES_SECURITY_MANAGER)
enabled_opts |= INTERFACE_USES_SECURITY_MANAGER;
hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
if(FAILED(hres)) {
enabled_opts &= ~INTERFACE_USES_SECURITY_MANAGER;
hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch, enabled_opts, enabled_opts);
}
IObjectSafety_Release(obj_safety);
if(FAILED(hres)) {
*ret = URLPOLICY_DISALLOW;
return S_OK;
}
}else {
CATID scripting_catid = CATID_SafeForScripting;
if(!This->catmgr) {
hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER,
&IID_ICatInformation, (void**)&This->catmgr);
if(FAILED(hres))
return hres;
}
hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL);
if(FAILED(hres))
return hres;
if(hres != S_OK) {
*ret = URLPOLICY_DISALLOW;
return S_OK;
}
}
if(cs->dwFlags & CONFIRMSAFETYACTION_LOADOBJECT)
return confirm_safety_load(This, cs, ret);
*ret = URLPOLICY_ALLOW;
return S_OK;
}
