static BOOL check_script_safety(PluginHost *host) { DISPPARAMS params = {NULL,NULL,0,0}; DWORD policy_size, policy; struct CONFIRMSAFETY cs; BYTE *ppolicy; ULONG err = 0; VARIANT v; HRESULT hres; cs.clsid = host->clsid; cs.pUnk = host->plugin_unk; cs.dwFlags = 0; hres = IInternetHostSecurityManager_QueryCustomPolicy(&host->doc->IInternetHostSecurityManager_iface, &GUID_CUSTOM_CONFIRMOBJECTSAFETY, &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0); if(FAILED(hres)) return FALSE; policy = *(DWORD*)ppolicy; CoTaskMemFree(ppolicy); if(policy != URLPOLICY_ALLOW) return FALSE; V_VT(&v) = VT_EMPTY; hres = IDispatch_Invoke(host->disp, DISPID_SECURITYCTX, &IID_NULL, 0, DISPATCH_PROPERTYGET, ¶ms, &v, NULL, &err); if(SUCCEEDED(hres)) { FIXME("Handle security ctx %s\n", debugstr_variant(&v)); return FALSE; } return TRUE; }
static BOOL check_load_safety(PluginHost *host) { DWORD policy_size, policy; struct CONFIRMSAFETY cs; BYTE *ppolicy; HRESULT hres; cs.clsid = host->clsid; cs.pUnk = host->plugin_unk; cs.dwFlags = CONFIRMSAFETYACTION_LOADOBJECT; hres = IInternetHostSecurityManager_QueryCustomPolicy(&host->doc->IInternetHostSecurityManager_iface, &GUID_CUSTOM_CONFIRMOBJECTSAFETY, &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0); if(FAILED(hres)) return FALSE; policy = *(DWORD*)ppolicy; CoTaskMemFree(ppolicy); return policy == URLPOLICY_ALLOW; }
static IUnknown *create_activex_object(script_ctx_t *ctx, const WCHAR *progid) { IInternetHostSecurityManager *secmgr = NULL; IObjectWithSite *obj_site; struct CONFIRMSAFETY cs; IClassFactoryEx *cfex; IClassFactory *cf; DWORD policy_size; BYTE *bpolicy; IUnknown *obj; DWORD policy; GUID guid; HRESULT hres; TRACE("%s\n", debugstr_w(progid)); hres = CLSIDFromProgID(progid, &guid); if(FAILED(hres)) return NULL; TRACE("GUID %s\n", debugstr_guid(&guid)); if(ctx->safeopt & INTERFACE_USES_SECURITY_MANAGER) { secmgr = get_sec_mgr(ctx); if(!secmgr) return NULL; policy = 0; hres = IInternetHostSecurityManager_ProcessUrlAction(secmgr, URLACTION_ACTIVEX_RUN, (BYTE*)&policy, sizeof(policy), (BYTE*)&guid, sizeof(GUID), 0, 0); if(FAILED(hres) || policy != URLPOLICY_ALLOW) return NULL; } hres = CoGetClassObject(&guid, CLSCTX_INPROC_SERVER|CLSCTX_LOCAL_SERVER, NULL, &IID_IClassFactory, (void**)&cf); if(FAILED(hres)) return NULL; hres = IClassFactory_QueryInterface(cf, &IID_IClassFactoryEx, (void**)&cfex); if(SUCCEEDED(hres)) { FIXME("Use IClassFactoryEx\n"); IClassFactoryEx_Release(cfex); } hres = IClassFactory_CreateInstance(cf, NULL, &IID_IUnknown, (void**)&obj); if(FAILED(hres)) return NULL; if(secmgr) { cs.clsid = guid; cs.pUnk = obj; cs.dwFlags = 0; hres = IInternetHostSecurityManager_QueryCustomPolicy(secmgr, &GUID_CUSTOM_CONFIRMOBJECTSAFETY, &bpolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0); if(SUCCEEDED(hres)) { policy = policy_size >= sizeof(DWORD) ? *(DWORD*)bpolicy : URLPOLICY_DISALLOW; CoTaskMemFree(bpolicy); } if(FAILED(hres) || policy != URLPOLICY_ALLOW) { IUnknown_Release(obj); return NULL; } } hres = IUnknown_QueryInterface(obj, &IID_IObjectWithSite, (void**)&obj_site); if(SUCCEEDED(hres)) { IUnknown *ax_site; ax_site = create_ax_site(ctx); if(ax_site) { hres = IObjectWithSite_SetSite(obj_site, ax_site); IUnknown_Release(ax_site); } IObjectWithSite_Release(obj_site); if(!ax_site || FAILED(hres)) { IUnknown_Release(obj); return NULL; } } return obj; }