static BOOL check_script_safety(PluginHost *host)
{
DISPPARAMS params = {NULL,NULL,0,0};
DWORD policy_size, policy;
struct CONFIRMSAFETY cs;
BYTE *ppolicy;
ULONG err = 0;
VARIANT v;
HRESULT hres;
cs.clsid = host->clsid;
cs.pUnk = host->plugin_unk;
cs.dwFlags = 0;
hres = IInternetHostSecurityManager_QueryCustomPolicy(&host->doc->IInternetHostSecurityManager_iface,
&GUID_CUSTOM_CONFIRMOBJECTSAFETY, &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
if(FAILED(hres))
return FALSE;
policy = *(DWORD*)ppolicy;
CoTaskMemFree(ppolicy);
if(policy != URLPOLICY_ALLOW)
return FALSE;
V_VT(&v) = VT_EMPTY;
hres = IDispatch_Invoke(host->disp, DISPID_SECURITYCTX, &IID_NULL, 0, DISPATCH_PROPERTYGET, ¶ms, &v, NULL, &err);
if(SUCCEEDED(hres)) {
FIXME("Handle security ctx %s\n", debugstr_variant(&v));
return FALSE;
}
return TRUE;
}
static BOOL check_load_safety(PluginHost *host)
{
DWORD policy_size, policy;
struct CONFIRMSAFETY cs;
BYTE *ppolicy;
HRESULT hres;
cs.clsid = host->clsid;
cs.pUnk = host->plugin_unk;
cs.dwFlags = CONFIRMSAFETYACTION_LOADOBJECT;
hres = IInternetHostSecurityManager_QueryCustomPolicy(&host->doc->IInternetHostSecurityManager_iface,
&GUID_CUSTOM_CONFIRMOBJECTSAFETY, &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
if(FAILED(hres))
return FALSE;
policy = *(DWORD*)ppolicy;
CoTaskMemFree(ppolicy);
return policy == URLPOLICY_ALLOW;
}
static IUnknown *create_activex_object(script_ctx_t *ctx, const WCHAR *progid)
{
IInternetHostSecurityManager *secmgr = NULL;
IObjectWithSite *obj_site;
struct CONFIRMSAFETY cs;
IClassFactoryEx *cfex;
IClassFactory *cf;
DWORD policy_size;
BYTE *bpolicy;
IUnknown *obj;
DWORD policy;
GUID guid;
HRESULT hres;
TRACE("%s\n", debugstr_w(progid));
hres = CLSIDFromProgID(progid, &guid);
if(FAILED(hres))
return NULL;
TRACE("GUID %s\n", debugstr_guid(&guid));
if(ctx->safeopt & INTERFACE_USES_SECURITY_MANAGER) {
secmgr = get_sec_mgr(ctx);
if(!secmgr)
return NULL;
policy = 0;
hres = IInternetHostSecurityManager_ProcessUrlAction(secmgr, URLACTION_ACTIVEX_RUN,
(BYTE*)&policy, sizeof(policy), (BYTE*)&guid, sizeof(GUID), 0, 0);
if(FAILED(hres) || policy != URLPOLICY_ALLOW)
return NULL;
}
hres = CoGetClassObject(&guid, CLSCTX_INPROC_SERVER|CLSCTX_LOCAL_SERVER, NULL, &IID_IClassFactory, (void**)&cf);
if(FAILED(hres))
return NULL;
hres = IClassFactory_QueryInterface(cf, &IID_IClassFactoryEx, (void**)&cfex);
if(SUCCEEDED(hres)) {
FIXME("Use IClassFactoryEx\n");
IClassFactoryEx_Release(cfex);
}
hres = IClassFactory_CreateInstance(cf, NULL, &IID_IUnknown, (void**)&obj);
if(FAILED(hres))
return NULL;
if(secmgr) {
cs.clsid = guid;
cs.pUnk = obj;
cs.dwFlags = 0;
hres = IInternetHostSecurityManager_QueryCustomPolicy(secmgr, &GUID_CUSTOM_CONFIRMOBJECTSAFETY,
&bpolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
if(SUCCEEDED(hres)) {
policy = policy_size >= sizeof(DWORD) ? *(DWORD*)bpolicy : URLPOLICY_DISALLOW;
CoTaskMemFree(bpolicy);
}
if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
IUnknown_Release(obj);
return NULL;
}
}
hres = IUnknown_QueryInterface(obj, &IID_IObjectWithSite, (void**)&obj_site);
if(SUCCEEDED(hres)) {
IUnknown *ax_site;
ax_site = create_ax_site(ctx);
if(ax_site) {
hres = IObjectWithSite_SetSite(obj_site, ax_site);
IUnknown_Release(ax_site);
}
IObjectWithSite_Release(obj_site);
if(!ax_site || FAILED(hres)) {
IUnknown_Release(obj);
return NULL;
}
}
return obj;
}
