static HRESULT WINAPI SecManagerImpl_ProcessUrlAction(IInternetSecurityManager *iface, LPCWSTR pwszUrl, DWORD dwAction, BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved) { SecManagerImpl *This = impl_from_IInternetSecurityManager(iface); DWORD zone, policy; HRESULT hres; TRACE("(%p)->(%s %08x %p %08x %p %08x %08x %08x)\n", iface, debugstr_w(pwszUrl), dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved); if(This->custom_manager) { hres = IInternetSecurityManager_ProcessUrlAction(This->custom_manager, pwszUrl, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved); if(hres != INET_E_DEFAULT_ACTION) return hres; } if(dwFlags || dwReserved) FIXME("Unsupported arguments\n"); if(!pwszUrl) return E_INVALIDARG; hres = map_url_to_zone(pwszUrl, &zone, NULL); if(FAILED(hres)) return hres; hres = get_action_policy(zone, dwAction, (BYTE*)&policy, sizeof(policy), URLZONEREG_DEFAULT); if(FAILED(hres)) return hres; TRACE("policy %x\n", policy); if(cbPolicy >= sizeof(DWORD)) *(DWORD*)pPolicy = policy; switch(GetUrlPolicyPermissions(policy)) { case URLPOLICY_ALLOW: case URLPOLICY_CHANNEL_SOFTDIST_PRECACHE: return S_OK; case URLPOLICY_DISALLOW: return S_FALSE; case URLPOLICY_QUERY: FIXME("URLPOLICY_QUERY not implemented\n"); return E_FAIL; default: FIXME("Not implemented policy %x\n", policy); } return E_FAIL; }
static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction, BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved) { HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface); const WCHAR *url; TRACE("(%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved); url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW; return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved); }
/*********************************************************************** * CoInternetIsFeatureZoneElevationEnabled (URLMON.@) */ HRESULT WINAPI CoInternetIsFeatureZoneElevationEnabled(LPCWSTR szFromURL, LPCWSTR szToURL, IInternetSecurityManager *pSecMgr, DWORD dwFlags) { HRESULT hres; TRACE("(%s %s %p %x)\n", debugstr_w(szFromURL), debugstr_w(szToURL), pSecMgr, dwFlags); if(!pSecMgr || !szToURL) return CoInternetIsFeatureEnabled(FEATURE_ZONE_ELEVATION, dwFlags); switch(dwFlags) { case GET_FEATURE_FROM_THREAD: case GET_FEATURE_FROM_THREAD_LOCALMACHINE: case GET_FEATURE_FROM_THREAD_INTRANET: case GET_FEATURE_FROM_THREAD_TRUSTED: case GET_FEATURE_FROM_THREAD_INTERNET: case GET_FEATURE_FROM_THREAD_RESTRICTED: FIXME("unsupported flags %x\n", dwFlags); return E_NOTIMPL; case GET_FEATURE_FROM_PROCESS: hres = CoInternetIsFeatureEnabled(FEATURE_ZONE_ELEVATION, dwFlags); if(hres != S_OK) return hres; /* fall through */ default: { DWORD policy = URLPOLICY_DISALLOW; hres = IInternetSecurityManager_ProcessUrlAction(pSecMgr, szToURL, URLACTION_FEATURE_ZONE_ELEVATION, (BYTE*)&policy, sizeof(DWORD), NULL, 0, PUAF_NOUI, 0); if(FAILED(hres)) return S_OK; switch(policy) { case URLPOLICY_ALLOW: return S_FALSE; case URLPOLICY_QUERY: FIXME("Ask user dialog not implemented\n"); default: return S_OK; } } } }
/*********************************************************************** * CoInternetIsFeatureEnabledForUrl (URLMON.@) */ HRESULT WINAPI CoInternetIsFeatureEnabledForUrl(INTERNETFEATURELIST FeatureEntry, DWORD dwFlags, LPCWSTR szURL, IInternetSecurityManager *pSecMgr) { DWORD urlaction = 0; HRESULT hres; TRACE("(%d %08x %s %p)\n", FeatureEntry, dwFlags, debugstr_w(szURL), pSecMgr); if(FeatureEntry == FEATURE_MIME_SNIFFING) urlaction = URLACTION_FEATURE_MIME_SNIFFING; else if(FeatureEntry == FEATURE_WINDOW_RESTRICTIONS) urlaction = URLACTION_FEATURE_WINDOW_RESTRICTIONS; else if(FeatureEntry == FEATURE_ZONE_ELEVATION) urlaction = URLACTION_FEATURE_ZONE_ELEVATION; if(!szURL || !urlaction || !pSecMgr) return CoInternetIsFeatureEnabled(FeatureEntry, dwFlags); switch(dwFlags) { case GET_FEATURE_FROM_THREAD: case GET_FEATURE_FROM_THREAD_LOCALMACHINE: case GET_FEATURE_FROM_THREAD_INTRANET: case GET_FEATURE_FROM_THREAD_TRUSTED: case GET_FEATURE_FROM_THREAD_INTERNET: case GET_FEATURE_FROM_THREAD_RESTRICTED: FIXME("unsupported flags %x\n", dwFlags); return E_NOTIMPL; case GET_FEATURE_FROM_PROCESS: hres = CoInternetIsFeatureEnabled(FeatureEntry, dwFlags); if(hres != S_OK) return hres; /* fall through */ default: { DWORD policy = URLPOLICY_DISALLOW; hres = IInternetSecurityManager_ProcessUrlAction(pSecMgr, szURL, urlaction, (BYTE*)&policy, sizeof(DWORD), NULL, 0, PUAF_NOUI, 0); if(hres!=S_OK || policy!=URLPOLICY_ALLOW) return S_OK; return S_FALSE; } } }
static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret) { DWORD policy, enabled_opts, supported_opts; IObjectSafety *obj_safety; HRESULT hres; TRACE("%s %p %s\n", debugstr_w(url), cs->pUnk, debugstr_guid(&cs->clsid)); /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */ hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX, (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0); if(FAILED(hres) || policy != URLPOLICY_ALLOW) { *ret = URLPOLICY_DISALLOW; return S_OK; } hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety); if(SUCCEEDED(hres)) { hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts); if(FAILED(hres)) supported_opts = 0; enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER; if(supported_opts & INTERFACE_USES_SECURITY_MANAGER) enabled_opts |= INTERFACE_USES_SECURITY_MANAGER; hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts); if(FAILED(hres)) { enabled_opts &= ~INTERFACE_USES_SECURITY_MANAGER; hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch, enabled_opts, enabled_opts); } IObjectSafety_Release(obj_safety); if(FAILED(hres)) { *ret = URLPOLICY_DISALLOW; return S_OK; } }else { CATID scripting_catid = CATID_SafeForScripting; if(!This->catmgr) { hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER, &IID_ICatInformation, (void**)&This->catmgr); if(FAILED(hres)) return hres; } hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL); if(FAILED(hres)) return hres; if(hres != S_OK) { *ret = URLPOLICY_DISALLOW; return S_OK; } } if(cs->dwFlags & CONFIRMSAFETYACTION_LOADOBJECT) return confirm_safety_load(This, cs, ret); *ret = URLPOLICY_ALLOW; return S_OK; }