mshtml: Added IHTMLStyle::get_pixelLeft implementation.
[wine] / dlls / mshtml / secmgr.c
1 /*
2  * Copyright 2009 Jacek Caban for CodeWeavers
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17  */
18
19 #include "config.h"
20
21 #include <stdarg.h>
22 #include <stdio.h>
23 #include <assert.h>
24
25 #define COBJMACROS
26
27 #include "windef.h"
28 #include "winbase.h"
29 #include "winuser.h"
30 #include "ole2.h"
31 #include "activscp.h"
32
33 #include "wine/debug.h"
34
35 #include "mshtml_private.h"
36
37 WINE_DEFAULT_DEBUG_CHANNEL(mshtml);
38
39 static const WCHAR about_blankW[] = {'a','b','o','u','t',':','b','l','a','n','k',0};
40
41 /* Defined as extern in urlmon.idl, but not exported by uuid.lib */
42 DECLSPEC_HIDDEN const GUID GUID_CUSTOM_CONFIRMOBJECTSAFETY =
43     {0x10200490,0xfa38,0x11d0,{0xac,0x0e,0x00,0xa0,0xc9,0xf,0xff,0xc0}};
44
45 static inline HTMLDocumentNode *impl_from_IInternetHostSecurityManager(IInternetHostSecurityManager *iface)
46 {
47     return CONTAINING_RECORD(iface, HTMLDocumentNode, IInternetHostSecurityManager_iface);
48 }
49
50 static HRESULT WINAPI InternetHostSecurityManager_QueryInterface(IInternetHostSecurityManager *iface, REFIID riid, void **ppv)
51 {
52     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
53     return IHTMLDOMNode_QueryInterface(&This->node.IHTMLDOMNode_iface, riid, ppv);
54 }
55
56 static ULONG WINAPI InternetHostSecurityManager_AddRef(IInternetHostSecurityManager *iface)
57 {
58     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
59     return IHTMLDOMNode_AddRef(&This->node.IHTMLDOMNode_iface);
60 }
61
62 static ULONG WINAPI InternetHostSecurityManager_Release(IInternetHostSecurityManager *iface)
63 {
64     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
65     return IHTMLDOMNode_Release(&This->node.IHTMLDOMNode_iface);
66 }
67
68 static HRESULT WINAPI InternetHostSecurityManager_GetSecurityId(IInternetHostSecurityManager *iface,  BYTE *pbSecurityId,
69         DWORD *pcbSecurityId, DWORD_PTR dwReserved)
70 {
71     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
72     FIXME("(%p)->(%p %p %lx)\n", This, pbSecurityId, pcbSecurityId, dwReserved);
73     return E_NOTIMPL;
74 }
75
76 static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction,
77         BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
78 {
79     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
80     const WCHAR *url;
81
82     TRACE("(%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
83
84     if(!This->basedoc.window)
85         return E_UNEXPECTED;
86
87     url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
88
89     return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy,
90             pContext, cbContext, dwFlags, dwReserved);
91 }
92
93 static HRESULT confirm_safety_load(HTMLDocumentNode *This, struct CONFIRMSAFETY *cs, DWORD *ret)
94 {
95     IObjectSafety *obj_safety;
96     HRESULT hres;
97
98     hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
99     if(SUCCEEDED(hres)) {
100         hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch,
101                 INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA);
102         IObjectSafety_Release(obj_safety);
103         *ret = SUCCEEDED(hres) ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
104     }else {
105         CATID init_catid = CATID_SafeForInitializing;
106
107         hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &init_catid, 0, NULL);
108         assert(SUCCEEDED(hres));
109         *ret = hres == S_OK ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
110     }
111
112     return S_OK;
113 }
114
115 static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret)
116 {
117     DWORD policy, enabled_opts, supported_opts;
118     IObjectSafety *obj_safety;
119     HRESULT hres;
120
121     TRACE("%s %p %s\n", debugstr_w(url), cs->pUnk, debugstr_guid(&cs->clsid));
122
123     /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
124
125     hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
126             (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
127     if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
128         *ret = URLPOLICY_DISALLOW;
129         return S_OK;
130     }
131
132     hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
133     if(SUCCEEDED(hres)) {
134         hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
135         if(FAILED(hres))
136             supported_opts = 0;
137
138         enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
139         if(supported_opts & INTERFACE_USES_SECURITY_MANAGER)
140             enabled_opts |= INTERFACE_USES_SECURITY_MANAGER;
141
142         hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
143         if(FAILED(hres)) {
144             enabled_opts &= ~INTERFACE_USES_SECURITY_MANAGER;
145             hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch, enabled_opts, enabled_opts);
146         }
147         IObjectSafety_Release(obj_safety);
148
149         if(FAILED(hres)) {
150             *ret = URLPOLICY_DISALLOW;
151             return S_OK;
152         }
153     }else {
154         CATID scripting_catid = CATID_SafeForScripting;
155
156         if(!This->catmgr) {
157             hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER,
158                     &IID_ICatInformation, (void**)&This->catmgr);
159             if(FAILED(hres))
160                 return hres;
161         }
162
163         hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL);
164         if(FAILED(hres))
165             return hres;
166
167         if(hres != S_OK) {
168             *ret = URLPOLICY_DISALLOW;
169             return S_OK;
170         }
171     }
172
173     if(cs->dwFlags & CONFIRMSAFETYACTION_LOADOBJECT)
174         return confirm_safety_load(This, cs, ret);
175
176     *ret = URLPOLICY_ALLOW;
177     return S_OK;
178 }
179
180 static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHostSecurityManager *iface, REFGUID guidKey,
181         BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwReserved)
182 {
183     HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
184     const WCHAR *url;
185     HRESULT hres;
186
187     TRACE("(%p)->(%s %p %p %p %d %x)\n", This, debugstr_guid(guidKey), ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
188
189     if(!This->basedoc.window)
190         return E_UNEXPECTED;
191
192     url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
193
194     hres = IInternetSecurityManager_QueryCustomPolicy(This->basedoc.window->secmgr, url, guidKey, ppPolicy, pcbPolicy,
195             pContext, cbContext, dwReserved);
196     if(hres != HRESULT_FROM_WIN32(ERROR_NOT_FOUND))
197         return hres;
198
199     if(IsEqualGUID(&GUID_CUSTOM_CONFIRMOBJECTSAFETY, guidKey)) {
200         IActiveScript *active_script;
201         struct CONFIRMSAFETY *cs;
202         DWORD policy;
203
204         if(cbContext != sizeof(struct CONFIRMSAFETY)) {
205             FIXME("wrong context size\n");
206             return E_FAIL;
207         }
208
209         cs = (struct CONFIRMSAFETY*)pContext;
210         TRACE("cs = {%s %p %x}\n", debugstr_guid(&cs->clsid), cs->pUnk, cs->dwFlags);
211
212         hres = IUnknown_QueryInterface(cs->pUnk, &IID_IActiveScript, (void**)&active_script);
213         if(SUCCEEDED(hres)) {
214             FIXME("Got IAciveScript iface\n");
215             IActiveScript_Release(active_script);
216             return E_FAIL;
217         }
218
219         hres = confirm_safety(This, url, cs, &policy);
220         if(FAILED(hres))
221             return hres;
222
223         *ppPolicy = CoTaskMemAlloc(sizeof(policy));
224         if(!*ppPolicy)
225             return E_OUTOFMEMORY;
226
227         *(DWORD*)*ppPolicy = policy;
228         *pcbPolicy = sizeof(policy);
229         TRACE("policy %x\n", policy);
230         return S_OK;
231     }
232
233     FIXME("Unknown guidKey %s\n", debugstr_guid(guidKey));
234     return hres;
235 }
236
237 static const IInternetHostSecurityManagerVtbl InternetHostSecurityManagerVtbl = {
238     InternetHostSecurityManager_QueryInterface,
239     InternetHostSecurityManager_AddRef,
240     InternetHostSecurityManager_Release,
241     InternetHostSecurityManager_GetSecurityId,
242     InternetHostSecurityManager_ProcessUrlAction,
243     InternetHostSecurityManager_QueryCustomPolicy
244 };
245
246 void HTMLDocumentNode_SecMgr_Init(HTMLDocumentNode *This)
247 {
248     This->IInternetHostSecurityManager_iface.lpVtbl = &InternetHostSecurityManagerVtbl;
249 }