2 * Copyright 2009 Jacek Caban for CodeWeavers
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
33 #include "wine/debug.h"
35 #include "mshtml_private.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(mshtml);
39 static const WCHAR about_blankW[] = {'a','b','o','u','t',':','b','l','a','n','k',0};
41 /* Defined as extern in urlmon.idl, but not exported by uuid.lib */
42 const GUID GUID_CUSTOM_CONFIRMOBJECTSAFETY =
43 {0x10200490,0xfa38,0x11d0,{0xac,0x0e,0x00,0xa0,0xc9,0xf,0xff,0xc0}};
45 #define HOSTSECMGR_THIS(iface) DEFINE_THIS(HTMLDocumentNode, IInternetHostSecurityManager, iface)
47 static HRESULT WINAPI InternetHostSecurityManager_QueryInterface(IInternetHostSecurityManager *iface, REFIID riid, void **ppv)
49 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
50 return IHTMLDOMNode_QueryInterface(HTMLDOMNODE(&This->node), riid, ppv);
53 static ULONG WINAPI InternetHostSecurityManager_AddRef(IInternetHostSecurityManager *iface)
55 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
56 return IHTMLDOMNode_AddRef(HTMLDOMNODE(&This->node));
59 static ULONG WINAPI InternetHostSecurityManager_Release(IInternetHostSecurityManager *iface)
61 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
62 return IHTMLDOMNode_Release(HTMLDOMNODE(&This->node));
65 static HRESULT WINAPI InternetHostSecurityManager_GetSecurityId(IInternetHostSecurityManager *iface, BYTE *pbSecurityId,
66 DWORD *pcbSecurityId, DWORD_PTR dwReserved)
68 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
69 FIXME("(%p)->(%p %p %lx)\n", This, pbSecurityId, pcbSecurityId, dwReserved);
73 static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction,
74 BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
76 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
79 TRACE("%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
81 url = This->basedoc.doc_obj->url ? This->basedoc.doc_obj->url : about_blankW;
83 return IInternetSecurityManager_ProcessUrlAction(This->secmgr, url, dwAction, pPolicy, cbPolicy,
84 pContext, cbContext, dwFlags, dwReserved);
87 static DWORD confirm_safety(HTMLDocumentNode *This, const WCHAR *url, IUnknown *obj)
89 DWORD policy, enabled_opts, supported_opts;
90 IObjectSafety *obj_safety;
93 /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
95 hres = IInternetSecurityManager_ProcessUrlAction(This->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
96 (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
97 if(FAILED(hres) || policy != URLPOLICY_ALLOW)
98 return URLPOLICY_DISALLOW;
100 hres = IUnknown_QueryInterface(obj, &IID_IObjectSafety, (void**)&obj_safety);
102 return URLPOLICY_DISALLOW;
104 hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
105 if(SUCCEEDED(hres)) {
106 enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
107 if(supported_opts & INTERFACE_USES_SECURITY_MANAGER)
108 enabled_opts |= INTERFACE_USES_SECURITY_MANAGER;
109 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
111 IObjectSafety_Release(obj_safety);
113 return URLPOLICY_DISALLOW;
115 return URLPOLICY_ALLOW;
118 static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHostSecurityManager *iface, REFGUID guidKey,
119 BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwReserved)
121 HTMLDocumentNode *This = HOSTSECMGR_THIS(iface);
125 TRACE("(%p)->(%s %p %p %p %d %x)\n", This, debugstr_guid(guidKey), ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
127 url = This->basedoc.doc_obj->url ? This->basedoc.doc_obj->url : about_blankW;
129 hres = IInternetSecurityManager_QueryCustomPolicy(This->secmgr, url, guidKey, ppPolicy, pcbPolicy,
130 pContext, cbContext, dwReserved);
131 if(hres != HRESULT_FROM_WIN32(ERROR_NOT_FOUND))
134 if(IsEqualGUID(&GUID_CUSTOM_CONFIRMOBJECTSAFETY, guidKey)) {
135 IActiveScript *active_script;
136 struct CONFIRMSAFETY *cs;
139 if(cbContext != sizeof(struct CONFIRMSAFETY)) {
140 FIXME("wrong context size\n");
144 cs = (struct CONFIRMSAFETY*)pContext;
145 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IActiveScript, (void**)&active_script);
146 if(SUCCEEDED(hres)) {
147 FIXME("Got IAciveScript iface\n");
148 IActiveScript_Release(active_script);
152 policy = confirm_safety(This, url, cs->pUnk);
154 *ppPolicy = CoTaskMemAlloc(sizeof(policy));
156 return E_OUTOFMEMORY;
158 *(DWORD*)*ppPolicy = policy;
159 *pcbPolicy = sizeof(policy);
163 FIXME("Unknown guidKey %s\n", debugstr_guid(guidKey));
167 #undef HOSTSECMGR_THIS
169 static const IInternetHostSecurityManagerVtbl InternetHostSecurityManagerVtbl = {
170 InternetHostSecurityManager_QueryInterface,
171 InternetHostSecurityManager_AddRef,
172 InternetHostSecurityManager_Release,
173 InternetHostSecurityManager_GetSecurityId,
174 InternetHostSecurityManager_ProcessUrlAction,
175 InternetHostSecurityManager_QueryCustomPolicy
178 void HTMLDocumentNode_SecMgr_Init(HTMLDocumentNode *This)
180 This->lpIInternetHostSecurityManagerVtbl = &InternetHostSecurityManagerVtbl;