如何用vc(atl)编写安全的控件
2012-04-17 16:58
225 查看
setp1: 添加atl接口类的继承类
YourInterface.h
class ATL_NO_VTABLE CYourInterface:
public IObjectSafetyImpl<CYourInterface, INTERFACESAFE_FOR_UNTRUSTED_CALLER
|INTERFACESAFE_FOR_UNTRUSTED_DATA >
setp2: 添加map
BEGIN_COM_MAP(CYourInterface)
COM_INTERFACE_ENTRY(IObjectSafety)
END_COM_MAP()
setp3:再类定义中增加如下两个成员函数即可通过安全注册软件
STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid,
DWORD *pdwSupportedOptions,
DWORD *pdwEnabledOptions)
{
ATLTRACE(_T("CObjectSafetyImpl::GetInterfaceSafetyOptions/n"));
if (!pdwSupportedOptions || !pdwEnabledOptions)
return E_FAIL;
LPUNKNOWN pUnk;
if (_InternalQueryInterface (riid, (void**)&pUnk) == E_NOINTERFACE) {
// Our object doesn't even support this interface.
return E_NOINTERFACE;
}else{
// Cleanup after ourselves.
pUnk->Release();
pUnk = NULL;
}
if (riid == IID_IDispatch) {
// IDispatch is an interface used for scripting. If your
// control supports other IDispatch or Dual interfaces, you
// may decide to add them here as well. Client wants to know
// if object is safe for scripting. Only indicate safe for
// scripting when the interface is safe.
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
*pdwEnabledOptions = m_dwCurrentSafety &
INTERFACESAFE_FOR_UNTRUSTED_CALLER;
return S_OK;
}else if ((riid == IID_IPersistStreamInit) ||
(riid == IID_IPersistStorage)) {
// IID_IPersistStreamInit and IID_IPersistStorage are
// interfaces used for Initialization. If your control
// supports other Persistence interfaces, you may decide to
// add them here as well. Client wants to know if object is
// safe for initializing. Only indicate safe for initializing
// when the interface is safe.
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = m_dwCurrentSafety &
INTERFACESAFE_FOR_UNTRUSTED_DATA;
return S_OK;
}else{
// We are saying that no other interfaces in this control are
// safe for initializing or scripting.
*pdwSupportedOptions = 0;
*pdwEnabledOptions = 0;
return E_FAIL;
}
}
STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid,
DWORD dwOptionSetMask,
DWORD dwEnabledOptions)
{
ATLTRACE(_T("CObjectSafetyImpl::SetInterfaceSafetyOptions/n"));
if (!dwOptionSetMask && !dwEnabledOptions) return E_FAIL;
LPUNKNOWN pUnk;
if (_InternalQueryInterface (riid, (void**)&pUnk) == E_NOINTERFACE) {
// Our object doesn't even support this interface.
return E_NOINTERFACE;
}else{
// Cleanup after ourselves.
pUnk->Release();
pUnk = NULL;
}
// Store our current safety level to return in
// GetInterfaceSafetyOptions
m_dwCurrentSafety |= dwEnabledOptions & dwOptionSetMask;
if ((riid == IID_IDispatch) &&
(m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_CALLER)) {
// Client wants us to disable any functionality that would
// make the control unsafe for scripting. The same applies to
// any other IDispatch or Dual interfaces your control may
// support. Because our control is safe for scripting by
// default we just return S_OK.
return S_OK;
}else if (((riid == IID_IPersistStreamInit) ||
(riid == IID_IPersistStorage)) &&
(m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_DATA)) {
// Client wants us to make the control safe for initializing
// from persistent data. For these interfaces, this control
// is safe so we return S_OK. For Any interfaces that are not
// safe, we would return E_FAIL.
return S_OK;
}else{
// This control doesn't allow Initialization or Scripting
// from any other interfaces so return E_FAIL.
return E_FAIL;
}
}
YourInterface.h
class ATL_NO_VTABLE CYourInterface:
public IObjectSafetyImpl<CYourInterface, INTERFACESAFE_FOR_UNTRUSTED_CALLER
|INTERFACESAFE_FOR_UNTRUSTED_DATA >
setp2: 添加map
BEGIN_COM_MAP(CYourInterface)
COM_INTERFACE_ENTRY(IObjectSafety)
END_COM_MAP()
setp3:再类定义中增加如下两个成员函数即可通过安全注册软件
STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid,
DWORD *pdwSupportedOptions,
DWORD *pdwEnabledOptions)
{
ATLTRACE(_T("CObjectSafetyImpl::GetInterfaceSafetyOptions/n"));
if (!pdwSupportedOptions || !pdwEnabledOptions)
return E_FAIL;
LPUNKNOWN pUnk;
if (_InternalQueryInterface (riid, (void**)&pUnk) == E_NOINTERFACE) {
// Our object doesn't even support this interface.
return E_NOINTERFACE;
}else{
// Cleanup after ourselves.
pUnk->Release();
pUnk = NULL;
}
if (riid == IID_IDispatch) {
// IDispatch is an interface used for scripting. If your
// control supports other IDispatch or Dual interfaces, you
// may decide to add them here as well. Client wants to know
// if object is safe for scripting. Only indicate safe for
// scripting when the interface is safe.
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
*pdwEnabledOptions = m_dwCurrentSafety &
INTERFACESAFE_FOR_UNTRUSTED_CALLER;
return S_OK;
}else if ((riid == IID_IPersistStreamInit) ||
(riid == IID_IPersistStorage)) {
// IID_IPersistStreamInit and IID_IPersistStorage are
// interfaces used for Initialization. If your control
// supports other Persistence interfaces, you may decide to
// add them here as well. Client wants to know if object is
// safe for initializing. Only indicate safe for initializing
// when the interface is safe.
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = m_dwCurrentSafety &
INTERFACESAFE_FOR_UNTRUSTED_DATA;
return S_OK;
}else{
// We are saying that no other interfaces in this control are
// safe for initializing or scripting.
*pdwSupportedOptions = 0;
*pdwEnabledOptions = 0;
return E_FAIL;
}
}
STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid,
DWORD dwOptionSetMask,
DWORD dwEnabledOptions)
{
ATLTRACE(_T("CObjectSafetyImpl::SetInterfaceSafetyOptions/n"));
if (!dwOptionSetMask && !dwEnabledOptions) return E_FAIL;
LPUNKNOWN pUnk;
if (_InternalQueryInterface (riid, (void**)&pUnk) == E_NOINTERFACE) {
// Our object doesn't even support this interface.
return E_NOINTERFACE;
}else{
// Cleanup after ourselves.
pUnk->Release();
pUnk = NULL;
}
// Store our current safety level to return in
// GetInterfaceSafetyOptions
m_dwCurrentSafety |= dwEnabledOptions & dwOptionSetMask;
if ((riid == IID_IDispatch) &&
(m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_CALLER)) {
// Client wants us to disable any functionality that would
// make the control unsafe for scripting. The same applies to
// any other IDispatch or Dual interfaces your control may
// support. Because our control is safe for scripting by
// default we just return S_OK.
return S_OK;
}else if (((riid == IID_IPersistStreamInit) ||
(riid == IID_IPersistStorage)) &&
(m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_DATA)) {
// Client wants us to make the control safe for initializing
// from persistent data. For these interfaces, this control
// is safe so we return S_OK. For Any interfaces that are not
// safe, we would return E_FAIL.
return S_OK;
}else{
// This control doesn't allow Initialization or Scripting
// from any other interfaces so return E_FAIL.
return E_FAIL;
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- VC中使用ATL编写控件
- 如何将标记为可安全编写脚本和初始化的 MFC ActiveX 控件
- 如何将MFC ActiveX 控件标记为可安全编写脚本和初始化
- 如何在VC6或者VC7下用 ATL做一个OpenGL的(COM)控件?
- 如何在VC6或者VC7下用 ATL做一个OpenGL的(COM)控件?
- ATL编写的带窗口的控件,无论VC6(ATL3.0) VC7.1(ATL7.0) 在Windows 7 或 Server 2008 下,WinForm调用时发生的问题
- 如何将MFC ActiveX 控件标记为可安全编写脚本和初始化
- 如何将标记为可安全编写脚本和初始化的 MFC ActiveX 控件 (转)
- 如何编写异常安全的C++代码
- 如何编写异常安全的C++代码
- 如何标记为安全 MFCActiveX 控件对于脚本和初始化
- atl 标准控件在用多线程发消息时VC可以接收但网页无法接收的问题
- 如何编写Silverlight动画效果控件
- VS2013编写嵌入网页的ATL控件2-给ATL控件添加鼠标响应
- VC中如何改变对框中控件的颜色
- 编写安全控件
- Linux 多线程应用中如何编写安全的信号处理函数
- 重画控件与系统托盘图标编写(VC_MFC)
- Linux 多线程应用中如何编写安全的信号处理函数
- VC++如何在程序中用代码注册和卸载ocx控件(代码)