VC ActiveX实现安全接口

CActiveXCtrl.h 头文件#pragma once #include <objsafe.h>  // CActiveXCtrl.h : CCActiveXCtrl ActiveX 控件类的声明。 // CCActiveXCtrl : 有关实现的信息，请参阅 CActiveXCtrl.cpp。 class CCActiveXCtrl : public COleControl { DECLARE_DYNCREATE(CCActiveXCtrl) // 构造函数 public: CCActiveXCtrl(); // 重写 public: virtual void OnDraw(CDC* pdc, const CRect& rcBounds, const CRect& rcInvalid); virtual void DoPropExchange(CPropExchange* pPX); virtual void OnResetState(); // 实现 protected: ~CCActiveXCtrl(); <span style="white-space:pre"> </span>//去掉安全警告 BEGIN <span style="white-space:pre"> </span>DECLARE_INTERFACE_MAP() <span style="white-space:pre"> </span>BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety) <span style="white-space:pre"> </span>STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions); <span style="white-space:pre"> </span>STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions); <span style="white-space:pre"> </span>END_INTERFACE_PART(ObjectSafety) <span style="white-space:pre"> </span>//去掉安全警告 END DECLARE_OLECREATE_EX(CCActiveXCtrl) // 类工厂和 guid DECLARE_OLETYPELIB(CCActiveXCtrl) // GetTypeInfo DECLARE_PROPPAGEIDS(CCActiveXCtrl) // 属性页 ID DECLARE_OLECTLTYPE(CCActiveXCtrl) // 类型名称和杂项状态 // 消息映射 DECLARE_MESSAGE_MAP() // 调度映射 DECLARE_DISPATCH_MAP() // 事件映射 DECLARE_EVENT_MAP() };

CActiveXCtrl.Cpp文件

// CActiveXCtrl.cpp : CCActiveXCtrl ActiveX 控件类的实现。 #include "stdafx.h" #include "CActiveXCtrl.h" #ifdef _DEBUG #define new DEBUG_NEW #endif IMPLEMENT_DYNCREATE(CCActiveXCtrl, COleControl) //去掉安全警告 BEGIN BEGIN_INTERFACE_MAP(CCActiveXCtrl, COleControl) INTERFACE_PART(CCActiveXCtrl, IID_IObjectSafety, ObjectSafety) END_INTERFACE_MAP() // Implementation of IObjectSafety STDMETHODIMP CCActiveXCtrl::XObjectSafety::GetInterfaceSafetyOptions( REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions) { METHOD_PROLOGUE_EX(CCActiveXCtrl, ObjectSafety); if (!pdwSupportedOptions || !pdwEnabledOptions) { return E_POINTER; } *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA; *pdwEnabledOptions = 0; if (NULL == pThis->GetInterface(&riid)) { TRACE("Requested interface is not supported.\n"); return E_NOINTERFACE; } // What interface is being checked out anyhow? OLECHAR szGUID[39]; int i = StringFromGUID2(riid, szGUID, 39); if (riid == IID_IDispatch) { // Client wants to know if object is safe for scripting *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER; return S_OK; } else if (riid == IID_IPersistPropertyBag || riid == IID_IPersistStreamInit || riid == IID_IPersistStorage || riid == IID_IPersistMemory) { // Those are the persistence interfaces COleControl derived controls support // as indicated in AFXCTL.H // Client wants to know if object is safe for initializing from persistent data *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA; return S_OK; } else { // Find out what interface this is, and decide what options to enable TRACE("We didn't account for the safety of this interface, and it's one we support\n"); return E_NOINTERFACE; } } STDMETHODIMP CCActiveXCtrl::XObjectSafety::SetInterfaceSafetyOptions( REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions) { METHOD_PROLOGUE_EX(CCActiveXCtrl, ObjectSafety); OLECHAR szGUID[39]; // What is this interface anyway? // We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface int i = StringFromGUID2(riid, szGUID, 39); if (0 == dwOptionSetMask && 0 == dwEnabledOptions) { // the control certainly supports NO requests through the specified interface // so it"s safe to return S_OK even if the interface isn"t supported. return S_OK; } // Do we support the specified interface? if (NULL == pThis->GetInterface(&riid)) { TRACE1("%s is not support.\n", szGUID); return E_FAIL; } if (riid == IID_IDispatch) { TRACE("Client asking if it's safe to call through IDispatch.\n"); TRACE("In other words, is the control safe for scripting?\n"); if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions) { return S_OK; } else { return E_FAIL; } } else if (riid == IID_IPersistPropertyBag || riid == IID_IPersistStreamInit || riid == IID_IPersistStorage || riid == IID_IPersistMemory) { TRACE("Client asking if it's safe to call through IPersist*.\n"); TRACE("In other words, is the control safe for initializing from persistent data?\n"); if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions) { return NOERROR; } else { return E_FAIL; } } else { TRACE1("We didn\"t account for the safety of %s, and it\"s one we support\n", szGUID); return E_FAIL; } } STDMETHODIMP_(ULONG) CCActiveXCtrl::XObjectSafety::AddRef() { METHOD_PROLOGUE_EX_(CCActiveXCtrl, ObjectSafety) return (ULONG)pThis->ExternalAddRef(); } STDMETHODIMP_(ULONG) CCActiveXCtrl::XObjectSafety::Release() { METHOD_PROLOGUE_EX_(CCActiveXCtrl, ObjectSafety) return (ULONG)pThis->ExternalRelease(); } STDMETHODIMP CCActiveXCtrl::XObjectSafety::QueryInterface(REFIID iid, LPVOID* ppvObj) { METHOD_PROLOGUE_EX_(CCActiveXCtrl, ObjectSafety) return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj); } //去掉安全警告 END