javascript - 在 C++ 中继承 IObjectSafetyImpl 以实现安全的 javascript activex 控件

标签 javascript visual-c++ activex

我在将控件设置为安全时遇到问题。 我发现这个 thread 解释了如何完成它。 我按照说明做了:

class myctrl: public COleControl, public IObjectSafetyImpl<myctrl,INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA>
{

然后,我添加了以下内容:

BEGIN_COM_MAP(myctrl)
    COM_INTERFACE_ENTRY(IObjectSafety)
END_COM_MAP()

“BEGIN_COM_MAP”给我带来麻烦,我不知道为什么。 它说“锁定”和“解锁”不是 myctrl 的成员。 我找不到任何与之相关的东西以及我需要对这两个成员做什么 我也收到错误:

Error   3   error C2660: 'CCmdTarget::InternalQueryInterface' : function does not take 4 arguments

最佳答案

对于 MFC COM,您需要将一些样板代码添加到您的 COleControl 派生类中。警告 - 即将出现一些大的复制/粘贴,所以请原谅拼写错误!

首先,在您的控件的头文件中,添加以下内容

DECLARE_INTERFACE_MAP()
BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)
    STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);
    STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
END_INTERFACE_PART(ObjectSafety)

然后,在实现文件中,添加这个

BEGIN_INTERFACE_MAP(myctrl, COleControl)
    INTERFACE_PART(myctrl, IID_IObjectSafety, ObjectSafety)
END_INTERFACE_MAP()

// Implementation of IObjectSafety
STDMETHODIMP myctrl::XObjectSafety::GetInterfaceSafetyOptions(
    REFIID riid,
    DWORD __RPC_FAR *pdwSupportedOptions,
    DWORD __RPC_FAR *pdwEnabledOptions)
{
    METHOD_PROLOGUE_EX(myctrl, ObjectSafety)

        if (!pdwSupportedOptions || !pdwEnabledOptions)
        {
            return E_POINTER;
        }

        *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
        *pdwEnabledOptions = 0;

        if (NULL == pThis->GetInterface(&riid))
        {
            TRACE("Requested interface is not supported./n");
            return E_NOINTERFACE;
        }

        // What interface is being checked out anyhow?
        OLECHAR szGUID[39];
        int i = StringFromGUID2(riid, szGUID, 39);

        if (riid == IID_IDispatch)
        {
            // Client wants to know if object is safe for scripting
            *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
            return S_OK;
        }
        else if (riid == IID_IPersistPropertyBag
            || riid == IID_IPersistStreamInit
            || riid == IID_IPersistStorage
            || riid == IID_IPersistMemory)
        {
            // Those are the persistence interfaces COleControl derived controls support
            // as indicated in AFXCTL.H
            // Client wants to know if object is safe for initializing from persistent data
            *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
            return S_OK;
        }
        else
        {
            // Find out what interface this is, and decide what options to enable
            TRACE("We didn't account for the safety of this interface, and it's one we support.../n");
            return E_NOINTERFACE;
        } 
}
STDMETHODIMP myctrl::XObjectSafety::SetInterfaceSafetyOptions(
    REFIID riid,
    DWORD dwOptionSetMask,
    DWORD dwEnabledOptions)
{
    METHOD_PROLOGUE_EX(myctrl, ObjectSafety)

        OLECHAR szGUID[39];
    // What is this interface anyway?
    // We can do a quick lookup in the registry under HKEY_CLASSES_ROOT/Interface
    int i = StringFromGUID2(riid, szGUID, 39);

    if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
    {
        // the control certainly supports NO requests through the specified interface
        // so it's safe to return S_OK even if the interface isn't supported.
        return S_OK;
    }

    // Do we support the specified interface?
    if (NULL == pThis->GetInterface(&riid))
    {
        TRACE1("%s is not support./n", szGUID);
        return E_FAIL;
    }


    if (riid == IID_IDispatch)
    {
        TRACE("Client asking if it's safe to call through IDispatch./n");
        TRACE("In other words, is the control safe for scripting?/n");
        if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
        {
            return S_OK;
        }
        else
        {
            return E_FAIL;
        }
    }
    else if (riid == IID_IPersistPropertyBag
        || riid == IID_IPersistStreamInit
        || riid == IID_IPersistStorage
        || riid == IID_IPersistMemory)
    {
        TRACE("Client asking if it's safe to call through IPersist*./n");
        TRACE("In other words, is the control safe for initializing from persistent data?/n");

        if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
        {
            return NOERROR;
        }
        else
        {
            return E_FAIL;
        }
    }
    else
    {
        TRACE1("We didn't account for the safety of %s, and it's one we support.../n", szGUID);
        return E_FAIL;
    }
}
STDMETHODIMP_(ULONG) myctrl::XObjectSafety::AddRef()
{
    METHOD_PROLOGUE_EX_(myctrl, ObjectSafety)
        return (ULONG)pThis->ExternalAddRef();
}
STDMETHODIMP_(ULONG) myctrl::XObjectSafety::Release()
{
    METHOD_PROLOGUE_EX_(myctrl, ObjectSafety)
        return (ULONG)pThis->ExternalRelease();
}
STDMETHODIMP myctrl::XObjectSafety::QueryInterface(
    REFIID iid, LPVOID* ppvObj)
{
    METHOD_PROLOGUE_EX_(myctrl, ObjectSafety)
        return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}

关于javascript - 在 C++ 中继承 IObjectSafetyImpl 以实现安全的 javascript activex 控件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16911847/

相关文章:

javascript - 如何在每个循环中获取 Meteor 模板中数组的索引?

javascript - 如何使用三个返回变量中的特定变量?

javascript - 与 jquery 连接

c++ - VS2010 中未解析的外部符号

c++ - InternetOpenUrl 间歇性超时

vba - 使用 VBA 重新创建带有 VBA 事件的 ActiveX 控件

javascript - 如何将键值对对象转换为 ES6 中的值数组?

visual-c++ - LNK2019 - Visual Studio 2013 - 尽管定义了所有符号仍出错

c++ - InvalidArgs 尝试在 C++ 中使用 UrlCreateFromPath 时

java - Windows 上的 "Temporary Internet Files"文件夹