Category

Development Platform
Home > SourceCode/Document > Windows Develop > Windows Kernel > View Code
utils.cpp
Package: shell.rar [view]
Upload User: xhy777
Upload Date: 2007-02-14
Package Size: 24088k
Code Size: 5k
Category:

Windows Kernel

Development Platform:

Visual C++

utils.cpp:Code Content
  1. #include "stdafx.h"
  2. #pragma hdrstop
  4. // This isn't a typical delay load since it's called only if wininet
  5. // is already loaded in memory. Otherwise the call is dropped on the floor.
  6. // Defview did it this way I assume to keep WININET out of first boot time.
  7. BOOL MyInternetSetOption(HANDLE h, DWORD dw1, LPVOID lpv, DWORD dw2)
  8. {
  9.     BOOL bRet = FALSE;
  10.     HMODULE hmod = GetModuleHandle(TEXT("wininet.dll"));
  11.     if (hmod)
  12.     {
  13.         typedef BOOL (*PFNINTERNETSETOPTIONA)(HANDLE h, DWORD dw1, LPVOID lpv, DWORD dw2);
  14.         FARPROC fp = GetProcAddress(hmod, "InternetSetOptionA");
  15.         if (fp)
  16.         {
  17.             bRet = ((PFNINTERNETSETOPTIONA)fp)(h, dw1, lpv, dw2);
  18.         }
  19.     }
  20.     return bRet;
  21. }
  23. // REVIEW: maybe just check (hwnd == GetShellWindow())
  25. STDAPI_(BOOL) IsDesktopWindow(HWND hwnd)
  26. {
  27.     TCHAR szName[80];
  29.     GetClassName(hwnd, szName, ARRAYSIZE(szName));
  30.     if (!lstrcmp(szName, TEXT(STR_DESKTOPCLASS)))
  31.     {
  32.         GetWindowText(hwnd, szName, ARRAYSIZE(szName));
  33.         return !lstrcmp(szName, TEXT("Program Manager"));
  34.     }
  35.     return FALSE;
  36. }
  39. STDAPI GetHTMLDoc2(IUnknown *punk, IHTMLDocument2 **ppHtmlDoc)
  40. {
  41.     *ppHtmlDoc = NULL;
  43.     if (!punk)
  44.         return E_FAIL;
  45.         
  46.     *ppHtmlDoc = NULL;
  47.     //  The window.external, jscript "new ActiveXObject" and the <OBJECT> tag
  48.     //  don't take us down the same road.
  50.     IOleClientSite *pClientSite;
  51.     HRESULT hr = punk->QueryInterface(IID_PPV_ARG(IOleClientSite, &pClientSite));
  52.     if (SUCCEEDED(hr))
  53.     {
  54.         //  <OBJECT> tag path
  56.         IOleContainer *pContainer;
  57.         hr = pClientSite->GetContainer(&pContainer);
  58.         if (SUCCEEDED(hr))
  59.         {
  60.             hr = pContainer->QueryInterface(IID_PPV_ARG(IHTMLDocument2, ppHtmlDoc));
  61.             pContainer->Release();
  62.         }
  63.     
  64.         if (FAILED(hr))
  65.         {
  66.             //  window.external path
  67.             IWebBrowser2 *pWebBrowser2;
  68.             hr = IUnknown_QueryService(pClientSite, SID_SWebBrowserApp, IID_PPV_ARG(IWebBrowser2, &pWebBrowser2));
  69.             if (SUCCEEDED(hr))
  70.             {
  71.                 IDispatch *pDispatch;
  72.                 hr = pWebBrowser2->get_Document(&pDispatch);
  73.                 if (SUCCEEDED(hr))
  74.                 {
  75.                     hr = pDispatch->QueryInterface(IID_PPV_ARG(IHTMLDocument2, ppHtmlDoc));
  76.                     pDispatch->Release();
  77.                 }
  78.                 pWebBrowser2->Release();
  79.             }
  80.         }
  81.         pClientSite->Release();
  82.     }
  83.     else
  84.     {
  85.         //  jscript path
  86.         hr = IUnknown_QueryService(punk, SID_SContainerDispatch, IID_PPV_ARG(IHTMLDocument2, ppHtmlDoc));
  87.     }
  89.     ASSERT(FAILED(hr) || (*ppHtmlDoc));
  91.     return hr;
  92. }
  95. STDAPI LocalZoneCheckPath(LPCWSTR bstrPath)
  96. {
  97.     HRESULT hr = E_ACCESSDENIED;
  98.     if (bstrPath) 
  99.     {
  100.         IInternetSecurityManager *pSecMgr;
  101.         if (SUCCEEDED(CoCreateInstance(CLSID_InternetSecurityManager, 
  102.                                        NULL, CLSCTX_INPROC_SERVER,
  103.                                        IID_IInternetSecurityManager, 
  104.                                        (void **)&pSecMgr))) 
  105.         {
  106.             DWORD dwZoneID = URLZONE_UNTRUSTED;
  107.             if (SUCCEEDED(pSecMgr->MapUrlToZone(bstrPath, &dwZoneID, 0))) 
  108.             {
  109.                 if (dwZoneID == URLZONE_LOCAL_MACHINE)
  110.                     hr = S_OK;
  111.             }       
  112.             pSecMgr->Release();
  113.         }
  114.     } 
  115.     else 
  116.     {
  117.         hr = E_INVALIDARG;
  118.     }
  119.     return hr;
  120. }
  122. STDAPI LocalZoneCheck(IUnknown *punkSite)
  123. {
  124.     HRESULT hr = E_ACCESSDENIED;
  125.     IOleCommandTarget * pct;
  126.     BOOL fTriedBrowser = FALSE;
  128.     //  Return S_FALSE if we don't have a host site since we have no way of doing a 
  129.     //  security check.  This is as far as VB 5.0 apps get.
  130.     if (!punkSite)
  131.         return S_FALSE;
  133.     // Try to find the original template path for zone checking
  134.     if (SUCCEEDED(IUnknown_QueryService(punkSite, SID_DefView, IID_IOleCommandTarget, (void **)&pct)))
  135.     {
  136.         VARIANT vTemplatePath;
  137.         vTemplatePath.vt = VT_EMPTY;
  138.         if (pct->Exec(&CGID_DefView, DVCMDID_GETTEMPLATEDIRNAME, 0, NULL, &vTemplatePath) == S_OK)
  139.         {
  140.             fTriedBrowser = TRUE;
  141.             if (vTemplatePath.vt == VT_BSTR)
  142.                 hr = LocalZoneCheckPath(vTemplatePath.bstrVal);
  144.             // We were able to talk to the browser, so don't fall back on Trident because they may be
  145.             // less secure.
  146.             fTriedBrowser = TRUE;
  147.             VariantClear(&vTemplatePath);
  148.         }
  149.         pct->Release();
  150.     }
  152.     // If this is one of those cases where the browser doesn't exist (AOL, VB, ...) then
  153.     // we will check the scripts security.  If we did ask the browser, don't ask trident
  154.     // because the browser is often more restrictive in some cases.
  155.     if (!fTriedBrowser && (hr != S_OK))
  156.     {
  157.         // Try to use the URL from the document to zone check 
  158.         IHTMLDocument2 *pHtmlDoc;
  159.         if (SUCCEEDED(GetHTMLDoc2(punkSite, &pHtmlDoc)))
  160.         {
  161.             BSTR bstrPath;
  162.             if (SUCCEEDED(pHtmlDoc->get_URL(&bstrPath)))
  163.             {
  164.                 hr = LocalZoneCheckPath(bstrPath);
  165.                 SysFreeString(bstrPath);
  166.             }
  167.             pHtmlDoc->Release();
  168.         }
  169.     }
  170.                             
  171.     return hr;
  172. }