开发Activex控件【二】

最新推荐文章于 2022-04-25 09:17:32 发布

loveheronly

最新推荐文章于 2022-04-25 09:17:32 发布

阅读量843

点赞数

分类专栏： VC++

本文链接：https://blog.csdn.net/loveheronly/article/details/8056181

版权

VC++ 专栏收录该内容

89 篇文章 1 订阅

订阅专栏

1.开发完ocx控件，在html页面测试如下：

<HTML>
<HEAD>
<TITLE>Test ActiveX</TITLE>
</HEAD>
<OBJECT ID="ocxDemo" WIDTH=528 HEIGHT=145 classid="CLSID:46ADDCAB-8ED3-4FCE-B6B4-A232AFB602AD">
    <PARAM NAME="_Version" VALUE="65536">
    <PARAM NAME="_ExtentX" VALUE="12806">
    <PARAM NAME="_ExtentY" VALUE="1747">
    <PARAM NAME="_StockProps" VALUE="0">
</OBJECT>
</HTML>

2.浏览该网页后，发现页面提示“在此页上的 ActiveX 控件和本页上的其它部份的交互可能不安全。你想允许这种交互？”

对此我们可以在程序中实现去掉该提示：在spDemoCtrl.h头文件加上#include <objsafe.h> ，然后再CspDemoCtrl的protected下添加如下代码：

	//去掉安全警告 BEGIN
	DECLARE_INTERFACE_MAP()
	BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)
		STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);
		STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
	END_INTERFACE_PART(ObjectSafety)
		//去掉安全警告 END

3.在实现类.cpp的IMPLEMENT_DYNCREATE(CspDemoCtrl, COleControl)这一行后增加如下内容：

//去掉安全警告 BEGIN
BEGIN_INTERFACE_MAP(CspDemoCtrl, COleControl)
	INTERFACE_PART(CspDemoCtrl, IID_IObjectSafety, ObjectSafety)
END_INTERFACE_MAP()
// Implementation of IObjectSafety
STDMETHODIMP CspDemoCtrl::XObjectSafety::GetInterfaceSafetyOptions(
	REFIID riid,
	DWORD __RPC_FAR *pdwSupportedOptions,
	DWORD __RPC_FAR *pdwEnabledOptions)
{
	METHOD_PROLOGUE_EX(CspDemoCtrl, ObjectSafety)
		if (!pdwSupportedOptions || !pdwEnabledOptions)
		{
			return E_POINTER;
		}
		*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
		*pdwEnabledOptions = 0;
		if (NULL == pThis->GetInterface(&riid))
		{
			TRACE("Requested interface is not supported.\n");
			return E_NOINTERFACE;
		}
		// What interface is being checked out anyhow?
		OLECHAR szGUID[39];
		int i = StringFromGUID2(riid, szGUID, 39);
		if (riid == IID_IDispatch)
		{
			// Client wants to know if object is safe for scripting
			*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
			return S_OK;
		}
		else if (riid == IID_IPersistPropertyBag
			|| riid == IID_IPersistStreamInit
			|| riid == IID_IPersistStorage
			|| riid == IID_IPersistMemory)
		{
			// Those are the persistence interfaces COleControl derived controls support
			// as indicated in AFXCTL.H
			// Client wants to know if object is safe for initializing from persistent data
			*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
			return S_OK;
		}
		else
		{
			// Find out what interface this is, and decide what options to enable
			//TRACE1("We didn"t account for the safety of this interface, and it"s one we support...\n");
			return E_NOINTERFACE;
		}
}
STDMETHODIMP CspDemoCtrl::XObjectSafety::SetInterfaceSafetyOptions(
	REFIID riid,
	DWORD dwOptionSetMask,
	DWORD dwEnabledOptions)
{
	METHOD_PROLOGUE_EX(CspDemoCtrl, ObjectSafety)
		OLECHAR szGUID[39];
	// What is this interface anyway?
	// We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface
	int i = StringFromGUID2(riid, szGUID, 39);
	if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
	{
		// the control certainly supports NO requests through the specified interface
		// so it"s safe to return S_OK even if the interface isn"t supported.
		return S_OK;
	}
	// Do we support the specified interface?
	if (NULL == pThis->GetInterface(&riid))
	{
		TRACE1("%s is not support.\n", szGUID);
		return E_FAIL;
	}
	if (riid == IID_IDispatch)
	{
		//TRACE("Client asking if it"s safe to call through IDispatch.\n");
		TRACE("In other words, is the control safe for scripting?\n");
		if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
		{
			return S_OK;
		}
		else
		{
			return E_FAIL;
		}
	}
	else if (riid == IID_IPersistPropertyBag
		|| riid == IID_IPersistStreamInit
		|| riid == IID_IPersistStorage
		|| riid == IID_IPersistMemory)
	{
		//TRACE("Client asking if it"s safe to call through IPersist*.\n");
		//TRACE("In other words, is the control safe for initializing from persistent data?\n");
		if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
		{
			return NOERROR;
		}
		else
		{
			return E_FAIL;
		}
	}
	else
	{
		//TRACE("We didn"t account for the safety of %s, and it"s one we support...\n", szGUID);
		return E_FAIL;
	}
}
STDMETHODIMP_(ULONG) CspDemoCtrl::XObjectSafety::AddRef()
{
	METHOD_PROLOGUE_EX_(CspDemoCtrl, ObjectSafety)
		return (ULONG)pThis->ExternalAddRef();
}
STDMETHODIMP_(ULONG) CspDemoCtrl::XObjectSafety::Release()
{
	METHOD_PROLOGUE_EX_(CspDemoCtrl, ObjectSafety)
		return (ULONG)pThis->ExternalRelease();
}
STDMETHODIMP CspDemoCtrl::XObjectSafety::QueryInterface(
	REFIID iid, LPVOID* ppvObj)
{
	METHOD_PROLOGUE_EX_(CspDemoCtrl, ObjectSafety)
		return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}
//去掉安全警告 END

4.给ocx控件添加安全接口

1）在spdemo.cpp文件加头文件

#include "COMCAT.H" //safe
#include "Objsafe.h" //safe

2）在CSPOCXApp NEAR theApp;下面添加如下

//safe 46ADDCAB-8ED3-4FCE-0xB6,0xB4,0xA2,0x32,0xAF,0xB6,0x02,0xAD【这里的一串跟CLSID一致的，从spdemo.idl最下面取到的】
const GUID CDECL CLSID_SafeItem = { 0x46ADDCAB, 0x8ED3, 0x4FCE, {0xB6,0xB4,0xA2,0x32,0xAF,0xB6,0x02,0xAD} };

3）添加几个函数代码：

//创建组件种类
HRESULT CreateComponentCategory(CATID catid,WCHAR *catDescription)
{
	ICatRegister* pcr = NULL ;
	HRESULT hr = S_OK ;

	hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, 
		NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
	if (FAILED(hr))
		return hr;

	// Make sure the HKCR/Component Categories/{..catid...}
	// key is registered.
	CATEGORYINFO catinfo;
	catinfo.catid = catid;
	catinfo.lcid = 0x0409 ; // english

	// Make sure the provided description is not too long.
	// Only copy the first 127 characters if it is.
	int len = wcslen(catDescription);
	if (len>127)
		len = 127;
	wcsncpy(catinfo.szDescription, catDescription, len);
	// Make sure the description is null terminated.
	catinfo.szDescription[len] = '/0';

	hr = pcr->RegisterCategories(1, &catinfo);
	pcr->Release();

	return hr;

}
//注册组件种类
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
	// Register your component categories information.
	ICatRegister* pcr = NULL ;
	HRESULT hr = S_OK ;
	hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, 
		NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
	if (SUCCEEDED(hr))
	{
		// Register this category as being "implemented" by the class.
		CATID rgcatid[1] ;
		rgcatid[0] = catid;
		hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid);
	}
	if (pcr != NULL)
		pcr->Release();
	return hr;
}
//卸载组件种类
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
	ICatRegister* pcr = NULL ;
	HRESULT hr = S_OK ;

	hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, 
		NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
	if (SUCCEEDED(hr))
	{
		// Unregister this category as being "implemented" by the class.
		CATID rgcatid[1] ;
		rgcatid[0] = catid;
		hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid);
	}

	if (pcr != NULL)
		pcr->Release();

	return hr;
}

4）修改DllRegisterServer和 DllUnregisterServer 函数：

// DllRegisterServer - 将项添加到系统注册表

STDAPI DllRegisterServer(void)
{
	AFX_MANAGE_STATE(_afxModuleAddrThis);

	if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid))
		return ResultFromScode(SELFREG_E_TYPELIB);

	if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE))
		return ResultFromScode(SELFREG_E_CLASS);

	// 标记控件初始化安全.
	// 创建初始化安全组件种类
	HRESULT hr;
	hr = CreateComponentCategory(CATID_SafeForInitializing, L"Controls safely initializable from persistent data!");
	if (FAILED(hr))
		return hr;
	// 注册初始化安全
	hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
	if (FAILED(hr))
		return hr;

	// 标记控件脚本安全
	// 创建脚本安全组件种类 
	hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls safely scriptable!");
	if (FAILED(hr))
		return hr;
	// 注册脚本安全组件种类
	hr = RegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
	if (FAILED(hr))
		return hr;

	return NOERROR;
}



// DllUnregisterServer - 将项从系统注册表中移除

STDAPI DllUnregisterServer(void)
{
	AFX_MANAGE_STATE(_afxModuleAddrThis);

	if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor))
		return ResultFromScode(SELFREG_E_TYPELIB);

	if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE))
		return ResultFromScode(SELFREG_E_CLASS);

	HRESULT hr;
	// 删除控件初始化安全入口.
	hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForInitializing);
	if (FAILED(hr))
		return hr;
	// 删除控件脚本安全入口
	hr=UnRegisterCLSIDInCategory(CLSID_SafeItem, CATID_SafeForScripting);
	if (FAILED(hr))
		return hr;

	return NOERROR;
}

5.3.发现重新浏览网页，还是有提示“为了有利于保护安全性，Internet Explorer 已限制此网页运行可以访问...”我们可以设置：
浏览器--工具--Internet选项--高级--允许活动内容在我的计算机上的文件中运行.