From 955685a777265ffc85b89fc9615cb5b5da9f32a1 Mon Sep 17 00:00:00 2001 From: Alistair Leslie-Hughes Date: Sat, 19 Feb 2011 15:51:29 +1100 Subject: [PATCH] msxml3: Add IObjectSafety support to IXMLHTTPRequest. --- dlls/msxml3/httprequest.c | 75 +++++++++++++ dlls/msxml3/tests/domdoc.c | 264 ++++++++++++++++++++++++--------------------- 2 files changed, 218 insertions(+), 121 deletions(-) diff --git a/dlls/msxml3/httprequest.c b/dlls/msxml3/httprequest.c index b935a8feb86..f491150b03a 100644 --- a/dlls/msxml3/httprequest.c +++ b/dlls/msxml3/httprequest.c @@ -30,6 +30,7 @@ #include "winuser.h" #include "ole2.h" #include "msxml6.h" +#include "objsafe.h" #include "msxml_private.h" @@ -62,6 +63,7 @@ typedef struct { IXMLHTTPRequest IXMLHTTPRequest_iface; IObjectWithSite IObjectWithSite_iface; + IObjectSafety IObjectSafety_iface; LONG ref; READYSTATE state; @@ -85,6 +87,9 @@ typedef struct /* IObjectWithSite*/ IUnknown *site; + + /* IObjectSafety */ + DWORD safeopt; } httprequest; static inline httprequest *impl_from_IXMLHTTPRequest( IXMLHTTPRequest *iface ) @@ -97,6 +102,11 @@ static inline httprequest *impl_from_IObjectWithSite(IObjectWithSite *iface) return CONTAINING_RECORD(iface, httprequest, IObjectWithSite_iface); } +static inline httprequest *impl_from_IObjectSafety(IObjectSafety *iface) +{ + return CONTAINING_RECORD(iface, httprequest, IObjectSafety_iface); +} + static void httprequest_setreadystate(httprequest *This, READYSTATE state) { READYSTATE last = This->state; @@ -516,6 +526,10 @@ static HRESULT WINAPI httprequest_QueryInterface(IXMLHTTPRequest *iface, REFIID { *ppvObject = &This->IObjectWithSite_iface; } + else if (IsEqualGUID(&IID_IObjectSafety, riid)) + { + *ppvObject = &This->IObjectSafety_iface; + } else { TRACE("Unsupported interface %s\n", debugstr_guid(riid)); @@ -1067,6 +1081,65 @@ static const IObjectWithSiteVtbl httprequestObjectSite = httprequest_ObjectWithSite_GetSite }; +/* IObjectSafety */ +static HRESULT WINAPI httprequest_Safety_QueryInterface(IObjectSafety *iface, REFIID riid, void **ppv) +{ + httprequest *This = impl_from_IObjectSafety(iface); + return IXMLHTTPRequest_QueryInterface( (IXMLHTTPRequest *)This, riid, ppv ); +} + +static ULONG WINAPI httprequest_Safety_AddRef(IObjectSafety *iface) +{ + httprequest *This = impl_from_IObjectSafety(iface); + return IXMLHTTPRequest_AddRef((IXMLHTTPRequest *)This); +} + +static ULONG WINAPI httprequest_Safety_Release(IObjectSafety *iface) +{ + httprequest *This = impl_from_IObjectSafety(iface); + return IXMLHTTPRequest_Release((IXMLHTTPRequest *)This); +} + +#define SAFETY_SUPPORTED_OPTIONS (INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA|INTERFACE_USES_SECURITY_MANAGER) + +static HRESULT WINAPI httprequest_Safety_GetInterfaceSafetyOptions(IObjectSafety *iface, REFIID riid, + DWORD *supported, DWORD *enabled) +{ + httprequest *This = impl_from_IObjectSafety(iface); + + TRACE("(%p)->(%s %p %p)\n", This, debugstr_guid(riid), supported, enabled); + + if(!supported || !enabled) return E_POINTER; + + *supported = SAFETY_SUPPORTED_OPTIONS; + *enabled = This->safeopt; + + return S_OK; +} + +static HRESULT WINAPI httprequest_Safety_SetInterfaceSafetyOptions(IObjectSafety *iface, REFIID riid, + DWORD mask, DWORD enabled) +{ + httprequest *This = impl_from_IObjectSafety(iface); + TRACE("(%p)->(%s %x %x)\n", This, debugstr_guid(riid), mask, enabled); + + if ((mask & ~SAFETY_SUPPORTED_OPTIONS) != 0) + return E_FAIL; + + This->safeopt = enabled & mask & SAFETY_SUPPORTED_OPTIONS; + return S_OK; +} + +#undef SAFETY_SUPPORTED_OPTIONS + +static const IObjectSafetyVtbl httprequestObjectSafety = { + httprequest_Safety_QueryInterface, + httprequest_Safety_AddRef, + httprequest_Safety_Release, + httprequest_Safety_GetInterfaceSafetyOptions, + httprequest_Safety_SetInterfaceSafetyOptions +}; + HRESULT XMLHTTPRequest_create(IUnknown *pUnkOuter, void **ppObj) { httprequest *req; @@ -1080,6 +1153,7 @@ HRESULT XMLHTTPRequest_create(IUnknown *pUnkOuter, void **ppObj) req->IXMLHTTPRequest_iface.lpVtbl = &dimimpl_vtbl; req->IObjectWithSite_iface.lpVtbl = &httprequestObjectSite; + req->IObjectSafety_iface.lpVtbl = &httprequestObjectSafety; req->ref = 1; req->async = FALSE; @@ -1094,6 +1168,7 @@ HRESULT XMLHTTPRequest_create(IUnknown *pUnkOuter, void **ppObj) req->reqheader_size = 0; list_init(&req->reqheaders); req->site = NULL; + req->safeopt = 0; *ppObj = &req->IXMLHTTPRequest_iface; diff --git a/dlls/msxml3/tests/domdoc.c b/dlls/msxml3/tests/domdoc.c index eee20a6b9f7..698b4b81b1a 100644 --- a/dlls/msxml3/tests/domdoc.c +++ b/dlls/msxml3/tests/domdoc.c @@ -3202,6 +3202,137 @@ static void test_removeNamedItem(void) IXMLDOMDocument_Release( doc ); } +#define test_IObjectSafety_set(p, r, r2, s, m, e, e2) _test_IObjectSafety_set(__LINE__,p, r, r2, s, m, e, e2) +static void _test_IObjectSafety_set(unsigned line, IObjectSafety *safety, HRESULT result, + HRESULT result2, DWORD set, DWORD mask, DWORD expected, + DWORD expected2) +{ + DWORD enabled, supported; + HRESULT hr; + + hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, set, mask); + if (result == result2) + ok_(__FILE__,line)(hr == result, "SetInterfaceSafetyOptions: expected %08x, returned %08x\n", result, hr ); + else + ok_(__FILE__,line)(broken(hr == result) || hr == result2, + "SetInterfaceSafetyOptions: expected %08x, got %08x\n", result2, hr ); + + supported = enabled = 0xCAFECAFE; + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); + ok(hr == S_OK, "ret %08x\n", hr ); + if (expected == expected2) + ok_(__FILE__,line)(enabled == expected, "Expected %08x, got %08x\n", expected, enabled); + else + ok_(__FILE__,line)(broken(enabled == expected) || enabled == expected2, + "Expected %08x, got %08x\n", expected2, enabled); + + /* reset the safety options */ + + hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, + INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA|INTERFACE_USES_SECURITY_MANAGER, + 0); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + ok_(__FILE__,line)(enabled == 0, "Expected 0, got %08x\n", enabled); +} + +#define test_IObjectSafety_common(s) _test_IObjectSafety_common(__LINE__,s) +static void _test_IObjectSafety_common(unsigned line, IObjectSafety *safety) +{ + DWORD enabled = 0, supported = 0; + HRESULT hr; + + /* get */ + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, NULL, &enabled); + ok_(__FILE__,line)(hr == E_POINTER, "ret %08x\n", hr ); + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, NULL); + ok_(__FILE__,line)(hr == E_POINTER, "ret %08x\n", hr ); + + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + ok_(__FILE__,line)(broken(supported == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA)) || + supported == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA | INTERFACE_USES_SECURITY_MANAGER) /* msxml3 SP8+ */, + "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA | INTERFACE_USES_SECURITY_MANAGER), " + "got %08x\n", supported); + ok_(__FILE__,line)(enabled == 0, "Expected 0, got %08x\n", enabled); + + /* set -- individual flags */ + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACESAFE_FOR_UNTRUSTED_CALLER, INTERFACESAFE_FOR_UNTRUSTED_CALLER, + INTERFACESAFE_FOR_UNTRUSTED_CALLER, INTERFACESAFE_FOR_UNTRUSTED_CALLER); + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA); + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACE_USES_SECURITY_MANAGER, INTERFACE_USES_SECURITY_MANAGER, + 0, INTERFACE_USES_SECURITY_MANAGER /* msxml3 SP8+ */); + + /* set INTERFACE_USES_DISPEX */ + + test_IObjectSafety_set(safety, S_OK, E_FAIL /* msxml3 SP8+ */, + INTERFACE_USES_DISPEX, INTERFACE_USES_DISPEX, + 0, 0); + + test_IObjectSafety_set(safety, S_OK, E_FAIL /* msxml3 SP8+ */, + INTERFACE_USES_DISPEX, 0, + 0, 0); + + test_IObjectSafety_set(safety, S_OK, S_OK /* msxml3 SP8+ */, + 0, INTERFACE_USES_DISPEX, + 0, 0); + + /* set option masking */ + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_CALLER, + INTERFACESAFE_FOR_UNTRUSTED_CALLER, + INTERFACESAFE_FOR_UNTRUSTED_CALLER); + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_DATA); + + test_IObjectSafety_set(safety, S_OK, S_OK, + INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACE_USES_SECURITY_MANAGER, + 0, + 0); + + /* set -- inheriting previous settings */ + + hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, + INTERFACESAFE_FOR_UNTRUSTED_CALLER, + INTERFACESAFE_FOR_UNTRUSTED_CALLER); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + todo_wine + ok_(__FILE__,line)(broken(enabled == INTERFACESAFE_FOR_UNTRUSTED_CALLER) || + enabled == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACE_USES_SECURITY_MANAGER) /* msxml3 SP8+ */, + "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACE_USES_SECURITY_MANAGER), " + "got %08x\n", enabled); + + hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, + INTERFACESAFE_FOR_UNTRUSTED_DATA, + INTERFACESAFE_FOR_UNTRUSTED_DATA); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); + ok_(__FILE__,line)(hr == S_OK, "ret %08x\n", hr ); + todo_wine + ok_(__FILE__,line)(broken(enabled == INTERFACESAFE_FOR_UNTRUSTED_DATA) || + enabled == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA) /* msxml3 SP8+ */, + "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA), " + "got %08x\n", enabled); +} + static void test_XMLHTTP(void) { static const WCHAR wszBody[] = {'m','o','d','e','=','T','e','s','t',0}; @@ -3216,6 +3347,7 @@ static void test_XMLHTTP(void) static const CHAR xmltestbodyA[] = "\nTEST\n"; IXMLHttpRequest *pXMLHttpRequest; + IObjectSafety *safety; IObjectWithSite *pSite; BSTR bstrResponse, method, url; VARIANT dummy; @@ -3441,6 +3573,16 @@ if (0) SysFreeString(url); + hr = IXMLHttpRequest_QueryInterface(pXMLHttpRequest, &IID_IObjectSafety, (void**)&safety); + ok(hr == S_OK, "ret %08x\n", hr ); + if(hr == S_OK) + { + test_IObjectSafety_common(safety); + + IObjectSafety_Release(safety); + } + + IDispatch_Release(event); IXMLHttpRequest_Release(pXMLHttpRequest); free_bstrs(); @@ -6161,44 +6303,10 @@ static void test_put_nodeValue(void) IXMLDOMDocument_Release(doc); } -static void test_IObjectSafety_set(IObjectSafety *safety, HRESULT result, HRESULT result2, DWORD set, DWORD mask, DWORD expected, DWORD expected2) -{ - DWORD enabled, supported; - HRESULT hr; - - hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, set, mask); - if (result == result2) - ok(hr == result, "SetInterfaceSafetyOptions: expected %08x, returned %08x\n", result, hr ); - else - ok(broken(hr == result) || hr == result2, - "SetInterfaceSafetyOptions: expected %08x, got %08x\n", result2, hr ); - - supported = enabled = 0xCAFECAFE; - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); - ok(hr == S_OK, "ret %08x\n", hr ); - if (expected == expected2) - ok(enabled == expected, "Expected %08x, got %08x\n", expected, enabled); - else - ok(broken(enabled == expected) || enabled == expected2, - "Expected %08x, got %08x\n", expected2, enabled); - - /* reset the safety options */ - - hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, - INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA|INTERFACE_USES_SECURITY_MANAGER, - 0); - ok(hr == S_OK, "ret %08x\n", hr ); - - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); - ok(hr == S_OK, "ret %08x\n", hr ); - ok(enabled == 0, "Expected 0, got %08x\n", enabled); -} - static void test_document_IObjectSafety(void) { IXMLDOMDocument *doc; IObjectSafety *safety; - DWORD enabled = 0, supported = 0; HRESULT hr; doc = create_document(&IID_IXMLDOMDocument); @@ -6207,93 +6315,7 @@ static void test_document_IObjectSafety(void) hr = IXMLDOMDocument_QueryInterface(doc, &IID_IObjectSafety, (void**)&safety); ok(hr == S_OK, "ret %08x\n", hr ); - /* get */ - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, NULL, &enabled); - ok(hr == E_POINTER, "ret %08x\n", hr ); - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, NULL); - ok(hr == E_POINTER, "ret %08x\n", hr ); - - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); - ok(hr == S_OK, "ret %08x\n", hr ); - ok(broken(supported == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA)) || - supported == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA | INTERFACE_USES_SECURITY_MANAGER) /* msxml3 SP8+ */, - "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA | INTERFACE_USES_SECURITY_MANAGER), " - "got %08x\n", supported); - ok(enabled == 0, "Expected 0, got %08x\n", enabled); - - /* set -- individual flags */ - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACESAFE_FOR_UNTRUSTED_CALLER, INTERFACESAFE_FOR_UNTRUSTED_CALLER, - INTERFACESAFE_FOR_UNTRUSTED_CALLER, INTERFACESAFE_FOR_UNTRUSTED_CALLER); - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA); - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACE_USES_SECURITY_MANAGER, INTERFACE_USES_SECURITY_MANAGER, - 0, INTERFACE_USES_SECURITY_MANAGER /* msxml3 SP8+ */); - - /* set INTERFACE_USES_DISPEX */ - - test_IObjectSafety_set(safety, S_OK, E_FAIL /* msxml3 SP8+ */, - INTERFACE_USES_DISPEX, INTERFACE_USES_DISPEX, - 0, 0); - - test_IObjectSafety_set(safety, S_OK, E_FAIL /* msxml3 SP8+ */, - INTERFACE_USES_DISPEX, 0, - 0, 0); - - test_IObjectSafety_set(safety, S_OK, S_OK /* msxml3 SP8+ */, - 0, INTERFACE_USES_DISPEX, - 0, 0); - - /* set option masking */ - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_CALLER, - INTERFACESAFE_FOR_UNTRUSTED_CALLER, - INTERFACESAFE_FOR_UNTRUSTED_CALLER); - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_DATA); - - test_IObjectSafety_set(safety, S_OK, S_OK, - INTERFACESAFE_FOR_UNTRUSTED_CALLER|INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACE_USES_SECURITY_MANAGER, - 0, - 0); - - /* set -- inheriting previous settings */ - - hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, - INTERFACESAFE_FOR_UNTRUSTED_CALLER, - INTERFACESAFE_FOR_UNTRUSTED_CALLER); - ok(hr == S_OK, "ret %08x\n", hr ); - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); - ok(hr == S_OK, "ret %08x\n", hr ); - todo_wine - ok(broken(enabled == INTERFACESAFE_FOR_UNTRUSTED_CALLER) || - enabled == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACE_USES_SECURITY_MANAGER) /* msxml3 SP8+ */, - "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACE_USES_SECURITY_MANAGER), " - "got %08x\n", enabled); - - hr = IObjectSafety_SetInterfaceSafetyOptions(safety, NULL, - INTERFACESAFE_FOR_UNTRUSTED_DATA, - INTERFACESAFE_FOR_UNTRUSTED_DATA); - ok(hr == S_OK, "ret %08x\n", hr ); - hr = IObjectSafety_GetInterfaceSafetyOptions(safety, NULL, &supported, &enabled); - ok(hr == S_OK, "ret %08x\n", hr ); - todo_wine - ok(broken(enabled == INTERFACESAFE_FOR_UNTRUSTED_DATA) || - enabled == (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA) /* msxml3 SP8+ */, - "Expected (INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA), " - "got %08x\n", enabled); + test_IObjectSafety_common(safety); IObjectSafety_Release(safety); -- 2.11.4.GIT