vbscript: Added IRegExp2_QueryInterface tests.
[wine/multimedia.git] / dlls / mshtml / secmgr.c
blobf961bcabd82fa78c851724fd69d2511968342583
1 /*
2 * Copyright 2009 Jacek Caban for CodeWeavers
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 #include "config.h"
21 #include <stdarg.h>
22 #include <stdio.h>
23 #include <assert.h>
25 #define COBJMACROS
27 #include "windef.h"
28 #include "winbase.h"
29 #include "winuser.h"
30 #include "ole2.h"
31 #include "activscp.h"
33 #include "wine/debug.h"
35 #include "mshtml_private.h"
37 WINE_DEFAULT_DEBUG_CHANNEL(mshtml);
39 static const WCHAR about_blankW[] = {'a','b','o','u','t',':','b','l','a','n','k',0};
41 /* Defined as extern in urlmon.idl, but not exported by uuid.lib */
42 DECLSPEC_HIDDEN const GUID GUID_CUSTOM_CONFIRMOBJECTSAFETY =
43 {0x10200490,0xfa38,0x11d0,{0xac,0x0e,0x00,0xa0,0xc9,0xf,0xff,0xc0}};
45 static inline HTMLDocumentNode *impl_from_IInternetHostSecurityManager(IInternetHostSecurityManager *iface)
47 return CONTAINING_RECORD(iface, HTMLDocumentNode, IInternetHostSecurityManager_iface);
50 static HRESULT WINAPI InternetHostSecurityManager_QueryInterface(IInternetHostSecurityManager *iface, REFIID riid, void **ppv)
52 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
53 return IHTMLDOMNode_QueryInterface(&This->node.IHTMLDOMNode_iface, riid, ppv);
56 static ULONG WINAPI InternetHostSecurityManager_AddRef(IInternetHostSecurityManager *iface)
58 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
59 return IHTMLDOMNode_AddRef(&This->node.IHTMLDOMNode_iface);
62 static ULONG WINAPI InternetHostSecurityManager_Release(IInternetHostSecurityManager *iface)
64 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
65 return IHTMLDOMNode_Release(&This->node.IHTMLDOMNode_iface);
68 static HRESULT WINAPI InternetHostSecurityManager_GetSecurityId(IInternetHostSecurityManager *iface, BYTE *pbSecurityId,
69 DWORD *pcbSecurityId, DWORD_PTR dwReserved)
71 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
72 FIXME("(%p)->(%p %p %lx)\n", This, pbSecurityId, pcbSecurityId, dwReserved);
73 return E_NOTIMPL;
76 static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHostSecurityManager *iface, DWORD dwAction,
77 BYTE *pPolicy, DWORD cbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwFlags, DWORD dwReserved)
79 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
80 const WCHAR *url;
82 TRACE("(%p)->(%d %p %d %p %d %x %x)\n", This, dwAction, pPolicy, cbPolicy, pContext, cbContext, dwFlags, dwReserved);
84 if(!This->basedoc.window)
85 return E_UNEXPECTED;
87 url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
89 return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy,
90 pContext, cbContext, dwFlags, dwReserved);
93 static HRESULT confirm_safety_load(HTMLDocumentNode *This, struct CONFIRMSAFETY *cs, DWORD *ret)
95 IObjectSafety *obj_safety;
96 HRESULT hres;
98 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
99 if(SUCCEEDED(hres)) {
100 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch,
101 INTERFACESAFE_FOR_UNTRUSTED_DATA, INTERFACESAFE_FOR_UNTRUSTED_DATA);
102 IObjectSafety_Release(obj_safety);
103 *ret = SUCCEEDED(hres) ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
104 }else {
105 CATID init_catid = CATID_SafeForInitializing;
107 hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &init_catid, 0, NULL);
108 assert(SUCCEEDED(hres));
109 *ret = hres == S_OK ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
112 return S_OK;
115 static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret)
117 DWORD policy, enabled_opts, supported_opts;
118 IObjectSafety *obj_safety;
119 HRESULT hres;
121 TRACE("%s %p %s\n", debugstr_w(url), cs->pUnk, debugstr_guid(&cs->clsid));
123 /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
125 hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
126 (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
127 if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
128 *ret = URLPOLICY_DISALLOW;
129 return S_OK;
132 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
133 if(SUCCEEDED(hres)) {
134 hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
135 if(FAILED(hres))
136 supported_opts = 0;
138 enabled_opts = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
139 if(supported_opts & INTERFACE_USES_SECURITY_MANAGER)
140 enabled_opts |= INTERFACE_USES_SECURITY_MANAGER;
142 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
143 if(FAILED(hres)) {
144 enabled_opts &= ~INTERFACE_USES_SECURITY_MANAGER;
145 hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatch, enabled_opts, enabled_opts);
147 IObjectSafety_Release(obj_safety);
149 if(FAILED(hres)) {
150 *ret = URLPOLICY_DISALLOW;
151 return S_OK;
153 }else {
154 CATID scripting_catid = CATID_SafeForScripting;
156 if(!This->catmgr) {
157 hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER,
158 &IID_ICatInformation, (void**)&This->catmgr);
159 if(FAILED(hres))
160 return hres;
163 hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL);
164 if(FAILED(hres))
165 return hres;
167 if(hres != S_OK) {
168 *ret = URLPOLICY_DISALLOW;
169 return S_OK;
173 if(cs->dwFlags & CONFIRMSAFETYACTION_LOADOBJECT)
174 return confirm_safety_load(This, cs, ret);
176 *ret = URLPOLICY_ALLOW;
177 return S_OK;
180 static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHostSecurityManager *iface, REFGUID guidKey,
181 BYTE **ppPolicy, DWORD *pcbPolicy, BYTE *pContext, DWORD cbContext, DWORD dwReserved)
183 HTMLDocumentNode *This = impl_from_IInternetHostSecurityManager(iface);
184 const WCHAR *url;
185 HRESULT hres;
187 TRACE("(%p)->(%s %p %p %p %d %x)\n", This, debugstr_guid(guidKey), ppPolicy, pcbPolicy, pContext, cbContext, dwReserved);
189 if(!This->basedoc.window)
190 return E_UNEXPECTED;
192 url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
194 hres = IInternetSecurityManager_QueryCustomPolicy(This->basedoc.window->secmgr, url, guidKey, ppPolicy, pcbPolicy,
195 pContext, cbContext, dwReserved);
196 if(hres != HRESULT_FROM_WIN32(ERROR_NOT_FOUND))
197 return hres;
199 if(IsEqualGUID(&GUID_CUSTOM_CONFIRMOBJECTSAFETY, guidKey)) {
200 IActiveScript *active_script;
201 struct CONFIRMSAFETY *cs;
202 DWORD policy;
204 if(cbContext != sizeof(struct CONFIRMSAFETY)) {
205 FIXME("wrong context size\n");
206 return E_FAIL;
209 cs = (struct CONFIRMSAFETY*)pContext;
210 TRACE("cs = {%s %p %x}\n", debugstr_guid(&cs->clsid), cs->pUnk, cs->dwFlags);
212 hres = IUnknown_QueryInterface(cs->pUnk, &IID_IActiveScript, (void**)&active_script);
213 if(SUCCEEDED(hres)) {
214 FIXME("Got IAciveScript iface\n");
215 IActiveScript_Release(active_script);
216 return E_FAIL;
219 hres = confirm_safety(This, url, cs, &policy);
220 if(FAILED(hres))
221 return hres;
223 *ppPolicy = CoTaskMemAlloc(sizeof(policy));
224 if(!*ppPolicy)
225 return E_OUTOFMEMORY;
227 *(DWORD*)*ppPolicy = policy;
228 *pcbPolicy = sizeof(policy);
229 TRACE("policy %x\n", policy);
230 return S_OK;
233 FIXME("Unknown guidKey %s\n", debugstr_guid(guidKey));
234 return hres;
237 static const IInternetHostSecurityManagerVtbl InternetHostSecurityManagerVtbl = {
238 InternetHostSecurityManager_QueryInterface,
239 InternetHostSecurityManager_AddRef,
240 InternetHostSecurityManager_Release,
241 InternetHostSecurityManager_GetSecurityId,
242 InternetHostSecurityManager_ProcessUrlAction,
243 InternetHostSecurityManager_QueryCustomPolicy
246 void HTMLDocumentNode_SecMgr_Init(HTMLDocumentNode *This)
248 This->IInternetHostSecurityManager_iface.lpVtbl = &InternetHostSecurityManagerVtbl;