Determining URL from ActiveX Control
Rating: none Ravishankar.R (view profile)
January 14, 2001 This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted. Introduction
I had to develop ActiveX controls for web based applications. Some of these controls were manipulating the local resources. To disable malicious use of these control by others through scripting, I had to implement security check. I decided to implement a simple security scheme where I determine the url in which the control is hosted. If the url comes from our domain, I enabled its functionality.
I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,
which returns a user-readable representation of the moniker. Code:
HRESULT hrResult = S_FALSE;
IOleClientSite *pClientSite = NULL;
IMoniker* pMoniker = NULL;
LPOLESTR sDisplayName; // If using ATL to develop, use the m_spClientSite data
// member of CComControl class. // If using MFC, use the following code:
// (member function of COleControl class
// - don't forget to call release)
// pClientSite = GetClientSite(); hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
OLEWHICHMK_CONTAINER,
&pMoniker);
if(SUCCEEDED(hrResult))
{
hrResult = pMoniker->GetDisplayName(NULL,
NULL,
&sDisplayName);
pMoniker->Release();
} //TODO : relevant processing with sDisplayName and
//free sDisplayName using SysFreeString()[email protected]
Rating: none Ravishankar.R (view profile)
January 14, 2001 This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted. Introduction
I had to develop ActiveX controls for web based applications. Some of these controls were manipulating the local resources. To disable malicious use of these control by others through scripting, I had to implement security check. I decided to implement a simple security scheme where I determine the url in which the control is hosted. If the url comes from our domain, I enabled its functionality.
I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,
which returns a user-readable representation of the moniker. Code:
HRESULT hrResult = S_FALSE;
IOleClientSite *pClientSite = NULL;
IMoniker* pMoniker = NULL;
LPOLESTR sDisplayName; // If using ATL to develop, use the m_spClientSite data
// member of CComControl class. // If using MFC, use the following code:
// (member function of COleControl class
// - don't forget to call release)
// pClientSite = GetClientSite(); hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
OLEWHICHMK_CONTAINER,
&pMoniker);
if(SUCCEEDED(hrResult))
{
hrResult = pMoniker->GetDisplayName(NULL,
NULL,
&sDisplayName);
pMoniker->Release();
} //TODO : relevant processing with sDisplayName and
//free sDisplayName using SysFreeString()[email protected]
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货