各位进来看看,我已经进行了数字签名和注册控件了,第一次进入网页时会弹出一个安全设置警告对话框.之后控件的方法还是不能调用?

一.数字签名是:
1.makecert -sv Private.pvk -n "CN=INTTTR" myNew.cer
2.cert2spc myNew.cer myNew.spc
3.signcode(利用向导).
二.注册控件:
BOOL CDerCtrl::CDerCtrlFactory::UpdateRegistry(BOOL bRegister)
{
if (bRegister)
{
HRESULT hr = S_OK ;
hr = CreateComponentCategory(CATID_SafeForScripting,
                          L"Controls that are safely scriptable");
hr = RegisterCLSIDInCategory(m_clsid, CATID_SafeForScripting);
hr = CreateComponentCategory(CATID_SafeForInitializing,
L"Controls safely initializable from persistent data");
hr = RegisterCLSIDInCategory(m_clsid, CATID_SafeForInitializing);
....
} //通过.3.网页中调用控件的方法是:
<%setusrpwd()... %>
...
<OBJECT classid="clsid:C170BADB-A7B8-4C98-9E0D-CEC461CD2A1B"  codeBase=http://192.168.0.89//der.ocx#version=1,0,0,1
height=126 id="derctrl" width=306>
</OBJECT><SCRIPT language=JavaScript>
function setusrpwd(){   //此方法被调用
  derctrl.SetUser(ftpuser);//方法没有执行
  derctrl.SetPwd(ftppass);//方法没有执行
   }
</SCRIPT>
那位帮我看一下?或提出一点建议.

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

好像忘了写id了<OBJECT id="derctrl"
classid="clsid:C170BADB-A7B8-4C98-9E0D-CEC461CD2A1B"  codeBase=http://192.168.0.89//der.ocx#version=1,0,0,1
height=126 id="derctrl" width=306>
</OBJECT>
其实完全可以不用做什么签名。
有两种方法可以检测控件的初始化安全性。第一种使用组件分组管理器(Component Categories Manager)创建一个正确的入口到系统注册表。IE检测注册表之后才调用你的控件决定是否这些入口存在。第二种方法实现一个名称为IObjectSafe的接口到你的控件。如果IE发现你的控件支持IObjectSafety，它调用 IObjectSafety::SetInterfaceSafetyOptions 方法然后才载入你的控件。
1、使用组件分组管理器。其实就是在DLLRegisterServer函数中写注册表，具体你可以看一下微软给的方法（Microsoft Knowledge Base Article - 164119），它上面给出了个例程Safectl.exe（源程序压缩包）。
2、实现接口IObjectSafety中的SetInterfaceSafetyOptions 与GetInterfaceSafetyOptions。用Atl比较简单，将你的类后再加上：
public IObjectSafetyImpl<xxxxxxxxx/*你的类*/, INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA>
再实现public方法：
STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD *pdwSupportedOptions, WORD *pdwEnabledOptions);
STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
下面是我的一个程序中两个函数的实现，肯定有不足之处，但处理这个问题比较有效：
STDMETHODIMP CXmlParser::GetInterfaceSafetyOptions (REFIID riid, DWORD *pdwSupportedOptions, DWORD *pdwEnabledOptions)
{
HRESULT hRes = E_FAIL;
LPUNKNOWN pUnknown;
hRes = _InternalQueryInterface (riid, (void **) &pUnknown);
if (FAILED (hRes)) {
ATLTRACE (_T ("Failed to get interface pointer!\n"));
return (hRes);
}
if (pdwSupportedOptions == NULL || pdwEnabledOptions == NULL)
{
ATLTRACE (_T ("Null pointers in the arguments!\n"));
return (hRes);
}
pUnknown->Release ();
pUnknown = NULL;
if (riid == IID_IDispatch)
{

*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
*pdwEnabledOptions = m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_CALLER; return (S_OK);
}
else if (riid == IID_IPersistStreamInit || riid == IID_IPersistStorage ||
riid == IID_IPersistPropertyBag)
{
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_DATA; return (S_OK);
}
else
{
*pdwSupportedOptions = 0;
*pdwEnabledOptions = 0; return (E_FAIL);
} return (hRes);
}STDMETHODIMP CXmlParser::SetInterfaceSafetyOptions (REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions)
{
HRESULT hRes = E_FAIL;
LPUNKNOWN pUnknown; if (!dwOptionSetMask || !dwEnabledOptions)
{
ATLTRACE (_T ("Null arguments!\n"));
return (hRes);
}
hRes = _InternalQueryInterface (riid, (void**) &pUnknown);
if (FAILED (hRes))
{
ATLTRACE (_T ("Interface not supported!\n"));
return (hRes);
}
pUnknown->Release ();
pUnknown = NULL; m_dwCurrentSafety |= dwEnabledOptions & dwOptionSetMask; if ((riid == IID_IDispatch) && (m_dwCurrentSafety & INTERFACESAFE_FOR_UNTRUSTED_CALLER))
{
//安全

}
else if (((riid == IID_IPersistStreamInit) || (riid == IID_IPersistStorage) ||
(riid == IID_IPersistPropertyBag)) && (m_dwCurrentSafety &
INTERFACESAFE_FOR_UNTRUSTED_DATA))
{
return (S_OK);
}
else
{
//不安全
return (E_FAIL);
} return (hRes);
}