资源描述
开发安全标记的MFC ActiveX 控件及在IIS网页中使用和发布
问题引入:
在VC6.0使用MFC ActiveX ControlWizard开发ActiveX控件时,默认情况下 MFC ActiveX 控件未标记为安全的脚本和初始化的安全。所以导致在控件在IIS中发布时,造成可以加载但是不能正常构造和初始化(即在网页中调用时显示一个红色叉,但其实通过调试发现控件实际是加载了的)。这个问题得解决涉及两方面的问题即1、实现 IObjectSafety 接口的控件使得在 Internet 浏览器的上下文中运行“安全”。2、修改该控件的 DllRegisterServer 函数来标记该控件在注册表中"安全"。
本文将以一个CCircleCtrl控件实例来说明实现方法,下面分别说明具体实现方法。
1、 生成默认ActiveX控件及控件的调试(老鸟跳过)。
新建工程选择类型选择MFC ActiveX ContronWizard 在Project name中输入”Circle”点击”OK”,其余均按默认完成向导。
将工程编译、连接后,你就已经实现了一个ActiveX控件,并且已经注册到你的计算机。你可以通过在注册表的中找到HKEY_CLASSES_ROOT\CIRCLE.CircleCtrl.1,CLSID中得默认值就是Circle控件的注册号(唯一标志ID),形如04D9986E-E2D7-4827-A8F6-BFE003E64D54但是注意不同计算机生成的这个值是不一样的,下面使用这个值时请将它替换为你的注册号。
调试:ActiveX可以使用ActiveX Control Test Container和浏览器来或其他使用此控件的应用程序来调试。如下图:
(1)使用ActiveX Control Test Container调试:
F5,在ActiveX Control Test Container启动后,右键选择“插入新控件”,选择我们刚刚生成的控件Circle Control。插入后你将看到一个显示了圆形的控件。控件运行成功。
(2)使用浏览器调试:
新建记事本写入如下代码:(注意clsid用你自己的)
<head>
<title>ActivX Test</title>
</head>
<body>
<center>
<object classid="clsid:04D9986E-E2D7-4827-A8F6-BFE003E64D54"
codebase="circle.ocx#version=1,0,0,0" height="400px" width="400px">
</object>
</center>
</body>
将文件名改为Circle.html
更改调试方式为Default Web Browser ;F5 (因为已经注册了控件你也可以直接点击这个.html文件查看效果)在地址栏中输入以上html文件的路径,并允许阻止内容。预料中的“圆形”也如期而至。但是把Circle.html拷贝至IIS根目录,在浏览器中输入http://127.0.0.1/Circle.html ,按理说我们的计算机已经注册了这个控件,应该显示出“圆形”但是结果却是出现了一个红色的叉。控件在网络发布的时候出现了问题。这就是浏览器阻止了非安全标记的ActiveX控件。要解决这个问题得实现下面的2、3步骤。(解决IIS的安装及配置和使用等网络上资源很多)。
2、 实现 IObjectSafety 接口的控件
在CircleCtl.h加入
#ifdef L_IMPL_OBJECTSAFETY
#include <objsafe.h>
#endif// L_IMPL_OBJECTSAFETY
在CCircleCtrl类定义中的DECLARE_MESSAGE_MAP()语句后加入:
public:
#ifdef L_IMPL_OBJECTSAFETY
BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety)
STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions);
STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions);
END_INTERFACE_PART(ObjectSafety)
DECLARE_INTERFACE_MAP();
#endif // L_IMPL_OBJECTSAFETY
在CricleCtl.cpp文件中IMPLEMENT_DYNCREATE(CCircleCtrl, COleControl)语句后加入:
#ifdef L_IMPL_OBJECTSAFETY
BEGIN_INTERFACE_MAP(CCircleCtrl, COleControl)
INTERFACE_PART(CCircleCtrl, IID_IObjectSafety, ObjectSafety)
END_INTERFACE_MAP()
#endif // L_IMPL_OBJECTSAFETY
在CricleCtl.cpp文件末尾加入:
#ifdef L_IMPL_OBJECTSAFETY
// Implementation of IObjectSafety
STDMETHODIMP CCircleCtrl::XObjectSafety::GetInterfaceSafetyOptions(
REFIID riid,
DWORD __RPC_FAR *pdwSupportedOptions,
DWORD __RPC_FAR *pdwEnabledOptions)
{
METHOD_PROLOGUE_EX(CCircleCtrl, ObjectSafety)
if (!pdwSupportedOptions || !pdwEnabledOptions)
{
return E_POINTER;
}
*pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
*pdwEnabledOptions = 0;
if (NULL == pThis->GetInterface(&riid))
{
// TRACE("Requested interface is not supported.\n");
return E_NOINTERFACE;
}
// What interface is being checked out anyhow?
OLECHAR szGUID[39];
int i = StringFromGUID2(riid, szGUID, 39);
if (riid == IID_IDispatch)
{
// Client wants to know if object is safe for scripting
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
return S_OK;
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
// Those are the persistence interfaces COleControl derived controls support
// as indicated in AFXCTL.H
// Client wants to know if object is safe for initializing from persistent data
*pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
return S_OK;
}
else
{
// Find out what interface this is, and decide what options to enable
// TRACE("We didn't account for the safety of this interface, and it's one we support...\n");
return E_NOINTERFACE;
}
}
STDMETHODIMP CCircleCtrl::XObjectSafety::SetInterfaceSafetyOptions(
REFIID riid,
DWORD dwOptionSetMask,
DWORD dwEnabledOptions)
{
METHOD_PROLOGUE_EX(CCircleCtrl, ObjectSafety)
OLECHAR szGUID[39];
// What is this interface anyway?
// We can do a quick lookup in the registry under HKEY_CLASSES_ROOT\Interface
int i = StringFromGUID2(riid, szGUID, 39);
if (0 == dwOptionSetMask && 0 == dwEnabledOptions)
{
// the control certainly supports NO requests through the specified interface
// so it's safe to return S_OK even if the interface isn't supported.
return S_OK;
}
// Do we support the specified interface?
if (NULL == pThis->GetInterface(&riid))
{
TRACE1("%s is not support.\n", szGUID);
return E_FAIL;
}
if (riid == IID_IDispatch)
{
// TRACE("Client asking if it's safe to call through IDispatch.\n");
// TRACE("In other words, is the control safe for scripting?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions)
{
return S_OK;
}
else
{
return E_FAIL;
}
}
else if (riid == IID_IPersistPropertyBag
|| riid == IID_IPersistStreamInit
|| riid == IID_IPersistStorage
|| riid == IID_IPersistMemory)
{
// TRACE("Client asking if it's safe to call through IPersist*.\n");
// TRACE("In other words, is the control safe for initializing from persistent data?\n");
if (INTERFACESAFE_FOR_UNTRUSTED_DATA == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions)
{
return NOERROR;
}
else
{
return E_FAIL;
}
}
else
{
TRACE1("We didn't account for the safety of %s, and it's one we support...\n", szGUID);
return E_FAIL;
}
}
STDMETHODIMP_(ULONG) CCircleCtrl::XObjectSafety::AddRef()
{
METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety)
return (ULONG)pThis->ExternalAddRef();
}
STDMETHODIMP_(ULONG) CCircleCtrl::XObjectSafety::Release()
{
METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety)
return (ULONG)pThis->ExternalRelease();
}
STDMETHODIMP CCircleCtrl::XObjectSafety::QueryInterface(
REFIID iid, LPVOID* ppvObj)
{
METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety)
return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj);
}
#endif // L_IMPL_OBJECTSAFETY
好了,现在控件已经实现了IObjectSafety 接口。
3、 修改该控件的 DllRegisterServer 函数来标记该控件在注册表中"安全"。
将以下两个文件复制保存并加入到当前工程中来:
Cathelp.h文件:
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
// ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
// PARTICULAR PURPOSE.
//
#ifndef __CATHELP_H__
#define __CATHELP_H__
#include <comcat.h>
// Helper function to create a component category and associated description
HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription);
// Helper function to register a CLSID as belonging to a component category
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid);
// Helper function to unregister a CLSID as belonging to a component category
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid);
#endif // __CATHELP_H__
Cathelp.cpp文件:
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
// ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
// PARTICULAR PURPOSE.
//
#include "stdafx.h"
#include <comcat.h>
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#ifdef L_USE_COMCAT
// Helper function to create a component category and associated description
HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (FAILED(hr))
return hr;
// Make sure the HKCR\Component Categories\{..catid...}
// key is registered
CATEGORYINFO catinfo;
catinfo.catid = catid;
catinfo.lcid = 0x0409 ; // english
// Make sure the provided description is not too long.
// Only copy the first 127 characters if it is
int len = wcslen(catDescription);
if (len>127)
len = 127;
wcsncpy(catinfo.szDescription, catDescription, len);
// Make sure the description is null terminated
catinfo.szDescription[len] = '\0';
hr = pcr->RegisterCategories(1, &catinfo);
pcr->Release();
return hr;
}
// Helper function to register a CLSID as belonging to a component category
HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
// Register your component categories information.
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Register this category as being "implemented" by
// the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
// Helper function to unregister a CLSID as belonging to a component category
HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid)
{
ICatRegister* pcr = NULL ;
HRESULT hr = S_OK ;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr);
if (SUCCEEDED(hr))
{
// Unregister this category as being "implemented" by
// the class.
CATID rgcatid[1] ;
rgcatid[0] = catid;
hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid);
}
if (pcr != NULL)
pcr->Release();
return hr;
}
#endif // L_USE_COMCAT
在Circle.cpp中加入头文件包含:
#include "CatHelp.h"
在Circle.cpp中找到DllRegisterServer函数将函数修改为:
STDAPI DllRegisterServer(void)
{
HRESULT hr = NOERROR;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE))
return ResultFromScode(SELFREG_E_CLASS);
#ifdef L_USE_COMCAT
hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls that are safely scriptable");
if (FAILED(hr))
{
OutputDebugString(_T("Failed to create component category (scriptable)!\n"));
}
hr = CreateComponentCategory(CATID_SafeForInitializing, L"Controls safely initializable from persistent data");
if (FAILED(hr))
{
OutputDebugString(_T("Failed to create component category (persistence)!\n"));
}
hr = RegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForScripting);
if (FAILED(hr))
{
OutputDebugString(_T("Failed to register control as safe for scripting!\n"));
}
hr = RegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForInitializing);
if (FAILED(hr))
{
OutputDebugString(_T("Failed to register control as safe for initializing!\n"));
}
#endif // L_USE_COMCAT
return hr;
}
在Circle.cpp中找到DllUnregisterServer函数将函数修改为:
STDAPI DllUnregisterServer(void)
{
AFX_MANAGE_STATE(_afxModuleAddrThis);
if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
#ifdef L_USE_COMCAT
// This removes the Implemented Categories from the control's registration.
// Only need to unregister them if registered above.
// WARNING: Unregister the control before removing the L_USE_COMCAT definition.
HRESULT hr = NOERROR;
hr = UnRegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForScripting);
hr = UnRegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForInitializing);
#endif // L_USE_COMCAT
return NOERROR;
}
好了,到这里修改该控件的 DllRegisterServer 函数来标记该控件在注册表中"安全"步骤已经完成。
4、 最后特别注意编译时应设置预定义L_USE_COMCAT,L_IMPL_OBJECTSAFETY 否则一切上述工作都没有起到作用。
5、 重新编译整个工程。(Rebuild ALL),打开浏览器输入http://127.0.0.1/Circle.html 期待的“圆形”出来了。ActiveX控件发布成功。
6、 当然,如果需要在别人电脑上发布你的控件,常规做法你还要申请证书给你的ActiveX控件进行数字签名等。虽说为了安全,但由此可见ActiveX的发布过程确实繁杂。不知道有没有更简单得方法?有知道的大虾希望能说说实现的方法,我是一个初学者,搞这篇东西花了两个通宵在MSDN、CSDN网络上查资料,不管质量如何,希望大家多多支持哈!~~。
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
