开发安全标记的MFC ActiveX 控件及在IIS网页中使用和发布.docx

1、开发安全标记的MFC ActiveX 控件及在IIS网页中使用和发布 问题引入： 在VC6.0使用MFC ActiveX ControlWizard开发ActiveX控件时，默认情况下 MFC ActiveX 控件未标记为安全的脚本和初始化的安全。所以导致在控件在IIS中发布时，造成可以加载但是不能正常构造和初始化(即在网页中调用时显示一个红色叉，但其实通过调试发现控件实际是加载了的)。这个问题得解决涉及两方面的问题即1、实现 IObjectSafety 接口的控件使得在 Internet 浏览器的上下文中运行“安全”。2、修改该控件的 DllRegisterServer 函数来标记该控件

2、在注册表中"安全"。 本文将以一个CCircleCtrl控件实例来说明实现方法，下面分别说明具体实现方法。 1、 生成默认ActiveX控件及控件的调试（老鸟跳过）。 新建工程选择类型选择MFC ActiveX ContronWizard 在Project name中输入”Circle”点击”OK”，其余均按默认完成向导。 将工程编译、连接后，你就已经实现了一个ActiveX控件，并且已经注册到你的计算机。你可以通过在注册表的中找到HKEY_CLASSES_ROOT\CIRCLE.CircleCtrl.1，CLSID中得默认值就是Circle控件的注册号（唯一标志ID），形如04D

3、9986E-E2D7-4827-A8F6-BFE003E64D54但是注意不同计算机生成的这个值是不一样的，下面使用这个值时请将它替换为你的注册号。 调试：ActiveX可以使用ActiveX Control Test Container和浏览器来或其他使用此控件的应用程序来调试。如下图： (1)使用ActiveX Control Test Container调试： F5，在ActiveX Control Test Container启动后，右键选择“插入新控件”，选择我们刚刚生成的控件Circle Control。插入后你将看到一个显示了圆形的控件。控件运行成功。 (2)使用浏览

4、器调试： 新建记事本写入如下代码：（注意clsid用你自己的）

5、owser ；F5 (因为已经注册了控件你也可以直接点击这个.html文件查看效果)在地址栏中输入以上html文件的路径，并允许阻止内容。预料中的“圆形”也如期而至。但是把Circle.html拷贝至IIS根目录，在浏览器中输入http://127.0.0.1/Circle.html ，按理说我们的计算机已经注册了这个控件，应该显示出“圆形”但是结果却是出现了一个红色的叉。控件在网络发布的时候出现了问题。这就是浏览器阻止了非安全标记的ActiveX控件。要解决这个问题得实现下面的2、3步骤。（解决IIS的安装及配置和使用等网络上资源很多）。 2、 实现 IObjectSafety 接口的控件

6、 在CircleCtl.h加入 #ifdef L_IMPL_OBJECTSAFETY #include #endif// L_IMPL_OBJECTSAFETY 在CCircleCtrl类定义中的DECLARE_MESSAGE_MAP()语句后加入： public: #ifdef L_IMPL_OBJECTSAFETY BEGIN_INTERFACE_PART(ObjectSafety, IObjectSafety) STDMETHOD(GetInterfaceSafetyOptions)(REFIID riid, DWORD __RPC_FAR

7、 *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions); STDMETHOD(SetInterfaceSafetyOptions)(REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions); END_INTERFACE_PART(ObjectSafety) DECLARE_INTERFACE_MAP(); #endif // L_IMPL_OBJECTSAFETY 在CricleCtl.cpp文件中IMPLEMENT_DYNCREATE(CC

8、ircleCtrl, COleControl)语句后加入： #ifdef L_IMPL_OBJECTSAFETY BEGIN_INTERFACE_MAP(CCircleCtrl, COleControl) INTERFACE_PART(CCircleCtrl, IID_IObjectSafety, ObjectSafety) END_INTERFACE_MAP() #endif // L_IMPL_OBJECTSAFETY 在CricleCtl.cpp文件末尾加入： #ifdef L_IMPL_OBJECTSAFETY // Implementation of IObj

9、ectSafety STDMETHODIMP CCircleCtrl::XObjectSafety::GetInterfaceSafetyOptions( REFIID riid, DWORD __RPC_FAR *pdwSupportedOptions, DWORD __RPC_FAR *pdwEnabledOptions) { METHOD_PROLOGUE_EX(CCircleCtrl, ObjectSafety) if (!pdwSupportedOptions || !pdwEnabledOptions) { return E_P

10、OINTER; } *pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA; *pdwEnabledOptions = 0; if (NULL == pThis->GetInterface(&riid)) { // TRACE("Requested interface is not supported.\n"); return E_NOINTERFACE; } // What interface is being c

11、hecked out anyhow? OLECHAR szGUID[39]; int i = StringFromGUID2(riid, szGUID, 39); if (riid == IID_IDispatch) { // Client wants to know if object is safe for scripting *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER; return S_OK; } else if (riid == IID_IPersistPropertyB

12、ag || riid == IID_IPersistStreamInit || riid == IID_IPersistStorage || riid == IID_IPersistMemory) { // Those are the persistence interfaces COleControl derived controls support // as indicated in AFXCTL.H // Client wants to know if object is safe for initializing from per

13、sistent data *pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA; return S_OK; } else { // Find out what interface this is, and decide what options to enable // TRACE("We didn't account for the safety of this interface, and it's one we support...\n"); return E_NOINTERFACE; }

14、 } STDMETHODIMP CCircleCtrl::XObjectSafety::SetInterfaceSafetyOptions( REFIID riid, DWORD dwOptionSetMask, DWORD dwEnabledOptions) { METHOD_PROLOGUE_EX(CCircleCtrl, ObjectSafety) OLECHAR szGUID[39]; // What is this interface anyway? // We can do a quick lookup in the regist

15、ry under HKEY_CLASSES_ROOT\Interface int i = StringFromGUID2(riid, szGUID, 39); if (0 == dwOptionSetMask && 0 == dwEnabledOptions) { // the control certainly supports NO requests through the specified interface // so it's safe to return S_OK even if the interface isn't supported. re

16、turn S_OK; } // Do we support the specified interface? if (NULL == pThis->GetInterface(&riid)) { TRACE1("%s is not support.\n", szGUID); return E_FAIL; } if (riid == IID_IDispatch) { // TRACE("Client asking if it's safe to call through IDispatch.\n"); // TRACE("In other

17、 words, is the control safe for scripting?\n"); if (INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_CALLER == dwEnabledOptions) { return S_OK; } else { return E_FAIL; } } else if (riid == IID_IPersistPropertyBag || riid == IID_

18、IPersistStreamInit || riid == IID_IPersistStorage || riid == IID_IPersistMemory) { // TRACE("Client asking if it's safe to call through IPersist*.\n"); // TRACE("In other words, is the control safe for initializing from persistent data?\n"); if (INTERFACESAFE_FOR_UNTRUSTED_DATA

19、 dwOptionSetMask && INTERFACESAFE_FOR_UNTRUSTED_DATA == dwEnabledOptions) { return NOERROR; } else { return E_FAIL; } } else { TRACE1("We didn't account for the safety of %s, and it's one we support...\n", szGUID); return E_FAIL; } } STDMETHODIMP_(ULONG) CC

20、ircleCtrl::XObjectSafety::AddRef() { METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety) return (ULONG)pThis->ExternalAddRef(); } STDMETHODIMP_(ULONG) CCircleCtrl::XObjectSafety::Release() { METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety) return (ULONG)pThis->ExternalRelease(); } STDMETH

21、ODIMP CCircleCtrl::XObjectSafety::QueryInterface( REFIID iid, LPVOID* ppvObj) { METHOD_PROLOGUE_EX_(CCircleCtrl, ObjectSafety) return (HRESULT)pThis->ExternalQueryInterface(&iid, ppvObj); } #endif // L_IMPL_OBJECTSAFETY 好了，现在控件已经实现了IObjectSafety 接口。 3、 修改该控件的 DllRegisterServer 函数来标记

22、该控件在注册表中"安全"。 将以下两个文件复制保存并加入到当前工程中来： Cathelp.h文件： // THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF // ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO // THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A // PARTICULAR PURPOSE. // #ifndef __

23、CATHELP_H__ #define __CATHELP_H__ #include // Helper function to create a component category and associated description HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription); // Helper function to register a CLSID as belonging to a component category HRESULT Regi

24、sterCLSIDInCategory(REFCLSID clsid, CATID catid); // Helper function to unregister a CLSID as belonging to a component category HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid); #endif // __CATHELP_H__ Cathelp.cpp文件： // THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT

25、 WARRANTY OF // ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO // THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A // PARTICULAR PURPOSE. // #include "stdafx.h" #include #undef THIS_FILE static char THIS_FILE[] = __FILE__; #ifdef L_USE_COMCA

26、T // Helper function to create a component category and associated description HRESULT CreateComponentCategory(CATID catid, WCHAR* catDescription) { ICatRegister* pcr = NULL ; HRESULT hr = S_OK ; hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SE

27、RVER, IID_ICatRegister, (void**)&pcr); if (FAILED(hr)) return hr; // Make sure the HKCR\Component Categories\{..catid...} // key is registered CATEGORYINFO catinfo; catinfo.catid = catid; catinfo.lcid = 0x0409 ; // english // Make sure the provided description is

28、not too long. // Only copy the first 127 characters if it is int len = wcslen(catDescription); if (len>127) len = 127; wcsncpy(catinfo.szDescription, catDescription, len); // Make sure the description is null terminated catinfo.szDescription[len] = '\0'; hr = pcr->RegisterCa

29、tegories(1, &catinfo); pcr->Release(); return hr; } // Helper function to register a CLSID as belonging to a component category HRESULT RegisterCLSIDInCategory(REFCLSID clsid, CATID catid) { // Register your component categories information. ICatRegister* pcr = NULL ; HRESULT

30、hr = S_OK ; hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr); if (SUCCEEDED(hr)) { // Register this category as being "implemented" by // the class. CATID rgcatid[1] ; rgcatid[0] = c

31、atid; hr = pcr->RegisterClassImplCategories(clsid, 1, rgcatid); } if (pcr != NULL) pcr->Release(); return hr; } // Helper function to unregister a CLSID as belonging to a component category HRESULT UnRegisterCLSIDInCategory(REFCLSID clsid, CATID catid) {

32、 ICatRegister* pcr = NULL ; HRESULT hr = S_OK ; hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER, IID_ICatRegister, (void**)&pcr); if (SUCCEEDED(hr)) { // Unregister this category as being "implemented" by // the class.

33、 CATID rgcatid[1] ; rgcatid[0] = catid; hr = pcr->UnRegisterClassImplCategories(clsid, 1, rgcatid); } if (pcr != NULL) pcr->Release(); return hr; } #endif // L_USE_COMCAT 在Circle.cpp中加入头文件包含： #include "CatHelp.h" 在Circle.cpp中找到DllRegisterServer函数将函数

34、修改为： STDAPI DllRegisterServer(void) { HRESULT hr = NOERROR; AFX_MANAGE_STATE(_afxModuleAddrThis); if (!AfxOleRegisterTypeLib(AfxGetInstanceHandle(), _tlid)) return ResultFromScode(SELFREG_E_TYPELIB); if (!COleObjectFactoryEx::UpdateRegistryAll(TRUE)) return ResultFromScode(SELF

35、REG_E_CLASS); #ifdef L_USE_COMCAT hr = CreateComponentCategory(CATID_SafeForScripting, L"Controls that are safely scriptable"); if (FAILED(hr)) { OutputDebugString(_T("Failed to create component category (scriptable)!\n")); } hr = CreateComponentCategory(CATID_SafeForInitializing

36、 L"Controls safely initializable from persistent data"); if (FAILED(hr)) { OutputDebugString(_T("Failed to create component category (persistence)!\n")); } hr = RegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForScripting); if (FAILED(hr)) { OutputDebugString(_T("Failed to

37、 register control as safe for scripting!\n")); } hr = RegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForInitializing); if (FAILED(hr)) { OutputDebugString(_T("Failed to register control as safe for initializing!\n")); } #endif // L_USE_COMCAT return hr; } 在Circle.cpp中

38、找到DllUnregisterServer函数将函数修改为： STDAPI DllUnregisterServer(void) { AFX_MANAGE_STATE(_afxModuleAddrThis); if (!AfxOleUnregisterTypeLib(_tlid, _wVerMajor, _wVerMinor)) return ResultFromScode(SELFREG_E_TYPELIB); if (!COleObjectFactoryEx::UpdateRegistryAll(FALSE)) return ResultFromS

39、code(SELFREG_E_CLASS); #ifdef L_USE_COMCAT // This removes the Implemented Categories from the control's registration. // Only need to unregister them if registered above. // WARNING: Unregister the control before removing the L_USE_COMCAT definition. HRESULT hr = NOERROR; hr = UnRegis

40、terCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForScripting); hr = UnRegisterCLSIDInCategory(CCircleCtrl::guid, CATID_SafeForInitializing); #endif // L_USE_COMCAT return NOERROR; } 好了，到这里修改该控件的 DllRegisterServer 函数来标记该控件在注册表中"安全"步骤已经完成。 4、 最后特别注意编译时应设置预定义L_USE_COMCAT,L_IMPL_OBJECTSAFETY 否则一切上述工作都没有起到作用。 5、 重新编译整个工程。(Rebuild ALL),打开浏览器输入http://127.0.0.1/Circle.html 期待的“圆形”出来了。ActiveX控件发布成功。 6、 当然，如果需要在别人电脑上发布你的控件，常规做法你还要申请证书给你的ActiveX控件进行数字签名等。虽说为了安全，但由此可见ActiveX的发布过程确实繁杂。不知道有没有更简单得方法？有知道的大虾希望能说说实现的方法，我是一个初学者，搞这篇东西花了两个通宵在MSDN、CSDN网络上查资料，不管质量如何，希望大家多多支持哈！~~。