1. 技术文章
  2. An activex control on this page might be unsafe

An activex control on this page might be unsafe

佐手、 提交于 2019-12-08 16:49:35

问题


I created a com component in C#, which I registered by using Regasm. I am able now to use this in IE by using ActiveXObject(...). However this only works when I change my IE security settings and allow to run unsigned activex controls, in which case I get the message:

An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?

I always want IE to allow this interaction without the prompt. Does anybody know how this can be done?

Thanks


回答1:


Your ActiveX control must implement the IObjectSafety interface in order for IE to stop showing the "unsafe?" prompt. I did this several years ago for a VB6 ActiveX control. In the 5th step of This page is shown how to do it in .Net.




回答2:


I have already faced this problem.After long walk i have solved this problem.In your activeX class simply inherit IObjectSafety class.See the image bellow :

IObjectSafety Class given bellow:

 [ComImport, GuidAttribute("CB5BDC81-93C1-11CF-8F20-00805F2CD064")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IObjectSafety
{
    [PreserveSig]
    int GetInterfaceSafetyOptions(ref Guid riid,[MarshalAs(UnmanagedType.U4)] ref int pdwSupportedOptions,[MarshalAs(UnmanagedType.U4)] ref int pdwEnabledOptions);

    [PreserveSig()]
    int SetInterfaceSafetyOptions(ref Guid riid,[MarshalAs(UnmanagedType.U4)] int dwOptionSetMask,[MarshalAs(UnmanagedType.U4)] int dwEnabledOptions);
}
public class IObjectSafetyImpl : IObjectSafety
 {
     private const string _IID_IDispatch = "{00020400-0000-0000-C000-000000000046}";
     private const string _IID_IDispatchEx = "{a6ef9860-c720-11d0-9337-00a0c90dcaa9}";
     private const string _IID_IPersistStorage = "{0000010A-0000-0000-C000-000000000046}";
     private const string _IID_IPersistStream = "{00000109-0000-0000-C000-000000000046}";
     private const string _IID_IPersistPropertyBag = "{37D84F60-42CB-11CE-8135-00AA004BB851}";

     private const int INTERFACESAFE_FOR_UNTRUSTED_CALLER = 0x00000001;
     private const int INTERFACESAFE_FOR_UNTRUSTED_DATA = 0x00000002;
     private const int _OK = 0;
     private const int _FAIL = unchecked((int)0x80004005);
     private const int _NOINTERFACE = unchecked((int)0x80004002);

     private bool _fSafeForScripting = true;
     private bool _fSafeForInitializing = true;

     public int GetInterfaceSafetyOptions(ref Guid riid, ref int pdwSupportedOptions, ref int pdwEnabledOptions)
     {
         int Result = _FAIL;

         string strGUID = riid.ToString("B");
         pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
         switch (strGUID)
         {
             case _IID_IDispatch:
             case _IID_IDispatchEx:
                 Result = _OK;
                 pdwEnabledOptions = 0;
                 if (_fSafeForScripting == true)
                     pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
                 break;
             case _IID_IPersistStorage:
             case _IID_IPersistStream:
             case _IID_IPersistPropertyBag:
                 Result = _OK;
                 pdwEnabledOptions = 0;
                 if (_fSafeForInitializing == true)
                     pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
                 break;
             default:
                 Result = _NOINTERFACE;
                 break;
         }

         return Result;
     }

     public int SetInterfaceSafetyOptions(ref Guid riid, int dwOptionSetMask, int dwEnabledOptions)
     {
         int Result = _FAIL;

         string strGUID = riid.ToString("B");
         switch (strGUID)
         {
             case _IID_IDispatch:
             case _IID_IDispatchEx:
                 if (((dwEnabledOptions & dwOptionSetMask) == INTERFACESAFE_FOR_UNTRUSTED_CALLER) &&
                      (_fSafeForScripting == true))
                     Result = _OK;
                 break;
             case _IID_IPersistStorage:
             case _IID_IPersistStream:
             case _IID_IPersistPropertyBag:
                 if (((dwEnabledOptions & dwOptionSetMask) == INTERFACESAFE_FOR_UNTRUSTED_DATA) &&
                      (_fSafeForInitializing == true))
                     Result = _OK;
                 break;
             default:
                 Result = _NOINTERFACE;
                 break;
         }

         return Result;
     }
 }



回答3:


You can create a .reg file to modify the registry key like this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] "1201"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] "1201"=dword:00000000




回答4:


  1. Start -> Run -> regedit
  2. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVer sion\Internet Settings\Zones\0
  3. Doubleclick 1201 and change the value to 0 (it was probably 1)
  4. Close Registry Editor



回答5:


I think you can just set the sites trust level to full.

Tools->Internet Options->Security->Trusted Sites->Sites button




回答6:


As for signing the ActiveX see this article. However you will still have to allow the ActiveX (it'll just show you as the author). See Ryan's answer for how to allow the ActiveX for this site.



来源:https://stackoverflow.com/questions/894369/an-activex-control-on-this-page-might-be-unsafe

标签
activex
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!