Overview
This article describes how to implement the IObjectSafety interface of the control in VB, to mark the control is safe and initialized. The default processing of the VB control is to identify its security in the registry class class in the registry, but the IObjectsafety interface is a better way. This speech includes all code required in the implementation process.
Please note that the control is only confirmed to be safe, and it can be identified as "safe". This article does not focus on how to ensure the security of the control, please refer to the related document in Internet Client Software Development Kit (SDK) "Safe Initialization and Scripting For ActiveX Controls", which is in the Component Development section.
Related Information:
Now starting a step-by-step way to illustrate how to create a simple VB control, and how to identify it as script security and initialization.
First create a folder to store the files generated in this case.
Get the production tool for the OLE automation class library from the VB CD-ROM. All contents in the VB installation CD / COMMON / Tools / VB / Unsupprt / Typlib / Directory are copied to the new project folder in front.
Copy the following content to "Notepad", then save to the folder above, the file name is objsafe.odl:
[
UUID (C67830E0-D11D-11CF-BD80-00AA00575603),
Helpstring ("VB IOBJECTSAFETY INTERFACE",
Version (1.0)
]
Library IOBJECTSAFETYTLB
{
Importlib ("stdole2.tlb");
[
UUID (CB5BDC81-93C1-11CF-8F20-00805F2CD064),
Helpstring ("IOBJECTSAFETY Interface",
ODL
]
Interface IObjectsafety: IUNKNOWN {
[Helpstring ("GetInterfacesafetyOptions")]]]]]
HRESULT GetInchfacesafetyOptions
LONG RIID,
[in] long * pdwsupportedOptions,
[in] long * pdwenabledoptions;
[Helpstring ("SETINTERFACESAFETYOPTIONS"]]]]
HRESULT SETINTERFACESAFETYOPTIONS (
LONG RIID,
[in] long dwoptionssetmask,
"inn] long dwenabledoptions;
}
}
Switch to the project folder under the command line prompt, enter the following command to create a .tlb file:
Mktyplib Objsafe.odl / TLB Objsafe.tlb
Create an ActiveX Control project in VB. Modify the properties, name the item to IObjsafety, and the control is named DemoctL. Place a button on the control, name CMDTEST, add a code MSGBox "Test" in its Click event.
Open the menu "Engineen -> Reference", click "Browse", find the Objsafe.TLB just established and add it to the reference.
Add a new Module named Bassafectl and add the following code:
Option expedition
Public const same iid_idispatch = "{00020400-0000-0000-c000-000000000046}" public const same IID_IPERSISTORAGE = _
"{0000010A-0000-0000-C000-000000000046}"
Public const same IID_IPERSISTSTREAM = _
"{00000109-0000-0000-C000-000000000046}"
Public const same iid_ipeistpropertybag = _
"{37D84F60-42CB-11CE-8135-00Aa004BB851}"
Public const interfacesafe_for_untrusted_caller = & h1
Public const interfacesafe_for_Untrusted_data = & h2
Public const e_nointerface = & h80004002
Public const e_fail = & h80004005
Public const Max_guidlen = 40
Public Declare Sub CopyMemory LIB "kernel32" Alias "RTLMOVEMEMORY" _
(pdest as any, psource as any, byval bytelen as ring)
Public Declare Function StringFromGUID2 LIB "Ole32.dll" (RGUID AS _
ANY, BYVAL LPSTRCLSID AS Long, Byval CBMAX AS INTEGER AS Long
Public Type Udtguid
Data1 As Long
Data2 as integer
Data3 AS Integer
Data4 (7) as Byte
End Type
Public m_fsafeforscripting as boolean
Public m_fsafeforinitializing as boolean
Sub main ()
m_fsafeforscripting = true
m_fsafeforinitializing = true
End Sub
Make the start object to Sub Main in the engineering property to ensure that the code described above will be executed. M_FSAFEFORScripting and m_fsafeForInitializing two variables The values of the two variables specify the script security and initialization security.
Turn on the control code window, add the following code (if there is an Option Expllicit statement, of course, the code is to be subsequently):
Implements IOBJECTSAFETY
Copy the following two process code to the control code:
Private sub objectsafety_getinterfacesafetyOptions (byval riid as _
Long, PDWSupportedOptions as long, PDWENABLEDOPTIONS As long
DIM RC As Long
DIM RCLSID AS UDTGUID
DIM IID AS STRING
DIM BIID () AS BYTE
PDWSupportedOptions = interfacesafe_for_untrusted_caller or _
Interfacesafe_for_untrusted_data
IF (RIID <> 0) THEN
CopyMemory Rclsid, ByVal Riid, Len (Rclsid) BIID = String $ (Max_guidlen, 0)
RC = StringFromGuid2 (rclsid, varptr (biid (0)), max_guidlen
Rc = INSTR (1, BIID, VBNULLCHAR) - 1
IID = Left $ (Ucase (BIID), RC)
Select Case IID
Case IID_IDISPATCH
PDWENABLEDOPTION = IIF (m_fsafeforscripting, _
InterfaceSafe_for_Untrusted_caller, 0)
EXIT SUB
Case IID_IPERSISTRER, IID_IPERSISTSTREAM, _
IID_IPERSISTPROPERTYBAG
PDWENABLEDOPTION = IIF (m_fsafeforinitializing, _
InterfaceSafe_for_Untrusted_data, 0)
EXIT SUB
Case Else
Err.raise e_nointerface
EXIT SUB
End SELECT
END IF
End Sub
Private sub iObjectsafety_setInterfacesafetyOptions (byval riid as _
Long, byval dwoptionssetmask as long, ByVal DwenableDOptions as long
DIM RC As Long
DIM RCLSID AS UDTGUID
DIM IID AS STRING
DIM BIID () AS BYTE
IF (RIID <> 0) THEN
CopyMemory Rclsid, ByVal Riid, Len (RCLSID)
BIID = String $ (max_guidlen, 0)
RC = StringFromGuid2 (rclsid, varptr (biid (0)), max_guidlen
Rc = INSTR (1, BIID, VBNULLCHAR) - 1
IID = Left $ (Ucase (BIID), RC)
Select Case IID
Case IID_IDISPATCH
IF ((DwenableDOptions and dwoptionssetmask) <> _
Interfacesafe_for_untrusted_caller) THEN
Err.raise E_FAIL
EXIT SUB
Else
IF not m_fsafeforscripting the
Err.raise E_FAIL
END IF
EXIT SUB
END IF
Case IID_IPERSISTRER, IID_IPERSISTSTREAM, _
IID_IPERSISTPROPERTYBAG
IF ((DwenableDOptions and dwoptionssetmask) <> _
Interfacesafe_for_untrusted_data) THEN
Err.raise E_FAIL
EXIT SUB
Else
IF not m_fsafeforinitializing the
Err.raise E_FAIL
END IF
EXIT SUB
END IF
Case Else
Err.raise e_nointerface
EXIT SUB
End SELECT
END IF
End Sub
