Using a Custom Internet Security Manager with MSXML

 

This topic shows how to implement a custom Internet security manager in C++.

To Implement a Custom Internet Security Manager

To provide your security manager implementation to MSXML, set your site object on DOM document objects that you create.

1. Create one or more IXMLDomDocument objects. This sample instantiates only a single object.

   IXMLDOMDocument2 *pDOMDocument = NULL;  
   hr = CoCreateInstance(DOMCLSID, NULL, CLSCTX_INPROC,   
        IID_IXMLDOMDocument2, (LPVOID *)&pDOMDocument);  
   if (FAILED(hr))  
   {  
       // Perform error handling...  
   }  
   

2. Create an instance of the class that implements the security manager interfaces. In this example, we create a CSiteImpl type. Provide secureBaseURL as a parameter to the constructor of the CSiteImpl type:

   CSiteImpl * pSite = new CSiteImpl(secureBaseURL);  
   

3. Set the action map for the pSite object. The ACTIONMAP structure contains a lookup table that represents security policies. Each entry in the table represents one policy for a specific URL security zone:

   ACTIONMAP actionMap[] =  
   {  
       ACTIONMAP(URLZONE_INTERNET, URLACTION_CROSS_DOMAIN_DATA, URLPOLICY_ALLOW),  
   };  
   int nActionMapCount = sizeof(actionMap) / sizeof(ACTIONMAP);  
   pSite->SetActionMap(pActionMap, nActionMapCount);   
   

4. Set the zone map for the pSite object. In this example, we set ZONEMAP* pZoneMap to NULL and int nZoneMapCount to 0.

   pSite->SetZoneMap(pZoneMap, nZoneMapCount);  
   

5. To make your IXMLDomDocument object safe, you have to mark it as safe and set the site object on it. The following code demonstrates how to mark your IXMLDomDocument object as safe:

   IObjectSafetyPtr pObjectSafety(pDOMDocument);  
   if (pObjectSafety != NULL)  
   {  
       DWORD dwSafetyOpt = INTERFACESAFE_FOR_UNTRUSTED_CALLER |  
            INTERFACESAFE_FOR_UNTRUSTED_DATA;  
       hr = pObjectSafety->SetInterfaceSafetyOptions(IID_IUnknown,   
           dwSafetyOpt, dwSafetyOpt);  
       if(FAILED(hr))  
       {  
           return hr;  
       }  
   }  
   

6. Set the site object on your IXMLDomDocument object:

   IObjectWithSitePtr pObjectWithSite(pDOMDocument);  
   if (pObjectWithSite != NULL)  
   {  
       hr = pObjectWithSite->SetSite(pSite);  
       if (FAILED(hr))  
       {  
           return hr;  
       }  
   }  
   

See Also

Creating a Custom Internet Security Manager for MSXML 6.0
Custom Internet Security Manager Examples