IInternetSecurityManager::MapUrlToZone method
Gets the zone index for the specified URL.
Syntax
HRESULT MapUrlToZone( [in] LPCWSTR pwszUrl, [out] DWORD *pdwZone, [in] DWORD dwFlags );
Parameters
- pwszUrl [in]
-
A string value that contains the URL. Compare to MapUrlToZoneEx2.
- pdwZone [out]
-
An unsigned long integer variable that receives the zone index.
- dwFlags [in]
-
An unsigned long integer value that specifies MapUrlToZone Flags to control the mapping.
Return value
Returns E_INVALIDARG if pdwZone is set to NULL or when the value specified in the pwszUrl parameter refers to a local file. Otherwise, S_OK is returned.
Remarks
Security Warning: Incorrect implementation of this method can compromise the security of your application. A custom implementation of IInternetSecurityManager::MapUrlToZone should return only zones for URLs that the default application cannot or should not handle. For all other URLs, this method should return INET_E_DEFAULT_ACTION. Attempting to duplicate the default implementation can result in the incorrect mapping of zones and might leave users susceptible to spoofing or elevation of privilege attacks. Review Security Considerations: URL Security Zones API before you contine.
Examples
The following example instantiates the default security manager to determine the correct zone for the input URL, szUrl.
const char *rgZoneNames[] = { "Local", "Intranet", "Trusted", "Internet", "Restricted" }; IInternetSecurityManager* pInetSecMgr; HRESULT hr = CoCreateInstance(CLSID_InternetSecurityManager, NULL, CLSCTX_ALL, IID_IInternetSecurityManager, (void **)&pInetSecMgr); if (SUCCEEDED(hr)) { DWORD dwZone; hr = spInetSecMgr->MapUrlToZone(szUrl, &dwZone, 0); if (hr == S_OK) { if (dwZone < 5) printf("ZONE: %s (%d)\n", rgZoneNames[dwZone], dwZone); else printf("ZONE: Unknown (%d)\n", dwZone); } else printf("ZONE: Error %08x\n", hr); pInetSecMgr->Release(); }
Requirements
|
Minimum supported client |
Windows XP |
|---|---|
|
Minimum supported server |
Windows 2000 Server |
|
DLL |
|
See also