WinInet Security (Windows CE 5.0)

Send Feedback

Microsoft® Windows® CE supports Transport Layer Security (TLS) 1.0, Secure Sockets Layer (SSL) versions 2.0 and 3.0, and Server Gated Cryptography (SGC) security protocols. These protocols are available through WinInet or directly from Winsock. The simplest approach to using the security protocols is to use WinInet.

To access security protocols with WinInet

  1. Call InternetOpen to get an Internet handle.
  2. Connect with InternetConnect, using INTERNET_DEFAULT_HTTPS_PORT as the nServerPort parameter.
  3. For HTTPS, invoke HttpOpenRequest with the INTERNET_FLAG_SECURE flag set.
  4. Proceed with the remainder of the session.

Authentication is sometimes required before accessing resources on the Internet. Windows CE supports functions for HTTP session server and proxy authentication. Authentication for FTP servers must be handled by the InternetConnect function. For more information, see HTTP Authentication.

Best Practices

Always determine the size of the content to download

Downloading large files may generate an out of memory error on your device. Before you download a file, you must use the HttpQueryInfo function to determine the content size. Call this function and pass the HTTP_QUERY_CONTENT_LENGTH flag in the dwInfoLevel parameter. HttpQueryInfo can be called directly or through URL Moniker Services by using the IWinInetHttpInfo interface.

Disable username and password in the URL

Username and password in the URL string are disabled by default. To help protect the device from malicious attacks, do not enable this functionality by configuring the registry. For more information about the registry value that controls this behavior, see WinInet Registry Settings.

Default Registry Settings

Some of the registry settings for WinInet may have security implications. The registry settings documentation contains Security Note entries with information about security issues.

For registry information, see WinInet Registry Settings.

Ports

The following table shows the ports that WinInet uses by default. A user can also specify a port in a URL, using the format <protocol>://<host>:<port-number>[<path>]. If the specified port is available at the server, it is used in place of the default.

Protocol Default Port Number
FTP 21
HTTP 80
HTTPS 443
SOCKS (firewall servers) 1080

For more information about Windows CE security services, see Enhancing the Security of a Device.

See Also

Windows Internet Services (WinInet) | Internet Explorer 6 Security

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.