使用Webbrowser控件中的IInternetSecurityManager覆盖IE隐私设置

时间:2011-07-26 09:26:24

标签: c# browser

我需要在C#应用程序中为托管的WebBrowser控件创建自定义安全管理器。托管的WebBrowser控件应独立于IE安全和隐私设置。

问题:如果IE隐私设置设置为“高”,则依赖于cookie的网站在托管的WebBrowser控件中无法正常运行(如果隐私设置设置为“中”,则网站可以正常工作)。

托管WebBrowser控件的winform为GetSecurityId,MapUrlToZone和ProcessUrlAction提供了以下实现。 ProcessUrlAction由嵌入式浏览器调用,用于URL操作,如ACTIVEX_RUN,SCRIPT_RUN;但它没有被要求任何cookie相关的网址操作。

有没有办法为网页浏览器控件启用Cookie?或者下面的代码有问题吗?

private void InitBrowserSecurityData()
{
    securityID = new byte[MAX_SIZE_SECURITY_ID];

    securityID[0] = (byte)'f';
    securityID[1] = (byte)'i';
    securityID[2] = (byte)'l';
    securityID[3] = (byte)'e';
    securityID[4] = (byte)':';
    securityID[5] = 0;
    securityID[6] = 3;
    securityID[7] = 0;
    securityID[8] = 0;
    securityID[9] = 0;
}

//GetSecurityId
int IInternetSecurityManager.GetSecurityId(string pwszUrl, IntPtr pbSecurityId, ref uint pcbSecurityId, ref uint dwReserved)
{
    if (pcbSecurityId >= MAX_SIZE_SECURITY_ID)
    {
        Marshal.Copy(securityID, 0, pbSecurityId, MAX_SIZE_SECURITY_ID);
        pcbSecurityId = 9;
        return HResults.S_OK;
    }
    return (int)WinInetErrors.INET_E_DEFAULT_ACTION;
}

//MapUrlToZone
int IInternetSecurityManager.MapUrlToZone(string pwszUrl, out uint pdwZone, uint dwFlags)
{
    pdwZone = (uint)tagURLZONE.URLZONE_LOCAL_MACHINE;
    return HResults.S_OK;
}

//ProcessUrlAction
int IInternetSecurityManager.ProcessUrlAction(string pwszUrl, uint dwAction, IntPtr pPolicy, 
    uint cbPolicy, IntPtr pContext, uint cbContext, uint dwFlags, uint dwReserved)
{
    URLACTION action = (URLACTION)dwAction;

    bool hasUrlPolicy = (cbPolicy >= unchecked((uint)Marshal.SizeOf(typeof(int))));
    URLPOLICY urlPolicy = (hasUrlPolicy) ? (URLPOLICY)Marshal.ReadInt32(pPolicy) : URLPOLICY.ALLOW;

    bool hasContext = (cbContext >= unchecked((uint)Marshal.SizeOf(typeof(Guid))));
    Guid context = (hasContext) ? (Guid)Marshal.PtrToStructure(pContext, typeof(Guid)) : Guid.Empty;
    //all URL actions are allowed
    if (hasUrlPolicy)
    {
        urlPolicy = URLPOLICY.ALLOW;
        Marshal.WriteInt32(pPolicy, (int)urlPolicy);
        return HResults.S_OK;
    }
    return (int)WinInetErrors.INET_E_DEFAULT_ACTION;
}

我已经看过这些问题,但它们对我不起作用。

Security Level for WebBrowser control

Custom IInternetSecurityManager not being called with dialogs

overriding GetSecurityId in IInternetSecurityManager

1 个答案:

答案 0 :(得分:1)

似乎Internet Explorer没有将Cookie操作传递给IInternetSecurityManager。这就是在嵌入式浏览器控件中难以覆盖IE隐私设置的原因。一些聪明的人已经很久以前就已经认识到了这一点here