diff --git a/dlls/mshtml/htmldoc.c b/dlls/mshtml/htmldoc.c
index 836f1aee4b3..5dfc4dbfb4b 100644
--- a/dlls/mshtml/htmldoc.c
+++ b/dlls/mshtml/htmldoc.c
@@ -1765,6 +1765,8 @@ static void HTMLDocumentNode_destructor(HTMLDOMNode *iface)
if(This->nsevent_listener)
release_nsevents(This);
+ if(This->catmgr)
+ ICatInformation_Release(This->catmgr);
if(This->secmgr)
IInternetSecurityManager_Release(This->secmgr);
diff --git a/dlls/mshtml/mshtml_private.h b/dlls/mshtml/mshtml_private.h
index cc0410648ac..ce13b487574 100644
--- a/dlls/mshtml/mshtml_private.h
+++ b/dlls/mshtml/mshtml_private.h
@@ -18,6 +18,7 @@
#include "wingdi.h"
#include "docobj.h"
+#include "comcat.h"
#include "mshtml.h"
#include "mshtmhst.h"
#include "hlink.h"
@@ -503,6 +504,7 @@ struct HTMLDocumentNode {
BOOL content_ready;
IInternetSecurityManager *secmgr;
+ ICatInformation *catmgr;
nsDocumentEventListener *nsevent_listener;
BOOL *event_vector;
diff --git a/dlls/mshtml/secmgr.c b/dlls/mshtml/secmgr.c
index 8938943fb56..e35a83b5c29 100644
--- a/dlls/mshtml/secmgr.c
+++ b/dlls/mshtml/secmgr.c
@@ -84,7 +84,7 @@ static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHost
pContext, cbContext, dwFlags, dwReserved);
}
-static DWORD confirm_safety(HTMLDocumentNode *This, const WCHAR *url, IUnknown *obj)
+static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct CONFIRMSAFETY *cs, DWORD *ret)
{
DWORD policy, enabled_opts, supported_opts;
IObjectSafety *obj_safety;
@@ -94,12 +94,29 @@ static DWORD confirm_safety(HTMLDocumentNode *This, const WCHAR *url, IUnknown *
hres = IInternetSecurityManager_ProcessUrlAction(This->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
(BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
- if(FAILED(hres) || policy != URLPOLICY_ALLOW)
- return URLPOLICY_DISALLOW;
+ if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
+ *ret = URLPOLICY_DISALLOW;
+ return S_OK;
+ }
- hres = IUnknown_QueryInterface(obj, &IID_IObjectSafety, (void**)&obj_safety);
- if(FAILED(hres))
- return URLPOLICY_DISALLOW;
+ hres = IUnknown_QueryInterface(cs->pUnk, &IID_IObjectSafety, (void**)&obj_safety);
+ if(FAILED(hres)) {
+ CATID scripting_catid = CATID_SafeForScripting;
+
+ if(!This->catmgr) {
+ hres = CoCreateInstance(&CLSID_StdComponentCategoriesMgr, NULL, CLSCTX_INPROC_SERVER,
+ &IID_ICatInformation, (void**)&This->catmgr);
+ if(FAILED(hres))
+ return hres;
+ }
+
+ hres = ICatInformation_IsClassOfCategories(This->catmgr, &cs->clsid, 1, &scripting_catid, 0, NULL);
+ if(FAILED(hres))
+ return hres;
+
+ *ret = hres == S_OK ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
+ return S_OK;
+ }
hres = IObjectSafety_GetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, &supported_opts, &enabled_opts);
if(SUCCEEDED(hres)) {
@@ -109,10 +126,9 @@ static DWORD confirm_safety(HTMLDocumentNode *This, const WCHAR *url, IUnknown *
hres = IObjectSafety_SetInterfaceSafetyOptions(obj_safety, &IID_IDispatchEx, enabled_opts, enabled_opts);
}
IObjectSafety_Release(obj_safety);
- if(FAILED(hres))
- return URLPOLICY_DISALLOW;
- return URLPOLICY_ALLOW;
+ *ret = SUCCEEDED(hres) ? URLPOLICY_ALLOW : URLPOLICY_DISALLOW;
+ return S_OK;
}
static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHostSecurityManager *iface, REFGUID guidKey,
@@ -149,7 +165,9 @@ static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHos
return E_FAIL;
}
- policy = confirm_safety(This, url, cs->pUnk);
+ hres = confirm_safety(This, url, cs, &policy);
+ if(FAILED(hres))
+ return hres;
*ppPolicy = CoTaskMemAlloc(sizeof(policy));
if(!*ppPolicy)
diff --git a/dlls/mshtml/tests/script.c b/dlls/mshtml/tests/script.c
index 8daa9bcb3fe..c5cc72fc8c2 100644
--- a/dlls/mshtml/tests/script.c
+++ b/dlls/mshtml/tests/script.c
@@ -121,6 +121,7 @@ DEFINE_EXPECT(AXGetInterfaceSafetyOptions);
DEFINE_EXPECT(AXSetInterfaceSafetyOptions);
#define TESTSCRIPT_CLSID "{178fc163-f585-4e24-9c13-4bb7faf80746}"
+#define TESTACTIVEX_CLSID "{178fc163-f585-4e24-9c13-4bb7faf80646}"
#define DISPID_SCRIPT_TESTPROP 0x100000
@@ -133,6 +134,7 @@ static IHTMLDocument2 *notif_doc;
static IDispatchEx *window_dispex;
static BOOL doc_complete;
static IDispatch *script_disp;
+static BOOL ax_objsafe;
static const char *debugstr_guid(REFIID riid)
{
@@ -165,6 +167,28 @@ static BSTR a2bstr(const char *str)
return ret;
}
+static BOOL init_key(const char *key_name, const char *def_value, BOOL init)
+{
+ HKEY hkey;
+ DWORD res;
+
+ if(!init) {
+ RegDeleteKey(HKEY_CLASSES_ROOT, key_name);
+ return TRUE;
+ }
+
+ res = RegCreateKeyA(HKEY_CLASSES_ROOT, key_name, &hkey);
+ if(res != ERROR_SUCCESS)
+ return FALSE;
+
+ if(def_value)
+ res = RegSetValueA(hkey, NULL, REG_SZ, def_value, strlen(def_value));
+
+ RegCloseKey(hkey);
+
+ return res == ERROR_SUCCESS;
+}
+
static HRESULT WINAPI PropertyNotifySink_QueryInterface(IPropertyNotifySink *iface,
REFIID riid, void**ppv)
{
@@ -599,6 +623,8 @@ static HRESULT WINAPI AXObjectSafety_QueryInterface(IObjectSafety *iface, REFIID
if(IsEqualGUID(&IID_IObjectSafety, riid)) {
CHECK_EXPECT(AXQueryInterface_IObjectSafety);
+ if(!ax_objsafe)
+ return E_NOINTERFACE;
*ppv = iface;
return S_OK;
}
@@ -647,6 +673,12 @@ static const IObjectSafetyVtbl AXObjectSafetyVtbl = {
static IObjectSafety AXObjectSafety = { &AXObjectSafetyVtbl };
+static BOOL set_safe_reg(BOOL init)
+{
+ return init_key("CLSID\\"TESTACTIVEX_CLSID"\\Implemented Categories\\{7dd95801-9882-11cf-9fa9-00aa006c42c4}",
+ NULL, init);
+}
+
static void test_security(void)
{
IInternetHostSecurityManager *sec_mgr;
@@ -673,6 +705,7 @@ static void test_security(void)
cs.pUnk = (IUnknown*)&AXObjectSafety;
cs.dwFlags = 0;
+ ax_objsafe = TRUE;
SET_EXPECT(AXQueryInterface_IActiveScript);
SET_EXPECT(AXQueryInterface_IObjectSafety);
SET_EXPECT(AXGetInterfaceSafetyOptions);
@@ -689,6 +722,55 @@ static void test_security(void)
ok(*(DWORD*)ppolicy == URLPOLICY_ALLOW, "policy = %x\n", *(DWORD*)ppolicy);
CoTaskMemFree(ppolicy);
+ ax_objsafe = FALSE;
+ SET_EXPECT(AXQueryInterface_IActiveScript);
+ SET_EXPECT(AXQueryInterface_IObjectSafety);
+ hres = IInternetHostSecurityManager_QueryCustomPolicy(sec_mgr, &GUID_CUSTOM_CONFIRMOBJECTSAFETY,
+ &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
+ CHECK_CALLED(AXQueryInterface_IActiveScript);
+ CHECK_CALLED(AXQueryInterface_IObjectSafety);
+
+ ok(hres == S_OK, "QueryCusromPolicy failed: %08x\n", hres);
+ ok(policy_size == sizeof(DWORD), "policy_size = %d\n", policy_size);
+ ok(*(DWORD*)ppolicy == URLPOLICY_DISALLOW, "policy = %x\n", *(DWORD*)ppolicy);
+ CoTaskMemFree(ppolicy);
+
+ if(set_safe_reg(TRUE)) {
+ ax_objsafe = FALSE;
+ SET_EXPECT(AXQueryInterface_IActiveScript);
+ SET_EXPECT(AXQueryInterface_IObjectSafety);
+ hres = IInternetHostSecurityManager_QueryCustomPolicy(sec_mgr, &GUID_CUSTOM_CONFIRMOBJECTSAFETY,
+ &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
+ CHECK_CALLED(AXQueryInterface_IActiveScript);
+ CHECK_CALLED(AXQueryInterface_IObjectSafety);
+
+ ok(hres == S_OK, "QueryCusromPolicy failed: %08x\n", hres);
+ ok(policy_size == sizeof(DWORD), "policy_size = %d\n", policy_size);
+ ok(*(DWORD*)ppolicy == URLPOLICY_ALLOW, "policy = %x\n", *(DWORD*)ppolicy);
+ CoTaskMemFree(ppolicy);
+
+ ax_objsafe = TRUE;
+ SET_EXPECT(AXQueryInterface_IActiveScript);
+ SET_EXPECT(AXQueryInterface_IObjectSafety);
+ SET_EXPECT(AXGetInterfaceSafetyOptions);
+ SET_EXPECT(AXSetInterfaceSafetyOptions);
+ hres = IInternetHostSecurityManager_QueryCustomPolicy(sec_mgr, &GUID_CUSTOM_CONFIRMOBJECTSAFETY,
+ &ppolicy, &policy_size, (BYTE*)&cs, sizeof(cs), 0);
+ CHECK_CALLED(AXQueryInterface_IActiveScript);
+ CHECK_CALLED(AXQueryInterface_IObjectSafety);
+ CHECK_CALLED(AXGetInterfaceSafetyOptions);
+ CHECK_CALLED(AXSetInterfaceSafetyOptions);
+
+ ok(hres == S_OK, "QueryCusromPolicy failed: %08x\n", hres);
+ ok(policy_size == sizeof(DWORD), "policy_size = %d\n", policy_size);
+ ok(*(DWORD*)ppolicy == URLPOLICY_ALLOW, "policy = %x\n", *(DWORD*)ppolicy);
+ CoTaskMemFree(ppolicy);
+
+ set_safe_reg(FALSE);
+ }else {
+ skip("Could not set safety registry\n");
+ }
+
IInternetHostSecurityManager_Release(sec_mgr);
}
@@ -1510,28 +1592,6 @@ static void test_simple_script(void)
CHECK_CALLED(Close);
}
-static BOOL init_key(const char *key_name, const char *def_value, BOOL init)
-{
- HKEY hkey;
- DWORD res;
-
- if(!init) {
- RegDeleteKey(HKEY_CLASSES_ROOT, key_name);
- return TRUE;
- }
-
- res = RegCreateKeyA(HKEY_CLASSES_ROOT, key_name, &hkey);
- if(res != ERROR_SUCCESS)
- return FALSE;
-
- if(def_value)
- res = RegSetValueA(hkey, NULL, REG_SZ, def_value, strlen(def_value));
-
- RegCloseKey(hkey);
-
- return res == ERROR_SUCCESS;
-}
-
static BOOL init_registry(BOOL init)
{
return init_key("TestScript\\CLSID", TESTSCRIPT_CLSID, init)