Zones
& Security
From EmbeddedWB you can access the default
Internert Security Manager and Internet Zone Manager
objects:
EmbeddedWB1.SecurityManager
EmbeddedWB1.ZoneManager
You can read more about Zones &
Security on MS-Site:
URL
Security Zones Overview
Here are a couple of suggestions for use:
1. You are adding a statusbar to
your webbrowser application and now you want to add
zone-information and zone-icon like on Internet Explorers
statusbar:
Put the following in OnBeforeNavigate2
and/or OnDocumentComplete:
var
s : String;
pw : Pwidechar;
dwZone : Cardinal;
ZoneAttr : TZoneAttributes; //Defined in
Urlmon.pas
begin
s:=url;
Stringtowidechar(s,pw,length(s)+1);
embeddedwb1.Securitymanager.MapUrlToZone(Pw,dwZone,0);
embeddedwb1.ZoneManager.GetZoneAttributes(dwZone,ZoneAttr);
|
First you use MapUrlToZone to
determine what security zone the site belongs to. Then you
get the information about that zone from GetZoneAttributes,
and now you have all you need for your statusbar:
ZoneAttr.szIconPath -> e.g. "inetcpl.cpl#001313"
(use API-function ExtractIcon to extract the icon).
ZoneAttr.szDisplayName -> e.g. "Internet"
You even get information to add to the hintbox:
ZoneAttr.szDescription -> e.g. "This zone contains
all Web sites you haven't placed in other zones"
2. If you download and install "IE5 Web
Accessories" from MS the following items are added to
Tools menu in IE5:
Add to Restricted Zone
Add to Trusted Zone
You can easily add the same menu items to
your webbrowser application with EmbeddedWB (remember to
add urlmon to uses-clauses):
Procedure
Tform1.AddSiteToTrusted(Url : PWideChar);
begin
EmbeddedWB1.SecurityManager.SetZoneMapping(URLZONE_TRUSTED,Url,SZM_CREATE);
end;
Procedure Tform1.AddSiteToRestricted(Url :
PWideChar);
begin
embeddedWB1.SecurityManager.SetZoneMapping(URLZONE_RESTRICTED,Url,SZM_CREATE);
end;
Procedure Tform1.RemoveSiteFromTrusted(Url
: PWideChar);
begin
EmbeddedWB1.SecurityManager.SetZoneMapping(URLZONE_TRUSTED,Url,SZM_DELETE);
end;
Procedure
Tform1.RemoveSiteFromRestricted(Url : PWideChar);
begin
EmbeddedWB1.SecurityManager.SetZoneMapping(URLZONE_RESTRICTED,Url,SZM_DELETE);
end;
|
If you want to implement your own
customized Security manager, you can use OnQueryService:
function
TForm1.EmbeddedWB1QueryService(const rsid,
iid: TGUID;
out Obj: IUnknown): HRESULT;
begin
if IsEqualGUID(InternetSecurityManager,
rsid) and
IsEqualGUID(InternetSecurityManager, iid)
then
Result:=<YourSecurityManager>.QueryInterface(IInternetSecurityManager,
Obj)
else
result := E_NOINTERFACE;
end;
|
See also IESecurityManager
and Zones &
Security demo for more information.