C ++ writes Security OCX and IE does not bring up security prompt

The following describes how to mark a control as a secure control in MFC ActiveX and ATL respectively.
 
 
 
 
To mark an MFC ActiveX control as secure, follow the steps belowCodeModified:
 
 
 
 
// Cardscan. cpp: The implementation of ccardscanapp and DLL registration.
# Include "stdafx. H"
# Include "cardscan. H"
# Include "comcat. H"
# Include "strsafe. H"
# Include "objsafe. H"

Ccardscanapp theapp;
Const guid cdecl based_code _ tlid =
{0x29959268, 0x9729, 0x458e, {0xa8, 0x39, 0xbb, 0x39, 0x2e, 0xcb, 0x7e, 0x37 }};
Const word _ wvermajor = 1;
Const word _ wverminor = 0;
Const catid clsid_safeitem =
{0xb548f3c7, 0x1165, 0x4242, {0x92, 0x0b, 0xa7, 0xbd, 0xEE, 0x6d, 0x2b, 0xa3 }};

// {0x36299202, 0x9ef, 0x4abf, {0xad, 0xb9, 0x47, 0xc5, 0x99, 0xdb, 0xe7, 0x78 }};
// Ccardscanapp: initinstance-DLL Initialization
Bool ccardscanapp: initinstance ()
{
Bool binit = colecontrolmodule: initinstance ();
If (binit)
{
}
Return binit;
}
// Ccardscanapp: exitinstance-DLL termination
Int ccardscanapp: exitinstance ()
{
Return colecontrolmodule: exitinstance ();
}
Hresult createcomponentcategory (catid, char * catdescription)
{
Icatregister * PCR = NULL;
Hresult hR = s_ OK;
HR = cocreateinstance (clsid_stdcomponentcategoriesmgr,
Null, clsctx_inproc_server, iid_icatregister, (void **) & PCR );
If (failed (HR ))
Return hr;
// Make sure the hkcr/component categories/{.. catid}
// Key is registered.
Categoryinfo catinfo;
Catinfo. catid = catid;
Catinfo. lcid = 0x0409; // english
Size_t Len;
// Make sure the provided description is not too long.
// Only copy the first 127 characters if it is.
// The second parameter of stringcchlength is the maximum
// Number of characters that may be read into catdescription.
// There must be room for a null-Terminator. The third parameter
// Contains the number of characters excluding the null-Terminator.
HR = stringcchlength (catdescription, strsafe_max_cch, & Len );
If (succeeded (HR ))
{
If (LEN> 127)
{
Len = 127;
}
}
Else
{
// Todo: Write an error handler;
}
// The second parameter of stringcchcopy is 128 because you need
// Room for a null-Terminator.
HR = stringcchcopy (cole2t (catinfo. szdescription), Len + 1, catdescription );
// Make sure the description is NULL terminated.
Catinfo. szdescription [Len + 1] = '/0 ';
HR = PCR-> registercategories (1, & catinfo );
PCR-> release ();
Return hr;
}
// Hresult registerclsidincategory-
// Register your component categories Information
Hresult registerclsidincategory (refclsid CLSID, catid)
{
// Register your component categories information.
Icatregister * PCR = NULL;
Hresult hR = s_ OK;
HR = cocreateinstance (clsid_stdcomponentcategoriesmgr,
Null, clsctx_inproc_server, iid_icatregister, (void **) & PCR );
If (succeeded (HR ))
{
// Register this category as being "implemented" by the class.
Catid rgcatid [1];
Rgcatid [0] = catid;
HR = PCR-> registerclassimplcategories (CLSID, 1, rgcatid );
}
If (PCR! = NULL)
PCR-> release ();
Return hr;
}

// Hresult unregisterclsidincategory-Remove entries from the Registry
Hresult unregisterclsidincategory (refclsid CLSID, catid)
{
Icatregister * PCR = NULL;
Hresult hR = s_ OK;
HR = cocreateinstance (clsid_stdcomponentcategoriesmgr,
Null, clsctx_inproc_server, iid_icatregister, (void **) & PCR );
If (succeeded (HR ))
{
// Unregister this category as being "implemented" by the class.
Catid rgcatid [1];
Rgcatid [0] = catid;
HR = PCR-> unregisterclassimplcategories (CLSID, 1, rgcatid );
}
If (PCR! = NULL)
PCR-> release ();
Return hr;
}
// Dllregisterserver-add the entry to the system registry

Stdapi dllregisterserver (void)
{
Hresult hr;
Afx_manage_state (_ afxmoduleaddrthis );
If (! Afxoleregistertypelib (AfxGetInstanceHandle (), _ tlid ))
Return resultfromscode (selfreg_e_typelib );
If (! Coleobjectfactoryex: updateregistryall (true ))
Return resultfromscode (selfreg_e_class );
// Mark the control as safe for initializing.
HR = createcomponentcategory (catid_safeforinitializing,
_ T ("controls safely initializable from persistent data! "));
If (failed (HR ))
Return hr;
HR = registerclsidincategory (clsid_safeitem,
Catid_safeforinitializing );
If (failed (HR ))
Return hr;
// Mark the control as safe for scripting.
HR = createcomponentcategory (catid_safeforscripting,
_ T ("controls safely Scriptable! "));
If (failed (HR ))
Return hr;
HR = registerclsidincategory (clsid_safeitem,
Catid_safeforscripting );
If (failed (HR ))
Return hr;
Return noerror;
}

// Dllunregisterserver-remove the entry from the system registry

Stdapi dllunregisterserver (void)
{
Hresult hr;
Afx_manage_state (_ afxmoduleaddrthis );
// Remove entries from the registry.
HR = unregisterclsidincategory (clsid_safeitem,
Catid_safeforinitializing );
If (failed (HR ))
Return hr;
HR = unregisterclsidincategory (clsid_safeitem,
Catid_safeforscripting );
If (failed (HR ))
Return hr;
If (! Afxoleunregistertypelib (_ tlid, _ wvermajor, _ wverminor ))
Return resultfromscode (selfreg_e_typelib );
If (! Coleobjectfactoryex: updateregistryall (false ))
Return resultfromscode (selfreg_e_class );
Return noerror;
}
 
One thing worth noting here is the dllunregisterserver function. In this code
 
HR = unregisterclsidincategory (clsid_safeitem, catid_safeforinitializing );

HR = unregisterclsidincategory (clsid_safeitem, catid_safeforscripting );
 
Put the two sentences in
 
If (! Afxoleunregistertypelib (_ tlid, _ wvermajor, _ wverminor ))

Return resultfromscode (selfreg_e_typelib );

If (! Coleobjectfactoryex: updateregistryall (false ))

Return resultfromscode (selfreg_e_class );
 
Before the two statements, if you look at msdn, you will find that the order above is the opposite to mine. This should be a Microsoft error code, if you follow the msdn code, you can use regsvr32-u cardscan. the following error is reported during OCX anti-registration:
 
 
 
 
It's okay to adjust the order I mentioned.
 
 
2) To Mark ActiveX controls written using ATL as secure controls, this is much simpler than MFC. You only need to add several lines of code to the control header file:
 
Class atl_no_vtable ctestctrl:
...
Public iobjectsafetyimpl <ctestctrl, interfacesafe_for_untrusted_caller | interfacesafe_for_untrusted_data>,
 
Add one in the com ing table:
 
Begin_com_map (ctestctrl)
...
Com_interface_entry (IObjectSafety)
End_com_map ()
 
Building a signed ActiveX Control
 
 
ActiveX controls are dangerous. If you do not sign and verify the validity of ActiveX controls, ie rejects installation.
 
 
Toolkit preparation: cabarc.exe, cert2spc.exe, makecab.exe, makecert.exe, signcode.exe (or signtool in the new version). The above gadgets can be found in "common7" Tools "bin in the installation path of, or download it from the official Microsoft website.
 
During the installation of ActiveX controls, some work is self-registration.VersioninfoStructure DefinitionOleselfregister value. You can edit the resource file as follows:
 
Begin
Block "stringfileinfo"
Begin
Block "080403a8"
Begin
Value "companyName", "Todo: <Company Name>"
Value "filedescription", "Todo: <file description>"
Value "fileversion", "1.0.0.1"
Value "internalname", "cardscan. ocx"
Value "legalcopyright", "Todo: (c) <Company Name>. All rights reserved. "
Value "oleselfregister", "/0"
Value "originalfilename", "cardscan. ocx"
Value "productname", "Todo: <Product Name>"
Value "productversion", "1.0.0.1"
End
End
Block "varfileinfo"
Begin
Value "Translation", 0x804,936
End
End
 
Package as a cab file
 
 
ActiveX controls must be placed on the website for customers to download to the local device. Therefore, compression is required. A typical HTML code is as follows:
 
<Object ID = "fuckatl1"
Codebase = "http: // localhost: 8080/cardscan. Cab"
Classid = "CLSID: B548F3C7-2135-4242-920B-A7BDEE6D2BA3" width = 300 Height = 200
/>
Codebase indicates the compressed package to be downloaded, including the files required for OXC and DLL controls.
 
 
Generally, a cab file contains an INF file that describes all the details of the cab file. The following is a simple example. The Code is as follows:
 
; Sample inf file for scriptableactivex. dll
[Version]
; Version signature (same for both NT and Win95) do not remove
Signature = "$ Chicago $"
Advancedinf = 2.0

[Add. Code]
Cardscan. ocx = cardscan. ocx
Cardscan. inf = cardscan. inf

[Cardscan. ocx]
File-win32-x86 = thiscab
CLSID = {B548F3C7-2135-4242-920B-A7BDEE6D2BA3}
Fileversion =
Registerserver = Yes

[Cardscan. inf]
File = thiscab
; End of INF file

  
   
 
Copyright statement: Reprinted with a hyperlink Article Source and author information and this statement
Http://xingzhesun.blogbus.com/logs/53822346.html
 
 
 
 watching the webpage displayed on the xf computer keeps shaking my cute ActiveX. I'm so happy. 
 the process for developing ActiveX controls and publishing them on the website is as follows. 
 @ 1 the development tool of this project is vs2005 
 @ 2 This article references the article http://www.codeproject.com/KB/COM/CompleteActiveX.aspx of David marcionek's "A comlete ActiveX web control tutorial" 
 1. modify 
 1. create an ActiveX project, use MFC, and Use ATL. in step 2 of the mfcactivex control wizard, do not select "RunTime license" on the "application settings" page, because I do not want to buy a runtime license. 
 2. After creating a project, open the RC file and edit it. Add the ActiveX self-registration function to the version structure. Value "oleselfregister", "/0" 
 // version 
 // 
3. write code that disables prompts on the web page. It mainly modifies the app registration function and adds two functions.
@ Hresult createcomponentcategory (catid, wchar * catdescription)
@ Hresult registerclsidincategory (refclsid CLSID, catid)
Modified two functions.
@ Stdapi dllregisterserver (void)
@ Hresult unregisterclsidincategory (refclsid CLSID, catid)
Here we need to define a constant. The value of classid is found in the myactivexctrl. CCP and IDL files.
Const catid clsid_safeitem = {0x36299202, 0x9ef, 0x4abf, {0xad, 0xb9, 0x47, 0xc5, 0x99, 0xdb, 0xe7, 0x78 }};
When we develop and use it, we only need to change clsid_safeitem to the classid of our own control.
The Code is as follows:
# Include "comcat. H"
# Include "strsafe. H"
# Include "objsafe. H"
 
 
Const catid clsid_safeitem = {0x36299202, 0x9ef, 0x4abf, {0xad, 0xb9, 0x47, 0xc5, 0x99, 0xdb, 0xe7, 0x78 }};
Hresult createcomponentcategory (catid, wchar * catdescription)
{
}
 
 // hresult registerclsidincategory-register your component categories Information 
 hresult registerclsidincategory (refclsid CLSID, catid) 
{< br> // register your component categories information. 
 icatregister * PCR = NULL; 
 hresult hR = s_ OK; 
 hR = cocreateinstance (Region, 
 null, clsctx_inproc_server, iid_icatregister, (void **) & PCR); 
 If (succeeded (HR) 
{< br> // register this category as being "implemented" by the class. 
 catid rgcatid [1]; 
 rgcatid [0] = catid; 
 hR = PCR-> registerclassimplcategories (CLSID, 1, rgcatid ); 
}
If (PCR! = NULL)
PCR-> release ();

Return hr;
}
 
 
// Dllregisterserver-adds entries to the system registry
 
 
Stdapi dllregisterserver (void)
{
Hresult hr; // hresult used by safety functions
 
 
Afx_manage_state (_ afxmoduleaddrthis );
 
 
If (! Afxoleregistertypelib (AfxGetInstanceHandle (), _ tlid ))
Return resultfromscode (selfreg_e_typelib );
 
 
If (! Coleobjectfactoryex: updateregistryall (true ))
Return resultfromscode (selfreg_e_class );
 
// Mark the control as safe for initializing.
 
 
HR = createcomponentcategory (catid_safeforinitializing, l "controls safely initializable from persistent data! ");
If (failed (HR ))
Return hr;
 
 
HR = registerclsidincategory (clsid_safeitem, catid_safeforinitializing );
If (failed (HR ))
Return hr;
 
 
// Mark the control as safe for scripting.
 
 
HR = createcomponentcategory (catid_safeforscripting, l "controls safely Scriptable! ");
If (failed (HR ))
Return hr;
 
HR = registerclsidincategory (clsid_safeitem, catid_safeforscripting );
If (failed (HR ))
Return hr;
 
 
Return noerror;
}
 
 
// Hresult unregisterclsidincategory-Remove entries from the Registry
 
 
Hresult unregisterclsidincategory (refclsid CLSID, catid)
{
Icatregister * PCR = NULL;
Hresult hR = s_ OK;
 
HR = cocreateinstance (clsid_stdcomponentcategoriesmgr,
Null, clsctx_inproc_server, iid_icatregister, (void **) & PCR );
If (succeeded (HR ))
{
// Unregister this category as being "implemented" by the class.
Catid rgcatid [1];
Rgcatid [0] = catid;
HR = PCR-> unregisterclassimplcategories (CLSID, 1, rgcatid );
}
 
 
If (PCR! = NULL)
PCR-> release ();
 
 
Return hr;
}
 
// Dllunregisterserver-removes entries from the system registry
 
 
Stdapi dllunregisterserver (void)
{
Hresult hr; // hresult used by safety functions
 
 
Afx_manage_state (_ afxmoduleaddrthis );
 
 
If (! Afxoleunregistertypelib (_ tlid, _ wvermajor, _ wverminor ))
Return resultfromscode (selfreg_e_typelib );
 
 
If (! Coleobjectfactoryex: updateregistryall (false ))
Return resultfromscode (selfreg_e_class );
 
 
// Remove entries from the registry.
 
HR = unregisterclsidincategory (clsid_safeitem, catid_safeforinitializing );
If (failed (HR ))
Return hr;
 
 
HR = unregisterclsidincategory (clsid_safeitem, catid_safeforscripting );
If (failed (HR ))
Return hr;
 
 return noerror; 
}< br> 4. modify the project configuration of the compilation connection, configure properties-> General-> default project-> Use of MFC = use of MFC in the static library, this setting aims to ensure that ActiveX can run on a client without mfcdll. 
 2. Preparations before release 
 1. Use MS ActiveX control pad to create an HTML test page. You can also write HTML by yourself. The test is successful. 
 2. Create a website quickly. Vs2005 is very convenient. Set the default website IP address, main directory, and main file in IIS. 
 3. Create a cab file. 
 when the client opens a page containing ActiveX controls, it must first download the page, register and install it, and then run it. Ms requires that the file of ActiveX control depend be a cab file. 
 in this example, you can use ms's cabarc.exe to package and write the INF file. You must also add the INF file to the package. Install ActiveX in the INF file. 
 you can use the batch processing file written by David marcionek during packaging. You can modify the file as needed. Double-click the mkcal. BAT file to create the myactivex. cab file 
 4. Modify the HTML file to add the codebase attribute. 
 note that the codebase attribute specifies the specific location of the cab file. The client downloads the cab file from this location. If the codebase value is incorrect, the client cannot Download ActiveX correctly, david marcionek left this bug in his article. 
  
  myactivex codebase  
  
  
 
   
   
 myactivex with codebase example 
   
 
   
 
  
<Object ID = "myactivex1" width = 350 Height = 50
Codebase = "http: // 192.168.1.101 /?? /Myactivex. Cab"
Classid = "CLSID: 36299202-09ef-4abf-adb9-47c599dbe778">
<Param name = "_ version" value = "65536">
<Param name = "_ extentx" value = "2646">
<Param name = "_ extenty" value = "1323">
<Param name = "_ stockprops" value = "0">
</Object>
 
 
</Center>
</Body>
</Html>
 
5. Copy the cab file to the specified location on the website.
3. Set IE security attributes.
We have not purchased a digital certificate, so our controls are insecure and we need to set ActiveX in IE.
@ ActiveX control automatic prompt = Enabled
@ Initialize ActiveX controls marked as secure and enable scripts =
@ Initialization and script = Prompt for ActiveX controls that are not marked as secure
@ Binary and script behavior = Enabled
@ Download unsigned ActiveX control = prompt
@ Download Signed ActiveX control = prompt
@ Prompt for running ActiveX Control and plug-in =
Reset to = Security Level-Medium
In this way, we first ensure that the signed ActiveX is correctly downloaded, installed, and run, and "prompt" is given to unsigned ActiveX controls ", in this way, the client user can determine whether to download and install Active based on their own judgment.
 
 

4. server-side testing
1. Delete the ActiveX control first. Because vs has registered ActiveX at runtime. Our purpose is to automatically download and install ActiveX on the webpage. Some developers say that ActiveX runs normally on the server and cannot run normally on the client. Probably because ActiveX has been registered. The problem may occur on the web. When running on the local machine, the system prompts whether to download the cab file. Click Download. Running properly.
 
 
5. Test on the client
1. Ensure that the client can access your web
2. Enter http: // 192.168.1.101/index.htm in the address bar.
You are also prompted to download the cab file. Are you sure you want to download. You will see a prompt in the status bar.
3. After ie downloads the cab file, install the file according to the INF file, perform self-registration, initialization, and run active.
4. OK!
 
 
 
 
 
References:
 

A complete ActiveX web control tutorial

Http://www.codeproject.com/KB/COM/CompleteActiveX.aspx

 

Compile an ActiveX control that does not bring up a warning in the browser.

 

Http://www.vckbase.com/document/viewdoc? Id = 728