Override IE privacy settings using IInternetSecurityManager in Webbrowser control
Question
I need to create a custom security manager for a hosted WebBrowser control in my C# application. The hosted WebBrowser control should be independent from IE security and privacy settings.
Problem: If IE privacy settings are set to "High", the websites that depend on cookies don't function properly in hosted WebBrowser control (sites work fine if the privacy setting is set to "Medium").
The winform that hosts the WebBrowser control provides below implementation for GetSecurityId, MapUrlToZone and ProcessUrlAction. The ProcessUrlAction gets called by the embedded browser for URL Actions like ACTIVEX_RUN, SCRIPT_RUN; but it's not getting called for any cookie related url actions.
Is there some way to enable cookies for webbrowser control? Or is there something wrong with below code?
private void InitBrowserSecurityData()
{
securityID = new byte[MAX_SIZE_SECURITY_ID];
securityID[0] = (byte)'f';
securityID[1] = (byte)'i';
securityID[2] = (byte)'l';
securityID[3] = (byte)'e';
securityID[4] = (byte)':';
securityID[5] = 0;
securityID[6] = 3;
securityID[7] = 0;
securityID[8] = 0;
securityID[9] = 0;
}
//GetSecurityId
int IInternetSecurityManager.GetSecurityId(string pwszUrl, IntPtr pbSecurityId, ref uint pcbSecurityId, ref uint dwReserved)
{
if (pcbSecurityId >= MAX_SIZE_SECURITY_ID)
{
Marshal.Copy(securityID, 0, pbSecurityId, MAX_SIZE_SECURITY_ID);
pcbSecurityId = 9;
return HResults.S_OK;
}
return (int)WinInetErrors.INET_E_DEFAULT_ACTION;
}
//MapUrlToZone
int IInternetSecurityManager.MapUrlToZone(string pwszUrl, out uint pdwZone, uint dwFlags)
{
pdwZone = (uint)tagURLZONE.URLZONE_LOCAL_MACHINE;
return HResults.S_OK;
}
//ProcessUrlAction
int IInternetSecurityManager.ProcessUrlAction(string pwszUrl, uint dwAction, IntPtr pPolicy,
uint cbPolicy, IntPtr pContext, uint cbContext, uint dwFlags, uint dwReserved)
{
URLACTION action = (URLACTION)dwAction;
bool hasUrlPolicy = (cbPolicy >= unchecked((uint)Marshal.SizeOf(typeof(int))));
URLPOLICY urlPolicy = (hasUrlPolicy) ? (URLPOLICY)Marshal.ReadInt32(pPolicy) : URLPOLICY.ALLOW;
bool hasContext = (cbContext >= unchecked((uint)Marshal.SizeOf(typeof(Guid))));
Guid context = (hasContext) ? (Guid)Marshal.PtrToStructure(pContext, typeof(Guid)) : Guid.Empty;
//all URL actions are allowed
if (hasUrlPolicy)
{
urlPolicy = URLPOLICY.ALLOW;
Marshal.WriteInt32(pPolicy, (int)urlPolicy);
return HResults.S_OK;
}
return (int)WinInetErrors.INET_E_DEFAULT_ACTION;
}
I have already seen these questions, but they don't work for me.
Security Level for WebBrowser control
Custom IInternetSecurityManager not being called with dialogs
1 answers
solution1
1 ACCPTED 2011-10-12 08:37:13
It seems Internet explorer does not pass Cookie actions to IInternetSecurityManager. That's the reason it's hard to override IE privacy settings in embedded browser control. Some wise people already figured this out long time back here
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.