Determining URL from ActiveX Control

This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted.

Introduction

I had to develop ActiveX controls for web based applications. Some of these controls were manipulating the local resources. To disable malicious use of these control by others through scripting, I had to implement security check. I decided to implement a simple security scheme where I determine the url in which the control is hosted. If the url comes from our domain, I enabled its functionality.

I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,
which returns a user-readable representation of the moniker.

Code:

 HRESULT hrResult	= S_FALSE;
 IOleClientSite *pClientSite = NULL;
 IMoniker* pMoniker	= NULL;
 LPOLESTR sDisplayName;

 // If using ATL to develop, use the m_spClientSite data
 // member of CComControl class.

 // If using MFC, use the following code: 
 // (member function of COleControl class 
 // - don't forget to call release)
 // pClientSite = GetClientSite();

 hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
                                       OLEWHICHMK_CONTAINER,
                                       &pMoniker);
 if(SUCCEEDED(hrResult))
 {
  hrResult = pMoniker->GetDisplayName(NULL,
                                      NULL,
                                      &sDisplayName);
  pMoniker->Release();
 }

 //TODO : relevant processing with sDisplayName and
 //free sDisplayName using SysFreeString()


Comments

  • can you send me a demo plz

    Posted by fask_annexe on 06/12/2004 09:31am

    hi i want this source for my project , can you send me a demo plzz

    Reply
  • Good Idea !

    Posted by Legacy on 02/14/2004 12:00am

    Originally posted by: www.yamaoku.org/default.html

    This one is a good idea !

    Soon, I am glad to present You sone results of my research on COM related information processing using Microsoft windows driven computers ...

    Remember that website ID: YAMAOKU.ORG

    Connect to "http://www.yamaoku.org/default.html"; to access those results ...

    Reply
  • GetClientSite is null why

    Posted by Legacy on 01/09/2004 12:00am

    Originally posted by: Sax

    void CActiDiagCtrl::OnButton1() 
    
    {
    //MFC Control
    LPOLECLIENTSITE pClientSite = GetClientSite();
    if(pClientSite)
    {
    AfxMessageBox("Working");
    }else
    {
    AfxMessageBox("Not working");
    }
    }
    Why is this not working

    My control is in a web page. I click on my Page1.htm to open the file and I click button one of my activex and it is not working.

    Reply
  • Is there other alternative way? Thanks.

    Posted by Legacy on 12/06/2003 12:00am

    Originally posted by: AL

    Is there other alternative way? Thanks.

    Reply
  • does this work with Netscape on windows ?

    Posted by Legacy on 07/17/2003 12:00am

    Originally posted by: Hrishikesh Lele

    hi,

    Nice article !

    Could you pls let me know if this works with Netscape on Windows ?

    hrishi

    Reply
  • Cool work !

    Posted by Legacy on 07/16/2003 12:00am

    Originally posted by: Hrishikesh Lele

    Cool work !

    Reply
  • Good Idea

    Posted by Legacy on 05/03/2003 12:00am

    Originally posted by: www.ftr28i67.de

    This is a good idea ...

    Reply
  • bad work!

    Posted by Legacy on 09/18/2002 12:00am

    Originally posted by: waterwhu

    can not resolve all of problem!!!
    can you stop using flashget to get some bad files?
    No!!!

    Reply
  • eqwe

    Posted by Legacy on 03/01/2002 12:00am

    Originally posted by: erwe

    wqe

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Given today's threat environment and the increasing connectivity of digital infrastructures, security teams now realize that they must assume their IT environments are subject to periodic compromise. Gone are the days when preventive measures to secure the perimeter or trying to detect malware problems using signature-match technologies were enough. New practices based on an understanding of the phases of an attack, continuous threat monitoring, and rapid attack detection and remediation are necessary. This …

  • Download the Information Governance Survey Benchmark Report to gain insights that can help you further establish business value in your Records and Information Management (RIM) program and across your entire organization. Discover how your peers in the industry are dealing with this evolving information lifecycle management environment and uncover key insights such as: 87% of organizations surveyed have a RIM program in place 8% measure compliance 64% cannot get employees to "let go" of information for …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds