Determining URL from ActiveX Control

This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted.

Introduction

I had to develop ActiveX controls for web based applications. Some of these controls were manipulating the local resources. To disable malicious use of these control by others through scripting, I had to implement security check. I decided to implement a simple security scheme where I determine the url in which the control is hosted. If the url comes from our domain, I enabled its functionality.

I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,
which returns a user-readable representation of the moniker.

Code:

 HRESULT hrResult	= S_FALSE;
 IOleClientSite *pClientSite = NULL;
 IMoniker* pMoniker	= NULL;
 LPOLESTR sDisplayName;

 // If using ATL to develop, use the m_spClientSite data
 // member of CComControl class.

 // If using MFC, use the following code: 
 // (member function of COleControl class 
 // - don't forget to call release)
 // pClientSite = GetClientSite();

 hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
                                       OLEWHICHMK_CONTAINER,
                                       &pMoniker);
 if(SUCCEEDED(hrResult))
 {
  hrResult = pMoniker->GetDisplayName(NULL,
                                      NULL,
                                      &sDisplayName);
  pMoniker->Release();
 }

 //TODO : relevant processing with sDisplayName and
 //free sDisplayName using SysFreeString()


Comments

  • can you send me a demo plz

    Posted by fask_annexe on 06/12/2004 09:31am

    hi i want this source for my project , can you send me a demo plzz

    Reply
  • Good Idea !

    Posted by Legacy on 02/14/2004 12:00am

    Originally posted by: www.yamaoku.org/default.html

    This one is a good idea !

    Soon, I am glad to present You sone results of my research on COM related information processing using Microsoft windows driven computers ...

    Remember that website ID: YAMAOKU.ORG

    Connect to "http://www.yamaoku.org/default.html"; to access those results ...

    Reply
  • GetClientSite is null why

    Posted by Legacy on 01/09/2004 12:00am

    Originally posted by: Sax

    void CActiDiagCtrl::OnButton1() 
    
    {
    //MFC Control
    LPOLECLIENTSITE pClientSite = GetClientSite();
    if(pClientSite)
    {
    AfxMessageBox("Working");
    }else
    {
    AfxMessageBox("Not working");
    }
    }
    Why is this not working

    My control is in a web page. I click on my Page1.htm to open the file and I click button one of my activex and it is not working.

    Reply
  • Is there other alternative way? Thanks.

    Posted by Legacy on 12/06/2003 12:00am

    Originally posted by: AL

    Is there other alternative way? Thanks.

    Reply
  • does this work with Netscape on windows ?

    Posted by Legacy on 07/17/2003 12:00am

    Originally posted by: Hrishikesh Lele

    hi,

    Nice article !

    Could you pls let me know if this works with Netscape on Windows ?

    hrishi

    Reply
  • Cool work !

    Posted by Legacy on 07/16/2003 12:00am

    Originally posted by: Hrishikesh Lele

    Cool work !

    Reply
  • Good Idea

    Posted by Legacy on 05/03/2003 12:00am

    Originally posted by: www.ftr28i67.de

    This is a good idea ...

    Reply
  • bad work!

    Posted by Legacy on 09/18/2002 12:00am

    Originally posted by: waterwhu

    can not resolve all of problem!!!
    can you stop using flashget to get some bad files?
    No!!!

    Reply
  • eqwe

    Posted by Legacy on 03/01/2002 12:00am

    Originally posted by: erwe

    wqe

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • On-demand Event Event Date: September 10, 2014 Modern mobile applications connect systems-of-engagement (mobile apps) with systems-of-record (traditional IT) to deliver new and innovative business value. But the lifecycle for development of mobile apps is also new and different. Emerging trends in mobile development call for faster delivery of incremental features, coupled with feedback from the users of the app "in the wild." This loop of continuous delivery and continuous feedback is how the best mobile …

  • Information is data with context. The era of Big Data has begun demonstrating to information security that there is more that can, and must, be done to identify threats, reduce risk, address fraud, and improve compliance monitoring activities by bringing better context to data and thereby creating information for actionable intelligence. This analyst report sets the stage and provides insights into IT and information security practitioners' perceptions of the impediments to, and the solutions necessary for, …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds