Determining URL from ActiveX Control

This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted.

Introduction

I had to develop ActiveX controls for web based applications.
Some of these controls were manipulating the local resources.
To disable malicious use of these control by others through scripting,
I had to implement security check.
I decided to implement a simple security scheme where I determine the url in which the control is hosted.
If the url comes from our domain, I enabled its functionality.

I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,

which returns a user-readable representation of the moniker.

Code:


HRESULT hrResult = S_FALSE;
IOleClientSite *pClientSite = NULL;
IMoniker* pMoniker = NULL;
LPOLESTR sDisplayName;

// If using ATL to develop, use the m_spClientSite data
// member of CComControl class.

// If using MFC, use the following code:
// (member function of COleControl class
// – don’t forget to call release)
// pClientSite = GetClientSite();

hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
OLEWHICHMK_CONTAINER,
&pMoniker);
if(SUCCEEDED(hrResult))
{
hrResult = pMoniker->GetDisplayName(NULL,
NULL,
&sDisplayName);
pMoniker->Release();
}

//TODO : relevant processing with sDisplayName and
//free sDisplayName using SysFreeString()

More by Author

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Must Read