This is a simple technique to determine the URL of the web page in which the ActiveX control is hosted.
I had to develop ActiveX controls for web based applications.
Some of these controls were manipulating the local resources.
To disable malicious use of these control by others through scripting,
I had to implement security check.
I decided to implement a simple security scheme where I determine the url in which the control is hosted.
If the url comes from our domain, I enabled its functionality.
I used GetMoniker method of IOleClientSite Interface.The IMoniker interface has GetDisplayName() method,
which returns a user-readable representation of the moniker.
HRESULT hrResult = S_FALSE;
IOleClientSite *pClientSite = NULL;
IMoniker* pMoniker = NULL;
// If using ATL to develop, use the m_spClientSite data
// member of CComControl class.
// If using MFC, use the following code:
// (member function of COleControl class
// – don’t forget to call release)
// pClientSite = GetClientSite();
hrResult = m_spClientSite->GetMoniker(OLEGETMONIKER_TEMPFORUSER,
hrResult = pMoniker->GetDisplayName(NULL,
//TODO : relevant processing with sDisplayName and
//free sDisplayName using SysFreeString()