
A customized URL security manager can be created for applications that host either the WebBrowser control or IE4/MSHTML by implementing the IInternetSecurityManager interface. Most of the IInternetSecurityManager methods, except IInternetSecurityManager::ProcessUrlAction, would only need to return INET_E_DEFAULT_ACTION to defer the call to the default security manager.
The following example shows an implementation of the IInternetSecurityManager::ProcessUrlAction method for a customized security manager that wants to require that data be encrypted.
HRESULT MySecurityManager::ProcessUrlAction(
LPWSTR pwszUrl,
DWORD dwAction,
BYTE *pPolicy,
DWORD cbPolicy,
DWORD dwReserved
)
{
DWORD dwPolicy = URLPOLICY_ENCRYPT_REQUIRED;
if (dwAction == URLACTION_ENCRYPT_DATA)
{
if (cbPolicy >= sizeof (DWORD))
{
*(DWORD *)pPolicy = dwPolicy;
return S_OK;
}
else
return S_FALSE;
}
else
return INET_E_DEFAULT_ACTION;
}
Note The Internet Exporer 4.0 default security manager cannot be replaced by a customized security manager.
© 1997 Microsoft Corporation. All rights reserved. Terms of Use.