为什么使用TEmbeddedWB时QueryService不被IHttpSecurity调用? [英] Why doesn't QueryService get called for IHttpSecurity when using TEmbeddedWB?
问题描述
TEmbeddedWB
包含一个事件,用于扩展对其他服务的支持,称为 OnQueryService
.根据 MSDN ,此功能将是被调用以允许我返回 IHttpSecurity
引用,因此我可以用自己的方式处理证书错误.但是,尽管为许多其他接口调用了 OnQueryService
,但从未为 IHttpSecurity
调用它.
TEmbeddedWB
contains an event for extending support for additional services, called OnQueryService
. According to MSDN, this function will be called to allow me to return an IHttpSecurity
reference, so I can handle certificate errors my way. However, while OnQueryService
is called for a number of other interfaces, it never gets called for IHttpSecurity
.
示例代码:
unit InsecureBrowser;
interface
uses
Winapi.Windows,
Winapi.Messages,
Winapi.Urlmon,
Winapi.WinInet,
System.SysUtils,
System.Variants,
System.Classes,
Vcl.Graphics,
Vcl.Controls,
Vcl.Forms,
Vcl.Dialogs,
Vcl.OleCtrls,
Vcl.StdCtrls,
SHDocVw_EWB,
EwbCore,
EmbeddedWB;
type
TInsecureBrowserForm = class(TForm, IHttpSecurity, IWindowForBindingUI)
web: TEmbeddedWB;
cmdGoInsecure: TButton;
procedure webQueryService(Sender: TObject; const [Ref] rsid,
iid: TGUID; var Obj: IInterface);
procedure cmdGoInsecureClick(Sender: TObject);
private
{ IWindowForBindingUI }
function GetWindow(const guidReason: TGUID; out hwnd): HRESULT; stdcall;
{ IHttpSecurity }
function OnSecurityProblem(dwProblem: Cardinal): HRESULT; stdcall;
end;
var
InsecureBrowserForm: TInsecureBrowserForm;
implementation
{$R *.dfm}
function TInsecureBrowserForm.GetWindow(const guidReason: TGUID;
out hwnd): HRESULT;
begin
Result := S_FALSE;
end;
function TInsecureBrowserForm.OnSecurityProblem(dwProblem: Cardinal): HRESULT;
begin
if (dwProblem = ERROR_INTERNET_INVALID_CA) or
(dwProblem = ERROR_INTERNET_SEC_CERT_CN_INVALID)
then Result := S_OK
else Result := E_ABORT;
end;
procedure TInsecureBrowserForm.webQueryService(Sender: TObject;
const [Ref] rsid, iid: TGUID; var Obj: IInterface);
begin
if IsEqualGUID(IID_IWindowForBindingUI, iid) then
Obj := Self as IWindowForBindingUI
else if IsEqualGUID(IID_IHttpSecurity, iid) then
Obj := Self as IHttpSecurity;
end;
procedure TInsecureBrowserForm.cmdGoInsecureClick(Sender: TObject);
begin
web.Navigate('https://evil.intranet.site');
end;
end.
推荐答案
这不是很明显,但是事实证明,在使用 WebBrowser2
之前,您需要导航到 about:blank
,或者某些事情根本不会发生,包括一些 QueryService
调用.感谢Igor Tandetnik识别了此在2010年.
It's not obvious, but it turns out you need to navigate to about:blank
before using WebBrowser2
, or certain things just don't happen, including some QueryService
calls. Thanks to Igor Tandetnik for identifying this in 2010.
因此,只需添加:
procedure TInsecureBrowserForm.FormCreate(Sender: TObject);
begin
web.Navigate('about:blank');
end;
我也在我的博客上写下了这句话: https://marc.durdin.net/2016/03/dont-forget-to-navigate-to-aboutblank-when-embedding-iwebbrowser2/
I also wrote this up on my blog: https://marc.durdin.net/2016/03/dont-forget-to-navigate-to-aboutblank-when-embedding-iwebbrowser2/
这篇关于为什么使用TEmbeddedWB时QueryService不被IHttpSecurity调用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!