IInternetSecurityManager::ProcessUrlAction method

  • Article

Determines the policy for the specified action and displays a user interface, if the policy indicates that the user should be queried.

Syntax

HRESULT ProcessUrlAction(
  [in]  LPCWSTR pwszUrl,
  [in]  DWORD   dwAction,
  [out] BYTE    *pPolicy,
  [in]  DWORD   cbPolicy,
  [in]  BYTE    *pContext,
  [in]  DWORD   cbContext,
  [in]  DWORD   dwFlags,
  [in]  DWORD   dwReserved
);

Parameters

  • pwszUrl [in]
    A constant pointer to a wide character string that specifies the URL.

  • dwAction [in]
    A DWORD that specifies the action to be performed. This can be one of the URL Action Flags values.

  • pPolicy [out]
    Required. A pointer to a buffer that receives the policy and action for the specified URL. This must be one of the URL Policy Flags values.

  • cbPolicy [in]
    A DWORD that specifies the size of the buffer pPolicy.

  • pContext [in]
    A pointer to a buffer that contains the context information (a CLSID) used by the delegation routines. Can be set to NULL.

  • cbContext [in]
    A DWORD that specifies the size of the buffer cbContext.

  • dwFlags [in]
    A DWORD that specifies a PUAF enumeration value or values.

  • dwReserved [in]
    Reserved. Must be set to NULL.

Return value

Returns one of the following values.

Return code Description
S_OK

Success. The URL policy is URLPOLICY_ALLOW.
S_FALSE

Found a valid URL policy that is not URLPOLICY_ALLOW.
E_OUTOFMEMORY

There is not enough memory to complete the operation.
E_INVALIDARG

URI is null.
E_UNEXPECTED

Failed to initialize the ZoneManager.

 

Remarks

This method can also return an HRESULT derived from the Microsoft Win32 error code ERROR_NOT_FOUND to indicate that the URL action cannot be read from the registry.

Security Warning: Incorrect implementation this method can compromise the security of your application. A custom implementation of IInternetSecurityManager::ProcessUrlAction should only process URL actions that the default application cannot or should not handle. For all other URL actions, this method should return INET_E_DEFAULT_ACTION. Attempting to duplicate the default implementation might result in incorrectly processing URL actions and might leave users susceptible to elevation of privilege attacks. Review Security Considerations: URL Security Zones API before continuing.

Microsoft Internet Explorer 6 for Windows XP Service Pack 2 (SP2) and later. Use the CoInternetIsFeatureEnabledForUrl function instead of this method to determine the URL policy for the URLACTION_FEATURE_MIME_SNIFFING URL action, the URLACTION_FEATURE_WINDOW_RESTRICTIONS URL action, or the URLACTION_FEATURE_ZONE_ELEVATION URL action.

Note  If you create your own implementation of this method, you must set the pPolicy value before you return a success code (S_OK or S_FALSE).

 

Requirements

Minimum supported client

Windows XP

Minimum supported server

Windows 2000 Server

DLL

 Urlmon.dll

See also

IInternetSecurityManager

ProcessUrlActionEx2