AssocIsDangerous function (shlwapi.h)
Determines whether a file type is considered a potential security risk.
BOOL AssocIsDangerous( [in] PCWSTR pszAssoc );
A pointer to a string that contains the type of file in question. This may be either an extension such as ".exe" or a progid such as "exefile".
Returns TRUE if the file type is considered dangerous; otherwise, FALSE.
Files that are determined to be potentially dangerous, such as .exe files, should be handled with more care than other files. For example, Windows Internet Explorer version 6.01 or later uses AssocIsDangerous to determine whether it should issue stronger warning language in its download dialog box. ShellExecuteEx uses AssocIsDangerous to trigger zone checking using the methods of the IInternetSecurityManager interface in conjunction with the URLACTION_SHELL_SHELLEXECUTE flag.
The determination of a file's potential risk is made by checking its type against several sources, including a list of known dangerous types and the presence of the FTA_AlwaysUnsafe flag in the registry. On systems running Windows XPService Pack 1 (SP1) or later or Windows Server 2003, it also uses the SaferiIsExecutableFileType function to determine whether a file type is executable.
Applications that can take advantage of AssocIsDangerous include email programs, browsers, chat clients capable of downloading files, and any application that moves files or data from one zone of trust to another.
|Minimum supported client||Windows XP with SP1 [desktop apps only]|
|Minimum supported server||Windows Server 2003 [desktop apps only]|
|DLL||Shlwapi.dll (version 6.01 or later)|