IInternetSecurityManager::GetSecurityId method
Gets the security identification of the specified URL.
Syntax
HRESULT GetSecurityId(
[in] LPCWSTR pwszUrl,
[out] BYTE *pbSecurityId,
[in, out] DWORD *pcbSecurityId,
[in] DWORD_PTR dwReserved
);
Parameters
pwszUrl [in]
A string value that specifies the URL.pbSecurityId [out]
A buffer that specifies the scheme, domain name, and zone associated with the URL.pcbSecurityId [in, out]
An unsigned long integer value that specifies the size of the buffer being passed in.dwReserved [in]
An unsigned long integer that specifies the domain to use. If set to zero, the full domain name is used. Otherwise, a string value containing a suffix to the domain name can be specified. This larger domain name—the full domain name combined with the suffix—is used as the security identifier.
Return value
Returns S_OK if successful, or E_INVALIDARG if the buffer is set to NULL or the string passed in to pwszUrl is not a valid URL.
Remarks
Upon successful completion, pbSecurityId contains the scheme, domain, and zone information, as well as whether the specified pwszUrl was derived from a Mark of the Web.
The pcbSecurityId parameter contains the actual size of the data stored in the buffer. The largest buffer size returned by IInternetSecurityManager::GetSecurityId is 512 bytes, or MAX_SIZE_SECURITY_ID.
Security Warning: An incorrect implementation of this method can compromise the security of your application. A custom implementation of IInternetSecurityManager::GetSecurityId should generate only IDs for hosts that cannot be handled by the default implementation. For all other hosts, this method should return INET_E_DEFAULT_ACTION. Attempting to duplicate the default implementation might result in the creation of IDs that are less secure and are susceptible to a spoofing attack. Review Security Considerations: URL Security Zones API before you continue.
Requirements
Minimum supported client |
Windows XP |
Minimum supported server |
Windows 2000 Server |
DLL |
Urlmon.dll |
See also
Reference