Is it possble to check from the code of ActiveX, if the current page(site) is in Trusted Sites zone?

Question

Hi I have legacy ActiveX (ATL), that works properly if loaded from the Trusted Sites security zone. I want to add verification in code, the be sure that customer added the host of activeX to the trusted sites and if not just give a warning.

What API should I use ? (browser is IE7 and UP).

Thank you

score 1 · Answer 1 · answered Mar 02 '11 at 19:04

You can map an url to a zone in native code using IInternetSecurityManager::MapUrlToZone.

The sample code from MSDN:

const char* rgZoneNames[] = { "Local", "Intranet", "Trusted", "Internet", "Restricted" };

IInternetSecurityManager* pInetSecMgr;
HRESULT hr = CoCreateInstance(CLSID_InternetSecurityManager, NULL, CLSCTX_ALL,
                              IID_IInternetSecurityManager, (void **)&pInetSecMgr);   
if (SUCCEEDED(hr))
{
    DWORD dwZone;
    hr = spInetSecMgr->MapUrlToZone(szUrl, &dwZone, 0);
    if (hr == S_OK) {
        if (dwZone < 5) {
            printf("ZONE: %s (%d)\n", rgZoneNames[dwZone], dwZone);
        } else {
            printf("ZONE: Unknown (%d)\n", dwZone);
        }
    } else {
        printf("ZONE: Error %08x\n", hr);
    }

    pInetSecMgr->Release();
}

Is it possble to check from the code of ActiveX, if the current page(site) is in Trusted Sites zone?

1 Answers1