winforms webbrowser 控件中的 JavaScript 访问问题

Question

ETA：我已经成功了，答案发布在下面。我会将任何能够准确解释发生了什么以及我如何清理它的人标记为答案。

我有一个类，其中包含一个带有 winforms webbrowser 控件的表单，用于显示一个 html 页面。我在页面头部注入了一些脚本，以便查询样式信息。

当我从可执行文件启动应用程序时，一切正常。但是，我现在正尝试在设计时从加载项启动应用程序。发生的情况是您右键单击 .htm 类型的文件并单击以启动浏览器。然后加载项启动浏览器，浏览器导航到提供的 .htm 文件路径。

我注意到的第一件事是浏览器现在显示这条消息：

“为帮助保护您的安全，您的网络浏览器已限制此文件显示可访问您计算机的活动内容。单击此处查看选项...”

然后我注意到，即使我单击启用活动内容，我的所有 javascript 调用现在都失败了。

作为测试，我尝试了这个简单的 javascript 调用（没有显式注入）：

Me.Document.InvokeScript("execScript", New Object() {"alert('hello');", "JavaScript"})

这会导致 javascript 错误对话框显示“访问被拒绝”

所以，这是一个安全问题。不是我想这样做，而是我尝试暂时降低 IE 中的所有安全级别，但这没有任何区别。

我应该补充一点，该应用程序包含 2 个网络浏览器控件。第二个托管通过设置浏览器的 DocumentText 属性创建的网页。这不会受到 javascript 访问问题的影响。

ETA：我一直在研究 IInternetSecurityManager，可能与此有关吗？我希望不会:(

Answer 1

我已经设法让它与 IInternetSecurityManager 一起工作，这是一项由 webbrowser 控件的站点返回的服务。 无论网址如何，我都通过在 ProcessUrlAction 方法中返回 Ok 来使其正常工作。

我根据我在互联网上找到的一些内容将其抄录下来，因此如果有人能指出如何清理它并将其限制在 Intranet 中，那么我会将其标记为答案。

我想我需要在 ProcessUrlAction 中检查 url，并根据其内容返回 Ok 或 Default。

代码如下：

Friend Class MainBrowser
Inherits WebBrowser

Private _Site As WebBrowserSite
Protected Overrides Function CreateWebBrowserSiteBase() As WebBrowserSiteBase
    If _Site Is Nothing Then
        _Site = New WebBrowserSite(Me)
    End If
    Return _Site
End Function

Protected Class WebBrowserSite
    Inherits System.Windows.Forms.WebBrowser.WebBrowserSite
    Implements NativeInterfaces.IServiceProvider
    Implements NativeInterfaces.IInternetSecurityManager

    Private Const INET_E_DEFAULT_ACTION As Integer = &H800C0011
    Private Const S_OK As Integer = 0
    Private Const E_NOINTERFACEX As Integer = &H80004002

    Private Shared IID_IInternetSecurityManager As Guid = Marshal.GenerateGuidForType(GetType(NativeInterfaces.IInternetSecurityManager))

    Private Owner As MainBrowser

    Public Sub New(ByVal owner As MainBrowser)
        MyBase.New(owner)
        owner = owner
    End Sub

    Public Function QueryService(ByRef guidService As System.Guid, ByRef riid As System.Guid, ByRef ppvObject As System.IntPtr) As Integer Implements NativeInterfaces.IServiceProvider.QueryService
        If guidService = IID_IInternetSecurityManager AndAlso riid = IID_IInternetSecurityManager Then
            ppvObject = Marshal.GetComInterfaceForObject(Me, GetType(NativeInterfaces.IInternetSecurityManager))
            Return S_OK
        End If
        ppvObject = IntPtr.Zero
        Return E_NOINTERFACEX
    End Function

    Public Function GetSecurityId(ByVal pwszUrl As String, ByVal pbSecurityId As System.IntPtr, ByRef pcbSecurityId As UInteger, ByRef dwReserved As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.GetSecurityId
        Return INET_E_DEFAULT_ACTION
    End Function

    Public Function GetSecuritySite(ByRef pSite As System.IntPtr) As Integer Implements NativeInterfaces.IInternetSecurityManager.GetSecuritySite
        pSite = IntPtr.Zero
        Return INET_E_DEFAULT_ACTION
    End Function

    Public Function SetSecuritySite(ByVal pSite As System.IntPtr) As Integer Implements NativeInterfaces.IInternetSecurityManager.SetSecuritySite
        Return INET_E_DEFAULT_ACTION
    End Function

    Public Function MapUrlToZone(ByVal pwszUrl As String, ByRef pdwZone As UInteger, ByVal dwFlags As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.MapUrlToZone
        pdwZone = 0 // URLZONE_LOCAL_MACHINE ?
        Return S_OK // no difference
        // Return INET_E_DEFAULT_ACTION
    End Function

    Public Function ProcessUrlAction(ByVal pwszUrl As String, ByVal dwAction As UInteger, ByVal pPolicy As System.IntPtr, ByVal cbPolicy As UInteger, ByVal pContext As System.IntPtr, ByVal cbContext As UInteger, ByVal dwFlags As UInteger, ByVal dwReserved As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.ProcessUrlAction
        // Return INET_E_DEFAULT_ACTION
        Return S_OK // This is what made the difference
    End Function

    Public Function QueryCustomPolicy(ByVal pwszUrl As String, ByRef guidKey As System.Guid, ByRef ppPolicy As System.IntPtr, ByRef pcbPolicy As UInteger, ByVal pContext As System.IntPtr, ByVal cbContext As UInteger, ByVal dwReserved As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.QueryCustomPolicy
        ppPolicy = IntPtr.Zero
        pcbPolicy = 0
        Return INET_E_DEFAULT_ACTION
    End Function

    Public Function SetZoneMapping1(ByVal dwZone As UInteger, ByVal lpszPattern As String, ByVal dwFlags As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.SetZoneMapping
        Return INET_E_DEFAULT_ACTION
    End Function

    Public Function GetZoneMappings(ByVal dwZone As UInteger, ByRef ppenumString As System.Runtime.InteropServices.ComTypes.IEnumString, ByVal dwFlags As UInteger) As Integer Implements NativeInterfaces.IInternetSecurityManager.GetZoneMappings
        ppenumString = Nothing
        Return INET_E_DEFAULT_ACTION
    End Function

End Class

End Class

接口：

 <ComImport(), InterfaceType(ComInterfaceType.InterfaceIsIUnknown), Guid("6d5140c1-7436-11ce-8034-00aa006009fa")> _
Interface IServiceProvider
    <PreserveSig()> _
    Function QueryService(ByRef guidService As Guid, ByRef riid As Guid, ByRef ppvObject As IntPtr) As <MarshalAs(UnmanagedType.I4)> Integer
End Interface


<ComImport(), GuidAttribute("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B"), InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)> _
Public Interface IInternetSecurityManager
    <PreserveSig()> _
    Function SetSecuritySite(<[In]()> ByVal pSite As IntPtr) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function GetSecuritySite(ByRef pSite As IntPtr) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function MapUrlToZone(<[In](), MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String, ByRef pdwZone As UInt32, <[In]()> ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function GetSecurityId(<[In](), MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String, <Out()> ByVal pbSecurityId As IntPtr, <[In](), Out()> ByRef pcbSecurityId As UInt32, <[In]()> ByRef dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function ProcessUrlAction(<[In](), MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String, ByVal dwAction As UInt32, ByVal pPolicy As IntPtr, ByVal cbPolicy As UInt32, ByVal pContext As IntPtr, ByVal cbContext As UInt32, _
         ByVal dwFlags As UInt32, ByVal dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function QueryCustomPolicy(<[In](), MarshalAs(UnmanagedType.LPWStr)> ByVal pwszUrl As String, ByRef guidKey As Guid, ByRef ppPolicy As IntPtr, ByRef pcbPolicy As UInt32, ByVal pContext As IntPtr, ByVal cbContext As UInt32, _
         ByVal dwReserved As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function SetZoneMapping(ByVal dwZone As UInt32, <[In](), MarshalAs(UnmanagedType.LPWStr)> ByVal lpszPattern As String, ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer

    <PreserveSig()> _
    Function GetZoneMappings(<[In]()> ByVal dwZone As UInt32, ByRef ppenumString As ComTypes.IEnumString, <[In]()> ByVal dwFlags As UInt32) As <MarshalAs(UnmanagedType.I4)> Integer
End Interface