IInternetSecurityManager::MapUrlToZone method
Gets the zone index for the specified URL.
Syntax
HRESULT MapUrlToZone(
[in] LPCWSTR pwszUrl,
[out] DWORD *pdwZone,
[in] DWORD dwFlags
);
Parameters
pwszUrl [in]
A string value that contains the URL. Compare to MapUrlToZoneEx2.pdwZone [out]
An unsigned long integer variable that receives the zone index.dwFlags [in]
An unsigned long integer value that specifies MapUrlToZone Flags to control the mapping.
Return value
Returns E_INVALIDARG if pdwZone is set to NULL or when the value specified in the pwszUrl parameter refers to a local file. Otherwise, S_OK is returned.
Remarks
Security Warning: Incorrect implementation of this method can compromise the security of your application. A custom implementation of IInternetSecurityManager::MapUrlToZone should return only zones for URLs that the default application cannot or should not handle. For all other URLs, this method should return INET_E_DEFAULT_ACTION. Attempting to duplicate the default implementation can result in the incorrect mapping of zones and might leave users susceptible to spoofing or elevation of privilege attacks. Review Security Considerations: URL Security Zones API before you contine.
Examples
The following example instantiates the default security manager to determine the correct zone for the input URL, szUrl.
const char *rgZoneNames[] = { "Local", "Intranet", "Trusted", "Internet", "Restricted" };
IInternetSecurityManager* pInetSecMgr;
HRESULT hr = CoCreateInstance(CLSID_InternetSecurityManager, NULL, CLSCTX_ALL,
IID_IInternetSecurityManager, (void **)&pInetSecMgr);
if (SUCCEEDED(hr))
{
DWORD dwZone;
hr = spInetSecMgr->MapUrlToZone(szUrl, &dwZone, 0);
if (hr == S_OK)
{
if (dwZone < 5)
printf("ZONE: %s (%d)\n", rgZoneNames[dwZone], dwZone);
else
printf("ZONE: Unknown (%d)\n", dwZone);
}
else
printf("ZONE: Error %08x\n", hr);
pInetSecMgr->Release();
}
Requirements
Minimum supported client |
Windows XP |
Minimum supported server |
Windows 2000 Server |
DLL |
Urlmon.dll |