Lock Your ActiveX Control

Previous page
Table of content
Next page

This defense has nothing to do with Windows Vista, but it is worth repeating. You should lock an ActiveX control to its originating site with SiteLock (Microsoft 2007) or your own custom code to check the control is instantiated from your Web site. If you want to use your own code rather than take on a SiteLock dependency, you can call IWebBrowser2:: get_LocationURL to get the originating URL, and pass it to cURL or one of the legacy URL cracking APIs and then do a string comparison to determine if the control is activated from your Web site or not.


Previous page
Table of content
Next page
Writing Secure Code for Windows Vista
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
ISBN: 0735623937
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Managing Enterprise Systems with the Windows Script Host
PMP Practice Questions Exam Cram 2
The Oracle Hackers Handbook: Hacking and Defending Oracle
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy