handling Security Messages in .net WebBrowser Control

Question

I am attempting to write a VB.net application which will allow users to create their own widget plugins in html/jscript and i would like to set my own security options in the applications settings allowing users to choose what can run or not eg scripts, flash, activex.

I would like to allow activex controls to be used without the windows security dialog in the WebBrowser Control (An ActiveX control is trying to interact with the page...) or what ever it says.

I started customizing the WB Control to suite my needs implementing various interfaces such as IOleClientSite, IDocHostShowUI, IDocHostUIHandler, etc...

I can't seem to find anything that will allow me to control the security permissions of the WB Control. I tried to implement IHttpSecurity and IInternetSecurityManager but I'm either barking up the wrong tree or not doing it right.

Please help, Thanks in advance.

Answer 1

The WebBrowser control is just another instance of Internet Explorer, and thus inherits the security settings in IE.

I have found no other way of changing the security options than to edit them in IE itself. You can most likely change the settings in registry as well, but they will be global for all IE instances. If you change it in your code, then you change it for all browser instances as well.

In an automated application I wrote some time ago I disposed of the pop-ups by monitoring for window pop-ups, grabbing the window handle and sending a click to the button in that window. Certainly not an elegant solution :(

Answer 2

IInternetSecurityManager should work, how is your implementation look like? Check http://support.microsoft.com/kb/246227 for an example.

Answer 3

IInternetSecurityManager requires IQueryInterface. I didn't have IQueryInterface implemented in my application which was why it wasn't working.