Article ID: 246227
Secumgr.exe is a sample that demonstrates how to override the default security manager in a Microsoft Foundation Classes-based WebBrowser control host.
The following file is available for download from the Microsoft Download Center:
Secumgr.exeRelease Date: Nov-15-1999
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. SECUMGR is an MFC dialog-based application that hosts the WebBrowser control. It exposes an implementation of the IInternetSecurityManager interface from the control site, which is used by the WebBrowser to override traditional security decisions. The highlighted function in this sample is ProcessUrlAction in the Custsite.cpp.
(http://support.microsoft.com/kb/119591/EN-US/ )How to Obtain Microsoft Support Files from Online Services
The sample provides a handful of check boxes to the user for disabling security-related functionality. These buttons map to URLACTIONs that are passed in to ProcessUrlAction. SECUMGR passes back the correct URLPOLICY to enable or disable these features (ActiveX, Script, Java) as requested. Note that most security decisions are made during page load and are not modifiable on the fly.
Not all URLACTIONs can be set to a lower security policy. For example, in Internet Explorer 5.0, you cannot change the action for URLACTION_DOWNLOAD_UNSIGNED_ACTIVEX from URLPOLICY_QUERY to URLPOLICY_ALLOW.
NOTE: In order to implement the IInternetSecurityManager interface on the control site, SECUMGR uses an unofficial technique that may not work correctly in future MFC versions. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/196835/EN-US/ )HOWTO: Override the MFC Default Control Containment
For more information, see the following Microsoft Web site:
URL Security Zones Overview
Article ID: 246227 - Last Review: June 19, 2014 - Revision: 4.0