Merge pull request #8 from FlashpointProject/dev

Dev

Author: tomysshadow

FlashpointSecurePlayer/CustomSecurityManager.cs

@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel;
+using System.IO;
 using System.Linq;
 using System.Runtime.InteropServices;
 using System.Runtime.InteropServices.ComTypes;
@@ -14,6 +15,9 @@
 
 namespace FlashpointSecurePlayer {
     public class CustomSecurityManager : InternetInterfaces.IServiceProvider, InternetInterfaces.IInternetSecurityManager {
+        private const string FLASH_EXTENSION = ".SWF";
+
+        // https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/platform-apis/ms537182(v=vs.85)?redirectedfrom=MSDN
         public CustomSecurityManager(WebBrowser _WebBrowser) {
             InternetInterfaces.IServiceProvider webBrowserServiceProviderInterface = _WebBrowser.ActiveXInstance as InternetInterfaces.IServiceProvider;
             IntPtr profferServiceInterfacePointer = IntPtr.Zero;
@@ -63,19 +67,23 @@ int InternetInterfaces.IInternetSecurityManager.MapUrlToZone([MarshalAs(Unmanage
             // behave like local intranet
             pdwZone = 1;
 
+            // don't map zone for file:// URLs, that's outside the proxy
             if ((dwFlags & MUTZ_ISFILE) == MUTZ_ISFILE) {
                 return INET_E_DEFAULT_ACTION;
             }
 
+            // error if URL is null
             if (pwszUrl == null) {
                 return E_INVALIDARG;
             }
 
+            // unescape URL if needed
             if ((dwFlags & MUTZ_DONT_UNESCAPE) != MUTZ_DONT_UNESCAPE) {
                 try {
                     pwszUrl = Uri.UnescapeDataString(pwszUrl);
                 } catch (ArgumentNullException) {
-                    return INET_E_DEFAULT_ACTION;
+                    // error if URL is null
+                    return E_INVALIDARG;
                 }
             }
 
@@ -95,14 +103,31 @@ int InternetInterfaces.IInternetSecurityManager.GetSecurityId([MarshalAs(Unmanag
         int InternetInterfaces.IInternetSecurityManager.ProcessUrlAction([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl, uint dwAction, out uint pPolicy, uint cbPolicy, byte pContext, uint cbContext, uint dwFlags, uint dwReserved) {
             pPolicy = URLPOLICY_DISALLOW;
 
+            if (cbPolicy < Marshal.SizeOf(pPolicy.GetType())) {
+                return S_FALSE;
+            }
+
+            // don't process file:// URLS, they are outside the proxy
             if ((dwFlags & PUAF_ISFILE) == PUAF_ISFILE) {
                 return INET_E_DEFAULT_ACTION;
             }
 
+            // error if URL is null
             if (pwszUrl == null) {
                 return E_INVALIDARG;
             }
 
+            try {
+                if (Path.GetExtension(new Uri(pwszUrl).LocalPath).ToUpper() == FLASH_EXTENSION) {
+                    if (dwAction == URLACTION_ACTIVEX_TREATASUNTRUSTED) { // don't trust Flash ActiveX Controls
+                        pPolicy = URLPOLICY_ALLOW;
+                    }
+                    return S_OK;
+                }
+            } catch {
+                return S_FALSE;
+            }
+
             pwszUrl = pwszUrl.ToLower();
 
             if (pwszUrl.IndexOf("http://") != 0 && pwszUrl.IndexOf("https://") != 0 && pwszUrl.IndexOf("ftp://") != 0) {
@@ -113,7 +138,7 @@ int InternetInterfaces.IInternetSecurityManager.ProcessUrlAction([MarshalAs(Unma
                 return INET_E_DEFAULT_ACTION;
             }
 
-            if (dwAction == URLACTION_ACTIVEX_TREATASUNTRUSTED || // trust ActiveX Controls always
+            if (dwAction == URLACTION_ACTIVEX_TREATASUNTRUSTED || // trust other ActiveX Controls
                 dwAction == URLACTION_HTML_MIXED_CONTENT || // block HTTPS content on HTTP websites for Flashpoint Proxy
                 dwAction == URLACTION_CLIENT_CERT_PROMPT || // don't allow invalid certificates
                 dwAction == URLACTION_AUTOMATIC_ACTIVEX_UI || // do not display the install dialog for ActiveX Controls

FlashpointSecurePlayer/EnvironmentVariables.cs

@@ -19,13 +19,19 @@ public EnvironmentVariables(Form form) : base(form) { }
 
         public void Activate(string name, string server, string applicationMutexName) {
             base.Activate(name);
-            ModificationsElement modificationsElement = GetModificationsElement(true, Name);
+            ModificationsElement modificationsElement = GetModificationsElement(false, Name);
+
+            if (modificationsElement == null) {
+                return;
+            }
+
             string value = null;
             List<string> values = null;
             string compatibilityLayerValue = null;
             List<string> compatibilityLayerValues = new List<string>();
 
             try {
+                // we need to find the compatibility layers so we can check later if the ones we want are already set
                 compatibilityLayerValue = Environment.GetEnvironmentVariable(COMPATIBILITY_LAYER_NAME);
             } catch (ArgumentException) {
                 throw new EnvironmentVariablesFailedException("Failed to get the " + COMPATIBILITY_LAYER_NAME + " Environment Variable.");
@@ -61,6 +67,8 @@ public void Activate(string name, string server, string applicationMutexName) {
                     if (environmentVariablesElement.Name == COMPATIBILITY_LAYER_NAME && !String.IsNullOrEmpty(server)) {
                         values = new List<string>();
 
+                        // the compatibility layers may contain more values
+                        // but we're only concerned if it contains the values we want
                         if (compatibilityLayerValue != null) {
                             compatibilityLayerValues = compatibilityLayerValue.ToUpper().Split(' ').ToList();
                         }
@@ -69,8 +77,11 @@ public void Activate(string name, string server, string applicationMutexName) {
                             values = value.ToUpper().Split(' ').ToList();
                         }
 
+                        // we have to restart in this case in server mode
+                        // because the compatibility layers only take effect
+                        // on process start
                         if (values.Except(compatibilityLayerValues).Any()) {
-                            throw new CompatibilityLayersException("The Compatibility Layers (" + String.Join(", ", compatibilityLayerValues) + ") cannot be set.");
+                            throw new CompatibilityLayersException("The Compatibility Layers (" + value + ") cannot be set.");
                         }
                     }
 
@@ -82,12 +93,14 @@ public void Activate(string name, string server, string applicationMutexName) {
         }
 
         public void Deactivate(string server) {
+            // do the reverse of activation because we can
             base.Deactivate();
 
             if (String.IsNullOrEmpty(Name)) {
                 return;
             }
 
+            // don't need to get active name, we're only deactivating for this process
             ModificationsElement modificationsElement = GetModificationsElement(false, Name);
 
             if (modificationsElement == null) {