当前位置: 文江博客话题详情

WPF WebBrowser 控件中的持久 cookie?

发布于 2024-10-04 14:15:06 字数 592 浏览 0 评论 0原文

我正在使用 WPF WebBrowser 在应用程序内显示在线帮助(只是一些小网页)。其中一些页面仅在页面被查看的前几次使用 cookie 来显示项目(这是“为什么不尝试 X”类型的事情)。

但是,由于某种原因,cookie 似乎无法在 WebBrowser 控件内工作。它们在完整的 IE 以及 Firefox 和 Chrome 中工作正常(因此项目正确隐藏),但在通过 WPF WebBrowser 控件查看时它们从不隐藏。

在 WPF WebBrowser 控件中使用 cookie 有什么特别之处吗?看起来好像所有 cookie 都只存储在内存中,而不是持久保存在磁盘上。

这是浏览器内的其中一个页面(cookie 在其中工作):

浏览器内的帮助窗格

这是完全相同的页面应用程序内部:

应用程序内部的帮助窗格

该附加内容仅应在最初几次使用该软件时可见(即它应该在该网页的 N 次查看后隐藏),但因为我无法让 cookie 工作,所以它总是可见的。

原文

I'm using the WPF WebBrowser to display online help inside an app (just a few small web pages). Some of those pages use cookies to display items only for the first few times the pages are viewed (it's a "Why not try X" type of thing).

However, for some reason the cookies don't seem to be working inside the WebBrowser control. They work fine in full IE as well as Firefox and Chrome (so the items correctly hide), but they never hide when viewed through the WPF WebBrowser control.

Is there something special about using cookies in the WPF WebBrowser control? It seems to be behaving as if all the cookies are only stored in memory, rather than being persisted on disk.

Here's one of those pages inside a browser (where the cookies work):

Help pane inside a browser

And here's the exact same page inside the app:

Help pane inside the application

That additional content should only be visible for the first few times of using the software (i.e. it should be hidden after N views of that web page), but because I can't get cookies to work it's always visible.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

梦断已成空 2024-10-11 14:15:06

Internet Explorer(或托管版本)中的 Cookie 处理与 IE 自己的“URL 安全区域”概念相关,文档如下:关于 URL 安全区域

因此,IE 使用应用于 url 的各种算法来确定 url 区域。根据区域的不同,您的托管浏览器可能支持也可能不支持会话或持久 cookie。

奇怪的是,当我创建一个小型 WPF 示例时,向其中添加 Web 浏览器并导航到此持久 cookie 测试器实用程序页面: http://www.rbaworld.com/Security/Computers/Cookies/givecook.shtml,它工作正常。每次我启动示例应用程序时,计数器都会很好地递增,因此并非每个人都可以重现您的问题。嗯,这就是 URL 安全区域的全部目的:它可能因计算机、用户、Windows 策略等而异...

下一个问题是:我可以更改您正在运行的区域吗?简短而简单的答案是……不,因为它与安全性密切相关。

如果您自己托管 IE,则可以按照此处所述实现自己的安全区域句柄: 实现自定义安全管理器和示例:示例:Secumgr。 exe 覆盖 WebBrowser Host 的安全管理器,但您依赖于 WPF 的网络浏览器,不允许任何覆盖...您可以访问 Reflector 并复制所有 WPF 私有/内部代码,但这是危险工作的日志!

您可以尝试的最后一件事是操纵标准的互联网安全管理器。这是一些给出一些提示的示例代码。至少您应该能够确定您正在运行的区域 (MapUrltoZone) 并更改 cookie (TryAllowCookie)。标准管理器的问题是大多数时候,它会向最终用户弹出允许授权的对话框...(再次安全!):

[ComImport, Guid("7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4")]
private class InternetSecurityManager
{
}

[ComImport, InterfaceType(ComInterfaceType.InterfaceIsIUnknown), Guid("79eac9ee-baf9-11ce-8c82-00aa004ba90b")]
private interface IInternetSecurityManager
{
    void Unused1();
    void Unused2();
    [PreserveSig]
    int MapUrlToZone([In, MarshalAs(UnmanagedType.BStr)] string pwszUrl, out int pdwZone, [In] int dwFlags);
    void Unused3();
    [PreserveSig]
    int ProcessUrlAction(string pwszUrl, int dwAction, ref int pPolicy, int cbPolicy, ref Guid pContext, int cbContext, int dwFlags, int dwReserved);
    // left undefined
}

public static SecurityZone MapUrlToZone(Uri uri)
{
    IInternetSecurityManager securityManager = (IInternetSecurityManager)new InternetSecurityManager();
    int zoneId;
    if (securityManager.MapUrlToZone(uri.ToString(), out zoneId, 0) < 0)
        return SecurityZone.NoZone;

    return (SecurityZone)zoneId;
}

private const int URLACTION_COOKIES = 0x00001A02;
private const int URLACTION_COOKIES_ENABLED = 0x00001A10;
private const int URLPOLICY_ALLOW = 0x00;
private const int URLPOLICY_DISALLOW = 0x03;
private const int PUAF_DEFAULT = 0x00000000;

public static bool TryAllowCookies(Uri uri)
{
    IInternetSecurityManager securityManager = (IInternetSecurityManager)new InternetSecurityManager();
    int policy = 0;
    Guid context = Guid.Empty;
    int hr = securityManager.ProcessUrlAction(uri.ToString(), URLACTION_COOKIES_ENABLED, ref policy, Marshal.SizeOf(policy), ref context, Marshal.SizeOf(context), PUAF_DEFAULT, 0);
    return (hr == 0) && policy == URLPOLICY_ALLOW;
}

祝你好运:)

Cookies handling in Internet Explorer (or hosted versions) is tied to the IE's own notion of "URL Security Zones", doc here: About URL security Zones

So, IE determines an url zone using various alogorithms applied to the url. Depending on the zone, your hosted browser may or may not support session or persistent cookies.

Strangely, when I create a small WPF sample, add the web browser to it and have navigate to this persistent cookie tester utiliy page: http://www.rbaworld.com/Security/Computers/Cookies/givecook.shtml, it works fine. Each time I launch the sample app, the counter is incremented fine, so not everyone can reproduce your problem. Well, that's the whole purpose of URL Security zones: it can vary by machine, by user, by Windows policy, etc...

The next question is: Can I change the zone you're running in? The short and easy answer is ... no because it's heavily tied to the security.

If you were hosting IE yourself, you could implement your own security zone handle as described here: Implementing a Custom Security Manager and a sample here: SAMPLE: Secumgr.exe Overrides Security Manager for WebBrowser Host but you're relying on WPF's webbrowser that does not allow any override... You can get to Reflector and copy all WPF private/internal code but that's a log of risky work!

The last thing you can try is to manipulate the standard Internet Security Manager. Here is some sample code that gives some hints. At least you should be able to determine the zone you're running in (MapUrltoZone) and change the cookie (TryAllowCookie). The problem with the standard manager is most of the times, it pops up dialog to the end-user allowing authorization... (security again!):

[ComImport, Guid("7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4")]
private class InternetSecurityManager
{
}

[ComImport, InterfaceType(ComInterfaceType.InterfaceIsIUnknown), Guid("79eac9ee-baf9-11ce-8c82-00aa004ba90b")]
private interface IInternetSecurityManager
{
    void Unused1();
    void Unused2();
    [PreserveSig]
    int MapUrlToZone([In, MarshalAs(UnmanagedType.BStr)] string pwszUrl, out int pdwZone, [In] int dwFlags);
    void Unused3();
    [PreserveSig]
    int ProcessUrlAction(string pwszUrl, int dwAction, ref int pPolicy, int cbPolicy, ref Guid pContext, int cbContext, int dwFlags, int dwReserved);
    // left undefined
}

public static SecurityZone MapUrlToZone(Uri uri)
{
    IInternetSecurityManager securityManager = (IInternetSecurityManager)new InternetSecurityManager();
    int zoneId;
    if (securityManager.MapUrlToZone(uri.ToString(), out zoneId, 0) < 0)
        return SecurityZone.NoZone;

    return (SecurityZone)zoneId;
}

private const int URLACTION_COOKIES = 0x00001A02;
private const int URLACTION_COOKIES_ENABLED = 0x00001A10;
private const int URLPOLICY_ALLOW = 0x00;
private const int URLPOLICY_DISALLOW = 0x03;
private const int PUAF_DEFAULT = 0x00000000;

public static bool TryAllowCookies(Uri uri)
{
    IInternetSecurityManager securityManager = (IInternetSecurityManager)new InternetSecurityManager();
    int policy = 0;
    Guid context = Guid.Empty;
    int hr = securityManager.ProcessUrlAction(uri.ToString(), URLACTION_COOKIES_ENABLED, ref policy, Marshal.SizeOf(policy), ref context, Marshal.SizeOf(context), PUAF_DEFAULT, 0);
    return (hr == 0) && policy == URLPOLICY_ALLOW;
}

Good luck :)

回复 原文
匿名。 2024-10-11 14:15:06

默认情况下,WebBrowser 控件不允许这样做。出于安全原因,您可能不希望来自不同开发人员/公司的不同应用程序能够访问另一个应用程序创建的 cookie 信息。

但是,请查看这个答案如何从 windows.form 中删除 Cookie?

这涉及通过 JavaScript 删除 Cookie,但您可以使用类似的方法在每次加载应用程序时保留并创建站点 Cookie。

The WebBrowser control won't allow this by default. For security reasons, you probably wouldn't want different applications from different developers/companies being able to access cookie info that another app created.

However, check out this answer How to delete Cookies from windows.form?

That pertains to deleting cookies through javascript, but you may be able to use a similar method in order to persist and create the site cookie each time the application is loaded.

回复 原文
~没有更多了~

关于作者

走野

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lioqio

文章 0 评论 0

Single

文章 0 评论 0

禾厶谷欠

文章 0 评论 0

alipaysp_2zg8elfGgC

文章 0 评论 0

qq_N6d4X7

文章 0 评论 0

放低过去

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文