Geoff Chappell - Software Analyst
HRESULT CoInternetIsFeatureEnabledForIUri ( INTERNETFEATURELIST FeatureEntry, DWORD dwFlags, IUri *pIUri, IInternetSecurityManagerEx2 *pSecMgr);
The FeatureEntry argument tells which feature to test. The supported Internet Features are listed separately.
The dwFlags argument tells in which context to evaluate the feature. The supported Feature Enabled Flags are listed separately.
The pIUri argument is the address of an IUri interface that describes a URL. This argument can be NULL.
The pSecMgr argument is the address of an IInternetSecurityManagerEx2 interface that is to decide whether the feature can be disabled for the given URL. This argument can be NULL.
The function returns S_OK if the feature is enabled, S_FALSE if the feature is disabled, else an error code.
This function post-processes CoInternetIsFeatureEnabled, to allow that some features can be enabled in general but disabled for a trusted URL. The overall aim is to settle the question by calling the given security manager’s ProcessUrlActionEx2 method. The feature is considered to be disabled if the security manager reports the policy permissions as URLPOLICY_ALLOW. In other words, the URL action that the security manager is asked to process is a question: do you allow the corresponding feature to be disabled for the given URL? The following table shows the relevant features and the corresponding URL actions:
FEATURE_BEHAVIORS (0x06) | URLACTION_BEHAVIOR_RUN (0x2000) |
FEATURE_BLOCK_INPUT_PROMPTS (0x1B) | URLACTION_FEATURE_BLOCK_INPUT_PROMPTS (0x2105) |
FEATURE_FORCE_ADDR_AND_STATUS (0x17) | URLACTION_FEATURE_FORCE_ADDR_AND_STATUS (0x2104) |
FEATURE_MIME_SNIFFING (0x03) | URLACTION_FEATURE_MIME_SNIFFING (0x2100) |
FEATURE_WINDOW_RESTRICTIONS (0x04) | URLACTION_FEATURE_WINDOW_RESTRICTIONS (0x2102) |
FEATURE_ZONE_ELEVATION (0x01) | URLACTION_FEATURE_ZONE_ELEVATION (0x2101) |
It is an error (E_FAIL) to provide a FeatureEntry that is out of range.
If CoInternetIsFeatureEnabled fails for the same FeatureEntry and dwFlags, then this function returns the Internet Explorer default for the feature.
If CoInternetIsFeatureEnabled reports that the given feature is disabled in general, then the feature is also disabled whatever the URL, and this function returns S_FALSE.
If CoInternetIsFeatureEnabled reports that the given feature is enabled, but the feature is not in the above list or no URL is given, then it is not possible that the feature can be disabled for the URL, and this function returns S_OK.
Otherwise, to test the feature for the given URL, the function will call the security manager’s ProcessUrlActionEx2 method (specifying the PUAF_NOUI flag). If no security manager is given, the function uses a built-in security manager. If this does not yet exist, the function creates it. If the internal call to CoInternetCreateSecurityManager fails, then so does this function.
If the ProcessUrlActionEx2 method fails, the function returns the Internet Explorer default for the feature. If the policy returned by the method has URLPOLICY_ALLOW for the bits masked by URLPOLICY_MASK_PERMISSIONS, then the feature is considered disabled for the given URL, and the function returns S_FALSE. Otherwise, the URL has no effect on the feature and the function returns S_OK.
The CoInternetIsFeatureEnabledForIUri function is exported by name from URLMON.DLL in version 7.00 and higher.
Microsoft documents the CoInternetIsFeatureEnabledForIUri function, but there are some (minor) omissions and discrepancies. Microsoft does not say that the function may return anything other than S_OK or S_FALSE. Also, Microsoft lists only three features (of the six given above) as being associated with URL actions such that this function can return a different result from CoInternetIsFeatureEnabled. In related documentation, Introduction to Feature Controls, Microsoft lists URL actions for eight features, which may be correct in some context, just not for this function.