Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/elixir/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Wpf 如何将浏览器限制到给定域_Wpf_Chromium Embedded_Cefsharp - Fatal编程技术网
Fatal编程技术网
  • wpf/
  • Wpf 如何将浏览器限制到给定域

Wpf 如何将浏览器限制到给定域

wpf

Wpf 如何将浏览器限制到给定域,wpf,chromium-embedded,cefsharp,Wpf,Chromium Embedded,Cefsharp,我希望阻止我的应用程序显示某个域(即example.com)以外的网页 我最初的想法是在OnBeforeBrowse事件处理程序中检查请求URL public bool OnBeforeBrowse(IWebBrowser browser, IRequest request, bool isRedirect) { return !IsPageAllowed(request.Url); } 这看起来是可行的,但允许页面上的所有嵌入式资源也会触发此事件。 例如,我的页面上嵌入了一个YouTub

我希望阻止我的应用程序显示某个域(即example.com)以外的网页

我最初的想法是在OnBeforeBrowse事件处理程序中检查请求URL

public bool OnBeforeBrowse(IWebBrowser browser, IRequest request, bool isRedirect)
{
  return !IsPageAllowed(request.Url);
}
这看起来是可行的,但允许页面上的所有嵌入式资源也会触发此事件。
例如,我的页面上嵌入了一个YouTube视频。视频元素触发了另外两个请求。 如果我取消这些请求,则根本不会呈现视频。
以下是我的请求的简单日志输出:

15:09:22.5809442 - OnBeforeBrowse: http://example.com/, TransitionType=LinkClicked, isRedirect=False
15:09:22.6705460 - OnBeforeBrowse: http://www.youtube.com/embed/XYZ, TransitionType=LinkClicked, isRedirect=False
15:09:22.7715542 - OnBeforeBrowse: http://www.youtube.com/embed/XYZ, TransitionType=LinkClicked, isRedirect=True
15:09:25.1232542 - OnBeforeBrowse: http://not-allowed-domain.com TransitionType=LinkClicked, isRedirect=False
此外,如果我试图通过单击外部链接(禁用限制检查)从允许的页面导航,我会得到新的事件,isRedirect标志被设置为False,这非常令人困惑

感谢您在CEF中使用CefRequest.GetTransitionType():

对照可以告诉您这是主帧还是子帧的位标志检查此值:

///
// Transition type for a request. Made up of one source value and 0 or more
// qualifiers.
///
typedef enum {
  ///
  // Source is a link click or the JavaScript window.open function. This is
  // also the default value for requests like sub-resource loads that are not
  // navigations.
  ///
  TT_LINK = 0,

  ///
  // Source is some other "explicit" navigation action such as creating a new
  // browser or using the LoadURL function. This is also the default value
  // for navigations where the actual type is unknown.
  ///
  TT_EXPLICIT = 1,

  ///
  // Source is a subframe navigation. This is any content that is automatically
  // loaded in a non-toplevel frame. For example, if a page consists of several
  // frames containing ads, those ad URLs will have this transition type.
  // The user may not even realize the content in these pages is a separate
  // frame, so may not care about the URL.
  ///
  TT_AUTO_SUBFRAME = 3,

  ///
  // Source is a subframe navigation explicitly requested by the user that will
  // generate new navigation entries in the back/forward list. These are
  // probably more important than frames that were automatically loaded in
  // the background because the user probably cares about the fact that this
  // link was loaded.
  ///
  TT_MANUAL_SUBFRAME = 4,

  ///
  // Source is a form submission by the user. NOTE: In some situations
  // submitting a form does not result in this transition type. This can happen
  // if the form uses a script to submit the contents.
  ///
  TT_FORM_SUBMIT = 7,

  ///
  // Source is a "reload" of the page via the Reload function or by re-visiting
  // the same URL. NOTE: This is distinct from the concept of whether a
  // particular load uses "reload semantics" (i.e. bypasses cached data).
  ///
  TT_RELOAD = 8,

  ///
  // General mask defining the bits used for the source values.
  ///
  TT_SOURCE_MASK = 0xFF,

  // Qualifiers.
  // Any of the core values above can be augmented by one or more qualifiers.
  // These qualifiers further define the transition.

  ///
  // Attempted to visit a URL but was blocked.
  ///
  TT_BLOCKED_FLAG = 0x00800000,

  ///
  // Used the Forward or Back function to navigate among browsing history.
  ///
  TT_FORWARD_BACK_FLAG = 0x01000000,

  ///
  // The beginning of a navigation chain.
  ///
  TT_CHAIN_START_FLAG = 0x10000000,

  ///
  // The last transition in a redirect chain.
  ///
  TT_CHAIN_END_FLAG = 0x20000000,

  ///
  // Redirects caused by JavaScript or a meta refresh tag on the page.
  ///
  TT_CLIENT_REDIRECT_FLAG = 0x40000000,

  ///
  // Redirects sent from the server by HTTP headers.
  ///
  TT_SERVER_REDIRECT_FLAG = 0x80000000,

  ///
  // Used to test whether a transition involves a redirect.
  ///
  TT_IS_REDIRECT_MASK = 0xC0000000,

  ///
  // General mask defining the bits used for the qualifiers.
  ///
  TT_QUALIFIER_MASK = 0xFFFFFF00,
} cef_transition_type_t;
在我的项目中,我实施了以下解决方案:

  • 有必要准备受信任URL或/和域的列表:
    • HashSet whiteList = new HashSet() { "http://example.com/", "http://www.youtube.com/embed/", ... } HashSet白名单=新HashSet(){ "http://example.com/", "http://www.youtube.com/embed/", ... }
  • 过滤和阻塞
    • 谢谢@Czarek的反馈,但这并不能解决我的问题。在我的日志输出中,您可以看到所有请求都具有相同的TransitionType值(LinkClicked),这似乎是CefSharp()中的默认值。默认值的注释明确指出,这种类型也应用于子资源请求,这基本上是我的困惑和这个问题的根源。感谢@synh的提示,我已经有了一个我限制浏览器访问的显式域的白名单。您的回答让我想到了实际添加另一个resourceWhiteList的想法,在这里我可以为所有资源子请求命名允许的域。 HashSet whiteList = new HashSet() { "http://example.com/", "http://www.youtube.com/embed/", ... }