Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WebBrowser control - ignore SSL errors

Many hours of searching has not lead to an answer. We're looking for a way that a .NET WebBrowser control can navigate to pages with SSL security problems (self-signed certificates or non-matching hostnames) without stopping and displaying the error page:

http://imgur.com/Uqt7H

I've already seen many posts that are close:

How to disable “Security Alert” window in Webbrowser control -- doesn't work because WebBrowser apparently doesn't use the ServicePointManager

Suppressing Hosted WebBrowser Control Dialogs -- depends on knowing window titles, which doesn't work for a non-English audience

C# WebBrowser Control - ignore website security warnings -- this was closed as a duplicate, and the answer just referred to the above link.

Most form posts suggest implementing IInternetSecurityManager, which I've done, but to no avail.
Responding with a constant value for GetSecurityId for all URLs (specifying URLZONE_LOCAL_MACHINE or URLZONE_TRUSTED) doesn't work.

The following doesn't help:

public unsafe int MapUrlToZone(string url, int* pdwZone, int dwFlags)
{
    *pdwZone = 3; // URLZONE_TRUSTED;
    return Win32.S_OK;
}

Finally, I can't seem to find a way for ProcessUrlAction to have any effect:

public unsafe int ProcessUrlAction(string url, int dwAction, byte* pPolicy, int cbPolicy,
            byte* pContext, int cbContext, int dwFlags, int dwReserved)
{
    *((int*)pPolicy) = (int)Win32.UrlPolicy.URLPOLICY_ALLOW;
    return Win32.S_OK;
}

Has anyone successfully found a way past that SSL warning page?

like image 395
DougN Avatar asked Aug 03 '11 21:08

DougN


1 Answers

the interface you need to implement is IHttpSecurity. See http://jiangsheng.net/2013/07/17/howto-ignoring-web-browser-certificate-errors-in-webbrowser-host/ for an example based on Windows Forms.

like image 82
Sheng Jiang 蒋晟 Avatar answered Sep 21 '22 12:09

Sheng Jiang 蒋晟