user2591028
Reputation: 39
Ignoring web browser SSL security alerts in console application
I'm creating a console application that is able to remotely capture screenshots of websites. Everything is working except the fact that I can't avoid Certificate errors. Every time I get popup message that I'm unable to pass.
I tried using:
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
But it doesn't work. Also tried the solution found here: http://www.codeproject.com/Articles/31163/Suppressing-Hosted-WebBrowser-Control-Dialogs but but it doesnt seem to work for webbrowser invoked from console application.
Any ideas?
Upvotes: 3
Views: 5420
Answers (2)
Steven de Salas
Reputation: 21467
Figured it out finally.
I've been trying to bypass the SSL cert error for a Headless IE browser running as a console app (http://triflejs.org)
ShengJiang provided the bulk of the answer but I still couldn't use Application.Run() as it locks up execution on the main thread and I needed to execute other events in the loop, also, instantiating an ApplicationContext with message pumps seemed way too complicated.
The answer once I got it was exceedingly simple. Just create a loop and run Application.DoEvents()
Here is some working code. I simplified it to suit the question posted here.
Please make sure that:
- You are running as a Console Application project.
- You add a project reference to
System.Windows.Forms.
Hope it helps!
using System;
using System.Runtime.InteropServices;
using System.Windows.Forms;
namespace IgnoreSSLErrorBrowserConsoleApp
{
public class Program
{
[STAThread]
public static void Main(string[] args)
{
MyWebBrowser browser = new MyWebBrowser();
browser.Navigate("about:blank");
browser.DocumentCompleted += delegate (object obj, WebBrowserDocumentCompletedEventArgs e) {
if (e.Url.ToString() == "about:blank") {
// This is the SSL path where certificate error occurs
browser.Navigate("https://localhost");
}
};
while (browser.ReadyState != WebBrowserReadyState.Complete) {
Application.DoEvents();
// RunOtherEvents();
}
}
}
[Guid("6D5140C1-7436-11CE-8034-00AA006009FA")]
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
[ComImport]
public interface UCOMIServiceProvider
{
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int QueryService(
[In] ref Guid guidService,
[In] ref Guid riid,
[Out] out IntPtr ppvObject);
}
[ComImport()]
[ComVisible(true)]
[Guid("79eac9d5-bafa-11ce-8c82-00aa004ba90b")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IWindowForBindingUI
{
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int GetWindow(
[In] ref Guid rguidReason,
[In, Out] ref IntPtr phwnd);
}
[ComImport()]
[ComVisible(true)]
[Guid("79eac9d7-bafa-11ce-8c82-00aa004ba90b")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IHttpSecurity
{
//derived from IWindowForBindingUI
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int GetWindow(
[In] ref Guid rguidReason,
[In, Out] ref IntPtr phwnd);
[PreserveSig]
int OnSecurityProblem(
[In, MarshalAs(UnmanagedType.U4)] uint dwProblem);
}
public class MyWebBrowser : WebBrowser
{
public static Guid IID_IHttpSecurity
= new Guid("79eac9d7-bafa-11ce-8c82-00aa004ba90b");
public static Guid IID_IWindowForBindingUI
= new Guid("79eac9d5-bafa-11ce-8c82-00aa004ba90b");
public const int S_OK = 0;
public const int S_FALSE = 1;
public const int E_NOINTERFACE = unchecked((int)0x80004002);
public const int RPC_E_RETRY = unchecked((int)0x80010109);
protected override WebBrowserSiteBase CreateWebBrowserSiteBase()
{
return new MyWebBrowserSite(this);
}
class MyWebBrowserSite : WebBrowserSite,
UCOMIServiceProvider,
IHttpSecurity,
IWindowForBindingUI
{
private MyWebBrowser myWebBrowser;
public MyWebBrowserSite(MyWebBrowser myWebBrowser)
: base(myWebBrowser)
{
this.myWebBrowser = myWebBrowser;
}
public int QueryService(ref Guid guidService
, ref Guid riid
, out IntPtr ppvObject)
{
if (riid == IID_IHttpSecurity)
{
ppvObject = Marshal.GetComInterfaceForObject(this
, typeof(IHttpSecurity));
return S_OK;
}
if (riid == IID_IWindowForBindingUI)
{
ppvObject = Marshal.GetComInterfaceForObject(this
, typeof(IWindowForBindingUI));
return S_OK;
}
ppvObject = IntPtr.Zero;
return E_NOINTERFACE;
}
public int GetWindow(ref Guid rguidReason
, ref IntPtr phwnd)
{
if (rguidReason == IID_IHttpSecurity
|| rguidReason == IID_IWindowForBindingUI)
{
phwnd = myWebBrowser.Handle;
return S_OK;
}
else
{
phwnd = IntPtr.Zero;
return S_FALSE;
}
}
public int OnSecurityProblem(uint dwProblem)
{
//ignore errors
//undocumented return code, does not work on IE6
return S_OK;
}
}
}
}
Upvotes: 3
Sheng Jiang 蒋晟
Reputation: 15271
The webbrowser control uses WinInet as its network stack. Setting the ServerCertificateValidationCallback would have no effect on WinInet.
To handle the certificate error, you need to implement an IHttpSecurity service and pass to the webbrowser on request. The webbrowser queries host services via IServiceProvider implemented on the ActiveX host. Assuming you are using Windows Forms, you need to do the following:
- derive a class from WebBrowser
- create a nested class derived from WebBrowser.WebBrowserSite (the only way you can derive from the nested class)
- overwrite CreateWebBrowserSiteBase and return a new instance of your webbrowser site.
- implement IServiceProvider on the webbrowser site
- implement IServiceProvider.QueryService so it returns an IHttpSecurity imepleemntation when the IHttpSecurity service is requested
- handle IHttpSecurity.OnSecurityProblem and return S_OK
- use the new webbrowser in the form
Example code:
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void webBrowser1_DocumentCompleted(object sender,
WebBrowserDocumentCompletedEventArgs e)
{
if (e.Url.ToString() == "about:blank")
{
//create a certificate mismatch
webBrowser1.Navigate("https://74.125.225.229");
}
}
}
[Guid("6D5140C1-7436-11CE-8034-00AA006009FA")]
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
[ComImport]
public interface UCOMIServiceProvider
{
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int QueryService(
[In] ref Guid guidService,
[In] ref Guid riid,
[Out] out IntPtr ppvObject);
}
[ComImport()]
[ComVisible(true)]
[Guid("79eac9d5-bafa-11ce-8c82-00aa004ba90b")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IWindowForBindingUI
{
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int GetWindow(
[In] ref Guid rguidReason,
[In, Out] ref IntPtr phwnd);
}
[ComImport()]
[ComVisible(true)]
[Guid("79eac9d7-bafa-11ce-8c82-00aa004ba90b")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IHttpSecurity
{
//derived from IWindowForBindingUI
[return: MarshalAs(UnmanagedType.I4)]
[PreserveSig]
int GetWindow(
[In] ref Guid rguidReason,
[In, Out] ref IntPtr phwnd);
[PreserveSig]
int OnSecurityProblem(
[In, MarshalAs(UnmanagedType.U4)] uint dwProblem);
}
public class MyWebBrowser : WebBrowser
{
public static Guid IID_IHttpSecurity
= new Guid("79eac9d7-bafa-11ce-8c82-00aa004ba90b");
public static Guid IID_IWindowForBindingUI
= new Guid("79eac9d5-bafa-11ce-8c82-00aa004ba90b");
public const int S_OK = 0;
public const int S_FALSE = 1;
public const int E_NOINTERFACE = unchecked((int)0x80004002);
public const int RPC_E_RETRY = unchecked((int)0x80010109);
protected override WebBrowserSiteBase CreateWebBrowserSiteBase()
{
return new MyWebBrowserSite(this);
}
class MyWebBrowserSite : WebBrowserSite,
UCOMIServiceProvider,
IHttpSecurity,
IWindowForBindingUI
{
private MyWebBrowser myWebBrowser;
public MyWebBrowserSite(MyWebBrowser myWebBrowser)
:base(myWebBrowser)
{
this.myWebBrowser = myWebBrowser;
}
public int QueryService(ref Guid guidService
, ref Guid riid
, out IntPtr ppvObject)
{
if (riid ==IID_IHttpSecurity)
{
ppvObject= Marshal.GetComInterfaceForObject(this
, typeof(IHttpSecurity));
return S_OK;
}
if (riid == IID_IWindowForBindingUI)
{
ppvObject = Marshal.GetComInterfaceForObject(this
, typeof(IWindowForBindingUI));
return S_OK;
}
ppvObject = IntPtr.Zero;
return E_NOINTERFACE;
}
public int GetWindow(ref Guid rguidReason
, ref IntPtr phwnd)
{
if (rguidReason == IID_IHttpSecurity
|| rguidReason == IID_IWindowForBindingUI)
{
phwnd = myWebBrowser.Handle;
return S_OK;
}
else
{
phwnd = IntPtr.Zero;
return S_FALSE;
}
}
public int OnSecurityProblem(uint dwProblem)
{
//ignore errors
//undocumented return code, does not work on IE6
return S_OK;
}
}
}
Upvotes: 4
Related Questions
- How to ignore the certificate check when ssl
- How to disable webbrowser security warning in WPF c#
- How can I ignore https certificate warnings in the c# signalr client?
- How to allow untrusted SSL in the WPF WebBrowser control
- How to programmatically answer "Yes" to WebBrowser control security alert
- How to disable "Security Alert" window in Webbrowser control
- How To Prevent Internet Explorer Security Alert During HTTPWebRequest
- How to avoid Security messages / security alerts from IE
- How to disable “Security Warning” window in Webbrowser control
- Webbrowser control and security alert messages