From 0ebbceddaa27d42fd975268f3d313df9576a763b Mon Sep 17 00:00:00 2001
From: Jacek Caban <jacek@codeweavers.com>
Date: Mon, 11 Mar 2019 14:24:09 +0100
Subject: [PATCH] mshtml: Use global security manager.

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/mshtml/htmldoc.c        |  4 ++++
 dlls/mshtml/htmlwindow.c     |  9 ---------
 dlls/mshtml/main.c           | 20 ++++++++++++++++++++
 dlls/mshtml/mshtml_private.h |  3 +--
 dlls/mshtml/mutation.c       |  3 ++-
 dlls/mshtml/persist.c        |  2 +-
 dlls/mshtml/secmgr.c         |  6 +++---
 7 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/dlls/mshtml/htmldoc.c b/dlls/mshtml/htmldoc.c
index 2d58b8d98a3..7478785116e 100644
--- a/dlls/mshtml/htmldoc.c
+++ b/dlls/mshtml/htmldoc.c
@@ -5446,6 +5446,10 @@ static HRESULT create_document_object(BOOL is_mhtml, IUnknown *outer, REFIID rii
         return E_INVALIDARG;
     }
 
+    /* ensure that security manager is initialized */
+    if(!get_security_manager())
+        return E_OUTOFMEMORY;
+
     doc = heap_alloc_zero(sizeof(HTMLDocumentObj));
     if(!doc)
         return E_OUTOFMEMORY;
diff --git a/dlls/mshtml/htmlwindow.c b/dlls/mshtml/htmlwindow.c
index 71ffaeaf525..4d36f602514 100644
--- a/dlls/mshtml/htmlwindow.c
+++ b/dlls/mshtml/htmlwindow.c
@@ -228,9 +228,6 @@ static void release_outer_window(HTMLOuterWindow *This)
     if(This->base.inner_window)
         detach_inner_window(This->base.inner_window);
 
-    if(This->secmgr)
-        IInternetSecurityManager_Release(This->secmgr);
-
     if(This->frame_element)
         This->frame_element->content_window = NULL;
 
@@ -3574,12 +3571,6 @@ HRESULT HTMLOuterWindow_Create(HTMLDocumentObj *doc_obj, nsIDOMWindow *nswindow,
         return hres;
     }
 
-    hres = CoInternetCreateSecurityManager(NULL, &window->secmgr, 0);
-    if(FAILED(hres)) {
-        IHTMLWindow2_Release(&window->base.IHTMLWindow2_iface);
-        return hres;
-    }
-
     if(parent) {
         IHTMLWindow2_AddRef(&window->base.IHTMLWindow2_iface);
 
diff --git a/dlls/mshtml/main.c b/dlls/mshtml/main.c
index 2ba648f4190..683e732c070 100644
--- a/dlls/mshtml/main.c
+++ b/dlls/mshtml/main.c
@@ -54,6 +54,7 @@ DWORD mshtml_tls = TLS_OUT_OF_INDEXES;
 static HINSTANCE shdoclc = NULL;
 static WCHAR *status_strings[IDS_STATUS_LAST-IDS_STATUS_FIRST+1];
 static IMultiLanguage2 *mlang;
+static IInternetSecurityManager *security_manager;
 static unsigned global_max_compat_mode = COMPAT_MODE_IE11;
 static struct list compat_config = LIST_INIT(compat_config);
 
@@ -118,6 +119,23 @@ BSTR charset_string_from_cp(UINT cp)
     return SysAllocString(info.wszWebCharset);
 }
 
+IInternetSecurityManager *get_security_manager(void)
+{
+    if(!security_manager) {
+        IInternetSecurityManager *manager;
+        HRESULT hres;
+
+        hres = CoInternetCreateSecurityManager(NULL, &manager, 0);
+        if(FAILED(hres))
+            return NULL;
+
+        if(InterlockedCompareExchangePointer((void**)&security_manager, manager, NULL))
+            IInternetSecurityManager_Release(manager);
+    }
+
+    return security_manager;
+}
+
 static BOOL read_compat_mode(HKEY key, compat_mode_t *r)
 {
     WCHAR version[32];
@@ -266,6 +284,8 @@ static void process_detach(void)
         TlsFree(mshtml_tls);
     if(mlang)
         IMultiLanguage2_Release(mlang);
+    if(security_manager)
+        IInternetSecurityManager_Release(security_manager);
 
     free_strings();
 }
diff --git a/dlls/mshtml/mshtml_private.h b/dlls/mshtml/mshtml_private.h
index 34a0d8b380e..93265d67ed0 100644
--- a/dlls/mshtml/mshtml_private.h
+++ b/dlls/mshtml/mshtml_private.h
@@ -499,8 +499,6 @@ struct HTMLOuterWindow {
 
     SCRIPTMODE scriptmode;
 
-    IInternetSecurityManager *secmgr;
-
     struct list sibling_entry;
     struct wine_rb_entry entry;
 };
@@ -1330,5 +1328,6 @@ UINT cp_from_charset_string(BSTR) DECLSPEC_HIDDEN;
 BSTR charset_string_from_cp(UINT) DECLSPEC_HIDDEN;
 HINSTANCE get_shdoclc(void) DECLSPEC_HIDDEN;
 void set_statustext(HTMLDocumentObj*,INT,LPCWSTR) DECLSPEC_HIDDEN;
+IInternetSecurityManager *get_security_manager(void) DECLSPEC_HIDDEN;
 
 extern HINSTANCE hInst DECLSPEC_HIDDEN;
diff --git a/dlls/mshtml/mutation.c b/dlls/mshtml/mutation.c
index 1a1cfe358cd..23e6a3991f1 100644
--- a/dlls/mshtml/mutation.c
+++ b/dlls/mshtml/mutation.c
@@ -818,6 +818,7 @@ static void NSAPI nsDocumentObserver_BindToDocument(nsIDocumentObserver *iface,
 
     if(This->document_mode == COMPAT_MODE_QUIRKS) {
         nsIDOMDocumentType *nsdoctype;
+
         nsres = nsIContent_QueryInterface(aContent, &IID_nsIDOMDocumentType, (void**)&nsdoctype);
         if(NS_SUCCEEDED(nsres)) {
             compat_mode_t mode = COMPAT_MODE_IE7;
@@ -835,7 +836,7 @@ static void NSAPI nsDocumentObserver_BindToDocument(nsIDocumentObserver *iface,
                  * X-UA-Compatible version, allow configuration and default to higher version
                  * (once it's well supported).
                  */
-                hres = IInternetSecurityManager_MapUrlToZone(window->secmgr, window->url, &zone, 0);
+                hres = IInternetSecurityManager_MapUrlToZone(get_security_manager(), window->url, &zone, 0);
                 if(SUCCEEDED(hres) && zone == URLZONE_INTERNET)
                     mode = COMPAT_MODE_IE8;
             }
diff --git a/dlls/mshtml/persist.c b/dlls/mshtml/persist.c
index d7893564b9d..926689d783b 100644
--- a/dlls/mshtml/persist.c
+++ b/dlls/mshtml/persist.c
@@ -62,7 +62,7 @@ static BOOL use_gecko_script(HTMLOuterWindow *window)
     DWORD zone;
     HRESULT hres;
 
-    hres = IInternetSecurityManager_MapUrlToZone(window->secmgr, window->url, &zone, 0);
+    hres = IInternetSecurityManager_MapUrlToZone(get_security_manager(), window->url, &zone, 0);
     if(FAILED(hres)) {
         WARN("Could not map %s to zone: %08x\n", debugstr_w(window->url), hres);
         return TRUE;
diff --git a/dlls/mshtml/secmgr.c b/dlls/mshtml/secmgr.c
index f961bcabd82..a03a796d6fa 100644
--- a/dlls/mshtml/secmgr.c
+++ b/dlls/mshtml/secmgr.c
@@ -86,7 +86,7 @@ static HRESULT WINAPI InternetHostSecurityManager_ProcessUrlAction(IInternetHost
 
     url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
 
-    return IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, dwAction, pPolicy, cbPolicy,
+    return IInternetSecurityManager_ProcessUrlAction(get_security_manager(), url, dwAction, pPolicy, cbPolicy,
             pContext, cbContext, dwFlags, dwReserved);
 }
 
@@ -122,7 +122,7 @@ static HRESULT confirm_safety(HTMLDocumentNode *This, const WCHAR *url, struct C
 
     /* FIXME: Check URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY */
 
-    hres = IInternetSecurityManager_ProcessUrlAction(This->basedoc.window->secmgr, url, URLACTION_SCRIPT_SAFE_ACTIVEX,
+    hres = IInternetSecurityManager_ProcessUrlAction(get_security_manager(), url, URLACTION_SCRIPT_SAFE_ACTIVEX,
             (BYTE*)&policy, sizeof(policy), NULL, 0, 0, 0);
     if(FAILED(hres) || policy != URLPOLICY_ALLOW) {
         *ret = URLPOLICY_DISALLOW;
@@ -191,7 +191,7 @@ static HRESULT WINAPI InternetHostSecurityManager_QueryCustomPolicy(IInternetHos
 
     url = This->basedoc.window->url ? This->basedoc.window->url : about_blankW;
 
-    hres = IInternetSecurityManager_QueryCustomPolicy(This->basedoc.window->secmgr, url, guidKey, ppPolicy, pcbPolicy,
+    hres = IInternetSecurityManager_QueryCustomPolicy(get_security_manager(), url, guidKey, ppPolicy, pcbPolicy,
             pContext, cbContext, dwReserved);
     if(hres != HRESULT_FROM_WIN32(ERROR_NOT_FOUND))
         return hres;