IInternetSecurityManagerEx2::GetSecurityIdEx2 method

Gets the security identifier of the specified URL.


HRESULT GetSecurityIdEx2(
  [in]      IUri      *pUri,
  [out]     BYTE      *pbSecurityId,
  [in, out] DWORD     *pcbSecurityId,
  [in]      DWORD_PTR dwReserved


  • pUri [in]
    A pointer to an IUri interface that specifies the URL.

  • pbSecurityId [out]
    A buffer that specifies the scheme, domain name, and zone associated with the URL.

  • pcbSecurityId [in, out]
    A DWORD that specifies the size of the buffer being passed in.

  • dwReserved [in]
    A LPCWSTR that specifies the domain suffix to use as the security identifier. If set to NULL, the full domain name is used.

Return value

Returns S_OK if successful, or E_INVALIDARG if pbSecurityId or pUri is set to NULL, or if pUri does not contain a valid URL.


IInternetSecurityManagerEx2::GetSecurityIdEx2 was introduced in Windows Internet Explorer 7.

IInternetSecurityManagerEx2::GetSecurityIdEx2 is identical to GetSecurityId except that it takes its URL from an IUri object.

A security identifier contains the scheme, domain, and zone information in the following format.


If the allocated buffer is too small, IInternetSecurityManagerEx2::GetSecurityIdEx2 returns an HRESULT derived from the Microsoft Win32 error code ERROR_INSUFFICIENT_BUFFER and sets the pcbSecurityId parameter to the required size in bytes. Upon a successful return, pcbSecurityId contains the actual size of the data stored in the buffer.

Security Warning: Incorrect implementation of this method can compromise the security of your application. A custom implementation of GetSecurityId should generate IDs only for hosts that cannot be handled by the default implementation. For all other hosts, this method should return INET_E_DEFAULT_ACTION. An attempt to duplicate the default implementation can result in the creation of IDs that are less secure and are susceptible to a spoofing attack. Review Security Considerations: URL Security Zones API before you continue.


Minimum supported client

Windows XP with SP2

Minimum supported server

Windows Server 2003 with SP1


Internet Explorer 7







See also