MapUrlToZone caching observations (PowerShell Unblock-File)

gistfile1.txt

$null = Add-Type -TypeDefinition @'
    namespace Testing123
    {
        using System;
        using System.Text;
        using System.Runtime.InteropServices;
        using System.Runtime.InteropServices.ComTypes;
        using System.ComponentModel;

		public static class NativeMethods
		{
			[ComVisible(false), Guid("79EAC9EE-BAF9-11CE-8C82-00AA004BA90B"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
			[ComImport]
			public interface IInternetSecurityManager
			{
				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int SetSecuritySite([In] IntPtr pSite);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int GetSecuritySite([Out] IntPtr pSite);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int MapUrlToZone([MarshalAs(UnmanagedType.LPWStr)] [In] string pwszUrl, out uint pdwZone, uint dwFlags);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int GetSecurityId([MarshalAs(UnmanagedType.LPWStr)] string pwszUrl, [MarshalAs(UnmanagedType.LPArray)] byte[] pbSecurityId, ref uint pcbSecurityId, uint dwReserved);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int ProcessUrlAction([MarshalAs(UnmanagedType.LPWStr)] [In] string pwszUrl, uint dwAction, out byte pPolicy, uint cbPolicy, byte pContext, uint cbContext, uint dwFlags, uint dwReserved);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int QueryCustomPolicy([MarshalAs(UnmanagedType.LPWStr)] [In] string pwszUrl, ref Guid guidKey, ref byte ppPolicy, ref uint pcbPolicy, ref byte pContext, uint cbContext, uint dwReserved);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int SetZoneMapping(uint dwZone, [MarshalAs(UnmanagedType.LPWStr)] [In] string lpszPattern, uint dwFlags);

				[PreserveSig]
				[return: MarshalAs(UnmanagedType.I4)]
				int GetZoneMappings(uint dwZone, out IEnumString ppenumString, uint dwFlags);
			}

			public const int S_OK = 0;

			[DllImport("kernel32.dll", CharSet = CharSet.Unicode)]
			public static extern uint GetOEMCP();

			[DllImport("urlmon.dll", ExactSpelling = true)]
			public static extern int CoInternetCreateSecurityManager([MarshalAs(UnmanagedType.Interface)] object pIServiceProvider, [MarshalAs(UnmanagedType.Interface)] out object ppISecurityManager, int dwReserved);
		}

        public static class ZoneFetcher
        {
            public static uint GetZoneForFile(string filePath, uint flags = 0u)
            {
                object obj = null;
                int num = Testing123.NativeMethods.CoInternetCreateSecurityManager(null, out obj, 0);
                if (num != 0)
                {
                    throw new Win32Exception(num);
                }

                try
                {
                    Testing123.NativeMethods.IInternetSecurityManager internetSecurityManager = (Testing123.NativeMethods.IInternetSecurityManager)obj;
                    uint num2;

                    internetSecurityManager.MapUrlToZone(filePath, out num2, flags);
                    return num2;
                }
                finally
                {
                    if (obj != null) { Marshal.ReleaseComObject(obj); }
                }
            }
        }
    }
'@

$MUTZ_DONT_USE_CACHE = [uint32]0x00001000

$filePath = "C:\Users\dlwya_000\Downloads\Send-MailMessage.ps1"

Write-Verbose -Verbose 'Flag 0, before Unblock-File'
[Testing123.ZoneFetcher]::GetZoneForFile($filePath, 0) -as [System.Security.SecurityZone]

Unblock-File $filePath

Write-Verbose -Verbose 'Flag 0, after Unblock-File'
[Testing123.ZoneFetcher]::GetZoneForFile($filePath, 0) -as [System.Security.SecurityZone]

Write-Verbose -Verbose 'Flag MUTZ_DONT_USE_CACHE, after Unblock-File'
[Testing123.ZoneFetcher]::GetZoneForFile($filePath, $MUTZ_DONT_USE_CACHE) -as [System.Security.SecurityZone]