Silverlight Tip of the Day #64 – Deploying a Silverlight Application with a Web Service
In Tip of the Day #42 I discussed how to create Silverlight-enabled WCF web service. In this tip I will discuss the steps necessary to take in order to publish and deploy the web service with your Silverlight application on your server.
For security reasons, in order for Silverlight to talk with your web service on your server it will first request the file clientaccesspolicy.xml. This prevents attacks such as cross-site forgery from happening. If this file is not present it then checks for the Adobes default crossdomain.xml file. If at least one of these files are not found you will get an exception thrown by Silverlight. See Tip of the Day #63 for details on this error and how to see it happening. One of these files will need to be at the root directory of your web site (I.e. c:\inetpub\wwwroot).
This following configurations for these files allow access from any other domain to all resources on the current domain. You will want to configure these to meet your needs.
ClientAccessPolicy.xml –
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
CrossDomain.xml:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
For more on making your service available across domain boundaries see: http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx
Thank you,
--Mike Snow
Subscribe in a reader