0

I am trying to post a cross-domain HTTP request but keep getting a SecurityException instead of a response.

I have added a clientaccesspolicy.xml:

<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

aswell as a crossdomain.xml:

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
  <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

to the silverlight app and set both to content + copy always.

What am I doing wrong?

Jaster
  • 8,255
  • 3
  • 34
  • 60

1 Answers1

0

Do the xml files exist on the root of the sites? Maybe you could let Fiddler or any other network monitor run while attempting to access the service, this way you can see a 404 to the xml files and see where it goes wrong.

edit: also, you only need a clientaccesspolicy.xml if you are using Silverlight. The crossdomain.xml is a flash based domain policy file which Silverlight also understands.

Rody
  • 2,675
  • 1
  • 22
  • 40
  • I am working localy atm. Do these files need to exist on the target? – Jaster Apr 11 '12 at 13:41
  • Yes, they should. See: http://msdn.microsoft.com/en-us/library/cc645032(v=vs.95).aspx – Rody Apr 11 '12 at 13:52
  • so it is not possible to access any resources located on other domains then my own when I use silverlight? As said the xml files exist. – Jaster Apr 11 '12 at 14:11
  • Correct, just ask the webservice owners to place a file in the root on their service. – Rody Apr 11 '12 at 15:10
  • 1
    If you can access the service (e.g. http webservice) over browser (get methode) you could also use a proxy to access that service which has no policyfile. – Gero Apr 12 '12 at 13:42