0

We have deployed a crossdomain.xml file into the root of Sharepoint 2010 instance in order to define the flash cross domain policy. In SP2007 this worked as expected, but it SP2010 the file name is blocked.

If we rename the file anything other than crossdomain.xml it's served. As soon as we name it what we want, it throws a 404 error.

Any ideas how to work around this? I'm guessing there must now be a way to control this file through SharePoint itself?

I've looking for an answer other than to copy the crossdomain.xml file into the root of IIS.

TheCodeKing
  • 19,064
  • 3
  • 47
  • 70
  • Can you answer your own question in a way that would help others? If you do, you can select yours as the correct answer. It may seem strange, but it is the preferred way of dealing with situations like this. –  Sep 19 '11 at 12:30

1 Answers1

3

I discovered the reason this doesn't work. It turns out in SharePoint 2010 the path crossdomain.xml and clientaccesspolicy are excluded from the virtual path provider, and therefore will never be served from the SharePoint content database.

The code is tucked away in the Sharepoint SPRequestModule (see below). The only sensible solution is to deploy the crossdomain.xml file to the root of IIS on each of the web servers, which is less than ideal.

[SharePointPermission(SecurityAction.Demand, ObjectModel=true)]
void IHttpModule.Init(HttpApplication app)
{
    if (app is SPHttpApplication)
    {
        if (!_virtualPathProviderInitialized)
        {
            lock (_virtualServerDataInitializedSyncObject)
            {
                if (!_virtualPathProviderInitialized)
                {
                    Dictionary<string, ExclusionAttributes> dictionary = new Dictionary<string, ExclusionAttributes>(StringComparer.OrdinalIgnoreCase);
                    dictionary["/app_themes"] = ExclusionAttributes.Folder;
                    dictionary["/app_browsers"] = ExclusionAttributes.Folder;
                    dictionary["/defaultwsdlhelpgenerator.aspx"] = ExclusionAttributes.File;
                    dictionary["/clientaccesspolicy.xml"] = ExclusionAttributes.File;
                    dictionary["/crossdomain.xml"] = ExclusionAttributes.File;
                    VirtualPathProvider virtualPathProvider = HostingEnvironment.VirtualPathProvider;
                    if ((virtualPathProvider != null) && virtualPathProvider.DirectoryExists("/"))
                    {
                        VirtualDirectory directory = virtualPathProvider.GetDirectory("/");
                        if (directory != null)
                        {
                            IEnumerable children = directory.Children;
                            if (children != null)
                            {
                                foreach (VirtualFileBase base2 in children)
                                {
                                    string str = base2.VirtualPath.TrimEnd(new char[] { '/' });
                                    ExclusionAttributes attributes = 0;
                                    if (base2.IsDirectory)
                                    {
                                        attributes |= ExclusionAttributes.Folder;
                                    }
                                    else
                                    {
                                        attributes |= ExclusionAttributes.File;
                                    }
                                    dictionary[str] = attributes;
                                }
                            }
                        }
                    }
                    _excludedFileList = dictionary;
                    SPVirtualPathProvider provider2 = new SPVirtualPathProvider();
                    HostingEnvironment.RegisterVirtualPathProvider(provider2);
                    _virtualPathProviderInitialized = true;
                }
                SPTemplateFileSystemWatcher.Local.Initialize();
                SPPerformanceCounterAgent current = SPPerformanceCounterAgent.Current;
            }
        }
        app.BeginRequest += new EventHandler(this.BeginRequestHandler);
        app.PostAuthenticateRequest += new EventHandler(this.PostAuthenticateRequestHandler);
        app.PostAuthorizeRequest += new EventHandler(this.PostAuthorizeRequestHandler);
        app.PostResolveRequestCache += new EventHandler(this.PostResolveRequestCacheHandler);
        app.PostAcquireRequestState += new EventHandler(this.PostAcquireRequestStateHandler);
        app.PreRequestHandlerExecute += new EventHandler(this.PreRequestExecuteAppHandler);
        app.PostRequestHandlerExecute += new EventHandler(this.PostRequestExecuteHandler);
        app.ReleaseRequestState += new EventHandler(this.ReleaseRequestStateHandler);
        app.Error += new EventHandler(this.ErrorAppHandler);
        app.PostLogRequest += new EventHandler(this.PostLogRequestHandler);
        app.EndRequest += new EventHandler(this.EndRequestHandler);
    }
}
TheCodeKing
  • 19,064
  • 3
  • 47
  • 70