21 March, 2010

Silverlight: cross domain calls to WCF service

I’m building a system with Silverlight (SL) on the Client side and some wcf-services supporting this client. Now – as the wcf-services are located in services.mydomain.com; and the SL client is exposed on www.mydomain.com – I’m having a problem.
It turns out that the SL cross domain calls are disabled by default, but needs to be allowed on the service (?). How bizarre is this? Why is it not the SL client that needs to be allowed to be calling out of the “native” domain (www.mydomain.com)? It seems very “reverse” to me?

Anyway – an xml-file named (clientaccesspolicy.xml) should be placed in the root of your domain (not webserver!). It seems a common misconception that it should be placed in the root of the webserver. This is not technically correct, it should be exposed like this instead: www.mydomain.com/clientaccesspolicy.xml. That this also happens to be the root of the webserver in some cases, is just pure coincidence.

Now – the really important part is this: remember to add the attribute (http-request-headers=”*”) to the “allow-from” tag (see below). Otherwise you are continuously presented with problems on the Client when calling out from the SilverLight application/control.

Code Snippet
  1. <?xml version="1.0" encoding="utf-8"?>
  2. <access-policy>
  3.   <cross-domain-access>
  4.     <policy>
  5.       <allow-from http-request-headers="*">
  6.         <domain uri="*"/>
  7.       </allow-from>
  8.       <grant-to>
  9.         <resource path="/" include-subpaths="true"/>
  10.       </grant-to>
  11.     </policy>
  12.   </cross-domain-access>
  13. </access-policy>

No comments:

InRiver: Not loading your extensions?

(You really need to in the loop to appreciate the issue this post addresses). Man, I've been fighting this problem for hours before I ...