Silverlight 5 clientaccesspolicy.xml [英] Silverlight 5 clientaccesspolicy.xml

问题描述

我有一个Silverlight 5应用程序，该应用程序通过IIS 6(位于mydomain.com/service.svc)托管在一个单独的域(服务器)上，通过HTTPS向WCF数据服务发出请求.

I have a Silverlight 5 app that is making requests to a WCF data service over HTTPS on a separate domain (server) hosted via IIS 6 (at say mydomain.com/service.svc).

silverlight应用程序收到一个SecurityException，我认为这与找不到适当的clientaccesspolicy.xml文件有关.我在mydomain.com的wwwroot文件夹中定义了一个clientaccesspolicy.xml文件，看起来像

The silverlight app gets a SecurityException, which I assume is related to not finding a proper clientaccesspolicy.xml file. I have a clientaccesspolicy.xml file defined at mydomain.com's wwwroot folder that looks like

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

奇怪的是，在查看Fiddler流量时，从来没有尝试过请求mydomain.com/clientaccesspolicy.xml.

The weird part is that when looking at Fiddler traffic, there is never a request attempted for mydomain.com/clientaccesspolicy.xml.

另一件事是，clientaccesspolicy.xml仅通过https提供(该服务器上的IIS设置仅允许ssl/tls连接)，所以这可能是问题的一部分吗?

The other thing is that the clientaccesspolicy.xml is served only over https (IIS setting on that server only allows ssl/tls connections), so could that be part of the problem?

推荐答案

您可以尝试在允许的来源中明确添加https://

You might try adding https:// explicitly in your allow-from:

<allow-from http-request-headers="*">
  <domain uri="http://*"/>
  <domain uri="https://*" />
</allow-from>

我认为当您尝试直接打文件时，您会看到它(IIS实际上正在提供它).

I assume when you try to hit the file directly you see it (IIS is actually serving it).

这篇关于Silverlight 5 clientaccesspolicy.xml的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！