未通过 HTTPS 请求 clientaccesspolicy.xml [英] clientaccesspolicy.xml not being requested via HTTPS

问题描述

我有一个 Silverlight 应用程序，它在开发过程中一直使用 http 与自托管 WCF 服务进行通信.我现在通过 https 保护服务.我在项目开始时遇到了一个错误:

I have a silverlight app that has been using http to communicate w/self-hosted WCF services during development. I am now securing the services via https. I am getting an error I had back at the beginning of the project:

尝试向 URI 'https://localhost:8303/service<发出请求时发生错误/a>'.这可能是由于在没有适当的跨域策略的情况下尝试以跨域方式访问服务，或者策略不适合 SOAP 服务.您可能需要联系服务的所有者以发布跨域策略文件并确保它允许发送与 SOAP 相关的 HTTP 标头.此错误也可能是由于在 Web 服务代理中使用内部类型而不使用 InternalsVisibleToAttribute 属性造成的.详情请参阅内部异常.

我的 clientaccesspolicy.xml 文件设置为允许从 http://* 和 https://* 访问.唯一的区别是使用 http 与 https.在我切换到 https 之前，我可以看到(通过 Fiddler)请求的 clientaccesspolicy.xml 文件，但现在我看不到.我现在看到的只是对 CONNECT localhost:8303 HTTP/1.0 的两次调用......它似乎正在访问服务器根目录，但没有请求 clientaccess 文件.有什么想法吗?

My clientaccesspolicy.xml file is setup to allow access from http://* and https://*. The only difference is using http vs https. Before I switched to https I could see (via Fiddler) the clientaccesspolicy.xml file being requested, but now I cannot. All I see now is two calls to CONNECT localhost:8303 HTTP/1.0...it seems to be hitting the server root, but not requesting the clientaccess file. Any ideas?

推荐答案

您是否使用自签名证书?如果是这样，您是否在浏览器中添加了服务器域(看起来您的服务在本地主机上，给出了错误消息)作为证书异常?

Are you using a self-signed cert? And if so, have you added the server domain (looks like your service is on localhost given the error message) as a certificate exception in your browser?

这可能不是您的问题，但在尝试通过带有自签名证书的 SSL 访问 WCF 服务之前，当域未明确添加为浏览器设置中的例外时，我遇到了安全例外.如果您通过 HTTP 访问您的应用程序，但通过 HTTPS 访问您的服务，则浏览器永远不会提示您添加例外.

This may not be your problem, but I have gotten security exceptions before trying to access WCF services via SSL with a self-signed cert when the domain was not explicitly added as an exception in the browser settings. If you are accessing your application via HTTP but your services via HTTPS the browser never prompts you to add the exception.

如果这不是您的问题，这里有几篇博文可能对让 SSL 在 Silverlight 中工作有所帮助:

Here are a couple of blog posts that may be of some help getting SSL to work in Silverlight if that's not your problem:

http://kevindockx.blogspot.com/2009/12/getting-silverlight-to-work-over-ssl.html

http://timheuer.com/blog/archive/2008/10/14/calling-secure-services-with-silverlight-2-ssl-https.aspx

这篇关于未通过 HTTPS 请求 clientaccesspolicy.xml的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！