Silverlight 3, SSL, and ClientAccessPolicy.xml

If you're new to Silverlight 3, there seems to be some required changes to the infamous clientaccesspolicy.xml to enable cross domain webservice calls. The typical clientaccesspolicy file that's worked fine in SL2 would not work for us with SL3. Couple that with the requirement of SSL, and this gets kind of tricky.  We beat our heads against the wall for quite some time and finally came up with a solution.  Here's an example of a clientaccesspolicy.xml file that works in SL3 with HTTP or HTTPS.  Note the parts in RED.

<?xml version="1.0" encoding="utf-8"?> 

<access-policy>

  <cross-domain-access>

    <policy>

      <allow-from http-request-headers="*" >

                <domain uri="https://*" />

                <domain uri="https://*" />

      </allow-from>

      <grant-to>

        <resource path="/" include-subpaths="true"/>

      </grant-to>

    </policy>

  </cross-domain-access>

</access-policy>

Comments

  • Anonymous
    July 04, 2010
    You guys rock! Thanks so much this was messing me around for a whole day!!!
  • Anonymous
    July 12, 2010
    How clientaccesspolicy.xml  embed in application