1

I'm trying to write a function in my Silverlight app that requests a particular page that doesn't exist on the same domain as where my Silverlight app is hosted.

For example:

However, this generates a 'SecurityException':

{System.Security.SecurityException: Security error. at System.Net.Browser.ClientHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult) at System.Net.Browser.ClientHttpWebRequest.EndGetResponse(IAsyncResult asyncResult) ...}

From what I understand, this is related to cross-domain requests being restricted, and found some posts that mentioned that this article (http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx) might be related.

Here's my code:

public static void CheckPageContentsAsync(CheckPageContentsCallback callback, DependencyObject uiObject)
{
    bool result = false;
    try
    {
        HttpWebRequest request = WebRequest.CreateHttp("http://www.mysite.com/MyPage.aspx");
        request.BeginGetResponse((asyncHandle) =>
        {
            try
            {
                uiObject.Dispatcher.BeginInvoke(new VoidDelegate(() =>
                {

                    HttpWebResponse response = (HttpWebResponse)request.EndGetResponse(asyncHandle);
                    using (StreamReader sr = new StreamReader(response.GetResponseStream()))
                    {
                        string content = sr.ReadToEnd();
                        if (content.Contains("Value"))
                        {
                            result = true;
                        }

                        if (callback != null)
                        {
                            callback.Invoke(result);
                        }
                    }
                }), null);
            }
            catch (Exception excep)
            {
                throw new Exception("Failed to process response.", excep);
            }
        }, null);
    }
    catch(Exception excep2)
    {
        throw new Exception("Failed to generate request.", excep2);
    }
}

Haven't been able to make much sense of the applicability of the "clientaccesspolicy.xml" or "crossdomain.xml" files as a solution.

Can anyone explain clearly how I modify my app, or the web server I'm requesting from, to resolve this issue?

Improve this question

1 Answer 1

Reset to default
1

I use to copy this file in the root of my app:

<cross-domain-policy>
    <allow-access-from domain="*.*" headers="SOAPAction"/>
    <allow-http-request-headers-from domain="*.*" headers="SOAPAction"/> 
    <site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

Name it crossdomain.xml.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Where is said "root of app"? Is this stored next to the XAP file? Root of the site that serves the XAP? Root of the site where I want to request from?
The permission must be granted by the server that needs to respond to the Silverlight's requests, so it must stay on that server, not the server that will serve the .xap file. Root means the domain's root, like: www.mydomain.com/crossdomain.xml

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.