I'm trying to read a feed from Yahoo Pipes into a Silverlight Application. I keep getting a SecurityException, which sounds like a cross domain policy problem, but Yahoo pipes, if you go through the pipes.yahooapis domain, has a cross domain policy, so should be ok. I tried the exact same code, but going to the Digg API, and it works fine (although this is rest rather than an rss feed). Could my error have nothing to do with Cross Domain policies?
I use the following code for the web request :
WebClient wc = new WebClient();
wc.DownloadStringAsyncCompleted += new DownloadStringCompletedEventHandler(wc_DlStrCompleted);
wc.DownloadStringAsync(new Uri(yahooPipesUrl));
The exception I get is a System.Security.SecurityException.
The url I'm trying is this one
The policy file in place is:
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" />
<allow-access-from domain="*" />
</cross-domain-policy>
There is a current problem that Silverlight does not work with the entire Flash Cross Domain Policy file format...I would expect that the site-control element is breaking it.
The crossdomain.xml policy file at http://pipes.yahooapis.com/crossdomain.xml specifies only secure (https:) requests in the allow-access-from element. See the documentation about the format here:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" />
<allow-access-from domain="*" secure="true" />
</cross-domain-policy>
There is no Client Access policy file at http://pipes.yahoo.com/crossdomain.xml or http://pipes.yahoo.com/clientaccesspolicy.xml
Therefore the SecurityException is correct behavior.
What is the exact URL that you are trying to access?
来源:https://stackoverflow.com/questions/428461/cross-domain-security-error-in-silverlight