问题
I have a Silverlight 5 app that is making requests to a WCF data service over HTTPS on a separate domain (server) hosted via IIS 6 (at say mydomain.com/service.svc).
The silverlight app gets a SecurityException, which I assume is related to not finding a proper clientaccesspolicy.xml file. I have a clientaccesspolicy.xml file defined at mydomain.com's wwwroot folder that looks like
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
The weird part is that when looking at Fiddler traffic, there is never a request attempted for mydomain.com/clientaccesspolicy.xml.
The other thing is that the clientaccesspolicy.xml is served only over https (IIS setting on that server only allows ssl/tls connections), so could that be part of the problem?
回答1:
You might try adding https:// explicitly in your allow-from:
<allow-from http-request-headers="*">
<domain uri="http://*"/>
<domain uri="https://*" />
</allow-from>
I assume when you try to hit the file directly you see it (IIS is actually serving it).
回答2:
Give this a try:
<allow-from http-request-headers="*">
<domain uri="*"/>
<domain uri="https://*" />
</allow-from>
来源:https://stackoverflow.com/questions/13122875/silverlight-5-clientaccesspolicy-xml