Silverlight 3 ClientAccessPolicy.xml


WHY DO WE HAVE SILVERLIGHT CLIENTACCESS POLICY.XML FILE?

But before going in detail of this ….  first we see how this file look and where do we have to keep this…

ClientAccessPolicy.xml (Traditional)

<?xml version=”1.0″ encoding=”utf-8″?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri=”*”/>
</allow-from>
<grant-to>
<resource path=”/” include-subpaths=”true”/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>

But, with Silverlight 3 we have to make some changes  in the file

<?xml version=”1.0″ encoding=”utf-8″?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers=”*>

<domain uri=”http://*”/><domain uri=”https://*”/&gt;

</allow-from”>
<grant-to>
<resource path=”/” include-subpaths=”true”/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>

WHERE DO WE KEEP IT ?

under inetpub > wwwroot folder in C:

COMING BACK – Why do we need this.

Basically, when one has to access some services for eg: WCF service and it is hosted in some other domain and the same service has to be accessed in silverlight application which is in some other domain then we have to make use of this file and keep the same in the inetpub root folder.

COMING TO THE TECHNICAL DETAILS :

Silverlight 3 provides the following two means for network applications to connect with the remote host :

1.) WebClient and HTTP classes in System.net namespace – these classes use HTTP and HTTPS protocol for n/w connection.

2.) Socket Classes in System.Net.Sockets namespace – these classes provide a low-level socket interface.

So, now for both there is need to provide the security and prevent Silverlight Application from providing access to unauthorized connections. These attacks can be –

DOS (Denial of Service attacks), DNS Rebinding attacks, Reverse tunnel attacks.

Advertisements

5 responses to “Silverlight 3 ClientAccessPolicy.xml

  1. I appreciate, result in I found exactly what I used to be having a look for.

    You have ended my four day long hunt! God Bless you man.

    Have a great day. Bye

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s