The missing link in my IIS7 + Silverlight 3.0 + WCF Service app is the cross domain policy. Are there any instructions on how to create/obtain such a policy. I understand that there are two xml files that need to go in the web root of the app. What do I put in them, how do I format them, does some template exist which indicates which fields need to be filled in? Are there instructions somewhere on msdn which explain how to do this? I'm just about out of possible terms to query google with, any pointers would be appreciated.
Silverlight looks for clientaccesspolicy.xml (which is specific to silverlight) if thats not found it will fall back on crossdomain.xml which can also be used by flash for instance. You only need one of those (sockets only work with clientaccesspolicy.xml but webclient and http work with both).
Lets stick with clientaccesspolicy.xml for now since there are less caveats and the crossdomain.xml support was only added to catch up with flash since public services like flickr already have one.
The DTD including description for clientaccesspolicy.xml is at <a href="http://msdn.microsoft.com/en-us/library/cc645032%28VS.95%29.aspx" rel="nofollow">this page on MSDN</a>
this basic example should get your started
<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> <!-- Allows calls from every domain --> </allow-from> <grant-to> <resource path="/api" include-subpaths="false"/> <!-- Only allows domain/api? to be called nothing else including api.txt, api/foo etc... --> </grant-to> </policy> </cross-domain-access> </access-policy>Answer2:
Well, I think this might be the answer, but other answers are certainly welcome for discussion, esp. since we cant close the thread yet anyway...
<a href="http://timheuer.com/blog/archive/2008/04/06/silverlight-cross-domain-policy-file-snippet-intellisense.aspx" rel="nofollow">http://timheuer.com/blog/archive/2008/04/06/silverlight-cross-domain-policy-file-snippet-intellisense.aspx</a>