Silverlight 3, SSL, and ClientAccessPolicy.xml


If you’re new to Silverlight 3, there seems to be some required changes to the infamous clientaccesspolicy.xml to enable cross domain webservice calls. The typical clientaccesspolicy file that’s worked fine in SL2 would not work for us with SL3. Couple that with the requirement of SSL, and this gets kind of tricky.  We beat our heads against the wall for quite some time and finally came up with a solution.  Here’s an example of a clientaccesspolicy.xml file that works in SL3 with HTTP or HTTPS.  Note the parts in RED.


<?xml version=”1.0″ encoding=”utf-8″?> 


<access-policy>


  <cross-domain-access>


    <policy>


      <allow-from http-request-headers=”*”>


                <domain uri=”http://*” />


                <domain uri=”https://*” />


      </allow-from>


      <grant-to>


        <resource path=”/” include-subpaths=”true”/>


      </grant-to>


    </policy>


  </cross-domain-access>


</access-policy>

Comments (2)

  1. Laurence73 says:

    You guys rock! Thanks so much this was messing me around for a whole day!!!

  2. Anonymous says:

    How clientaccesspolicy.xml  embed in application