Silverlight-to-WCF cross-domain exception, but clientaccesspolicy.xml is being read successfully

clientaccesspolicy.xml:

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*" />
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true" />
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

crossdomain.xml:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy>
<cross-domain-policy>
  <allow-http-request-headers-from domain="*" headers="*" secure="true" />
</cross-domain-policy>

Nothing fancy here, it's the standard set开发者_Python百科up millions of WCF services use to allow Silverlight clients to access them. Unfortunately this setup is not working in the live environment I deployed to. The pre-production environment used to test the deploy is setup identically to live (or so the sysadmins claim) and everything works perfectly there, which is why I am so confused.

I had one of the sysadmins trace the request from the Silverlight client using HTTPDebuggerPro, and it shows that the client is retrieving both clientaccesspolicy.xml and crossdomain.xml without issue (HTTP status 200). However, after requesting those files, the client tries to make a call to the service and immediately receives a CrossDomainException.

I have also tried getting the sysadmins to add the WCF service URL to Internet Explorer's "Allowed Sites" list on the box that the Silverlight client is hosted on (as per the last sentence of the last paragraph from http://blogs.msdn.com/b/fiddler/archive/2010/11/22/fiddler-and-silverlight-cross-zone-cross-domain-requests.aspx) but that didn't work either.

HALP!

Is clientaccesspolicy.xml placed in the root of your domain?