开发者

How do you build a clientaccesspolicy.xml for this API?

问答 作者:

I have a RESTlike API that I want to access from Silverlight. It needs to support the following:

  • All requests are made over SSL
  • Allow GET, POST, PUT, DELETE (or just any)
  • Allow any request headers
  • Allow requests from any host
    • 开发者_开发技巧

Pretty much wide open. I'm a little confused by the docs so does anyone have an example of what it might look like?

Something wide-open but only allowing https and not http would look something like this and would need to be named clientaccesspolicy.xml and placed in the web root: 

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*" http-methods="*">
        <domain uri="https://*" />
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

If you want to allow both http and https access you need to explicitly list both of them under the allow-from node as it is opt-in and a simple * wildcard will not work for SSL.

Edit: Added http-methods="*" per John's comment to allow methods other than GET and POST.

Here is the MSDN Documentation on the matter: Making a Service Available Across Domain Boundaries.

Some hints on where to get started:

  • Get Tim Heuer's Cross Domain helpers
  • Use Silverlight Spy's Cross-domain Access Policy Validator if you get stuck: http://timheuer.com/blog/archive/2008/04/06/silverlight-cross-domain-policy-file-snippet-intellisense.aspx

继续阅读:clientaccesspolicy.xmlsilverlight

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9