wildcard allow-from uri in clientaccesspolicy.xml failing for Silverlight access to WCF

I've successfully created and am currently using a clientaccesspolicy.xml file to expose my WCF to my Silverlight client, with an allow-from domain uri of http://*. I'd like to tighten it up by using a more specific uri like http://www.foobar.com or http://*.foobar.com, but when I use those uris, I get SecurityExceptions in my Silverlight client.

For reference, here is the currently working clientaccesspolicy.xml:

<?xml version="1.0" encoding="utf-8"?>

<access-policy>

<cross-domain-access>

<policy>

<allow-from http-request-headers="SOAPAction">

<domain uri="http://*"/>

</allow-from>

<grant-to>

<resource path="/" include-subpaths="true"/>

</grant-to>

</policy>

</cross-domain-access>

</access-policy>

I've tried changing http-request-headers to "*" to no avail. And I've verified that wildcard uris (and resource paths) work for me when securing non-WCF resources like .txts or .pngs. My clientaccesspolicy.xml is living in the same directory as the .svc.

I can't use a crossdomain.xml, as that doesn't allow specific uris (see http://msdn.microsoft.com/en-us/library/cc838250(VS.95).as开发者_Python百科px).

Thanks!

Try removing "http://" from the URIs. For example:

<domain uri="*.foobar.com"/>