stackoom
  简体   繁体   中英

SecurityException from using HttpWebRequest cross-domain in Silverlight 4

 原文  2011-04-01 22:00:14       c#/ security/ silverlight-4.0/ httpwebrequest/ cross-domain

Question

I'm trying to write a function in my Silverlight app that requests a particular page that doesn't exist on the same domain as where my Silverlight app is hosted.

For example:

However, this generates a 'SecurityException':

{System.Security.SecurityException: Security error. at System.Net.Browser.ClientHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult) at System.Net.Browser.ClientHttpWebRequest.EndGetResponse(IAsyncResult asyncResult) ...}

From what I understand, this is related to cross-domain requests being restricted, and found some posts that mentioned that this article (http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx) might be related.

Here's my code: 

public static void CheckPageContentsAsync(CheckPageContentsCallback callback, DependencyObject uiObject)
{
    bool result = false;
    try
    {
        HttpWebRequest request = WebRequest.CreateHttp("http://www.mysite.com/MyPage.aspx");
        request.BeginGetResponse((asyncHandle) =>
        {
            try
            {
                uiObject.Dispatcher.BeginInvoke(new VoidDelegate(() =>
                {

                    HttpWebResponse response = (HttpWebResponse)request.EndGetResponse(asyncHandle);
                    using (StreamReader sr = new StreamReader(response.GetResponseStream()))
                    {
                        string content = sr.ReadToEnd();
                        if (content.Contains("Value"))
                        {
                            result = true;
                        }

                        if (callback != null)
                        {
                            callback.Invoke(result);
                        }
                    }
                }), null);
            }
            catch (Exception excep)
            {
                throw new Exception("Failed to process response.", excep);
            }
        }, null);
    }
    catch(Exception excep2)
    {
        throw new Exception("Failed to generate request.", excep2);
    }
}

Haven't been able to make much sense of the applicability of the "clientaccesspolicy.xml" or "crossdomain.xml" files as a solution.

Can anyone explain clearly how I modify my app, or the web server I'm requesting from, to resolve this issue?

1 answers

solution1
 1  2011-04-01 23:00:06

I use to copy this file in the root of my app: 

<cross-domain-policy>
    <allow-access-from domain="*.*" headers="SOAPAction"/>
    <allow-http-request-headers-from domain="*.*" headers="SOAPAction"/> 
    <site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

Name it crossdomain.xml.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Uploading a blob using HttpWebRequest in silverlight 5 causes SecurityException Silverlight HttpWebRequest SecurityException How to evade Silverlight cross-domain security law? Using a “cross-domain” to front a login for another domain Securing a cross-domain call SignalR & Cross-Domain on AzureWebsite Silverlight Cross-domain issue with WCF self-hosted in windows service How do I disable silverlight cross-domain content protection for WriteableBitmap Silverlight cross domain calls EnableCrossAppRedirects - Where is the cross-domain feature documented?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM