W3C home > Mailing lists > Public > public-webapi@w3.org > April 2008

Cross-domain access in Silverlight 2 Beta 1

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Mon, 14 Apr 2008 21:55:36 +0200
To: public-appformats@w3.org
Message-ID: <inb7049njl8mrttkm0b00onr24ic7cvvd6@hive.bjoern.hoehrmann.de>


  Studying Microsoft's XDR proposal I checked how the problem is solved
in the recently published Silverlight 2 Beta 1. From the documentation
and a couple of tests (with version 2.0.30226.2 running under IE7 on XP)
I understand the following:

  * Cross-domain HTTP requests are subject to policy files on servers,
    specifically Silverlight supports a subset of the crossdomain.xml
    format (the limitation appears to be that only "*" is allowed as
    domain attribute value), and a similar Silverlight-specific format
    clientaccesspolicy.xml which allows additional control. Details:

  * In both the requests for the policy files and the ultimate request
    cookies as Internet Explorer has stored them are sent along. POST
    and GET can be used, HEAD and DELETE failed in my tests. Attributes
    and methods to manipulate headers seem to be missing, except for
    the Content-Type header. The Referer header is not used. I used
    HttpWebRequest from a C# application for these tests.

  * The socket support is limited to a specific port range with a same
    origin policy. According to the documentation: "Site of origin
    connectivity is intended only as an interim solution until the full
    cross-domain model can be put in place for Silverlight 2." Details:

  * There appears to be no "XDR" support.

Note this is pre-release software/documentation and subject to change.

Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Monday, 14 April 2008 19:56:21 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:26 UTC