Silverlight: HTTP DELETE and PUT methods with RestSharp

Question

I wanted to access an internal REST API from Silverlight, but it turns out that I am not allowed to use POST or DELETE as the HTTP method for my request.

Doing so always

Answer 1

Another solution I came up with is setting in RestSharp the X-HTTP-Method-Override header, and just send POST request.

This might also be useful if you can just modify the client code, but the server has an unusuable clientaccesspolicy.xml.

In my API class I use this code

if (request.Method == Method.PUT || request.Method == Method.DELETE)
{
    request.AddHeader("X-HTTP-Method-Override", request.Method.ToString());
    request.Method = Method.POST;
}

Answer 2

SecurityException probably means the API doesn't have the proper clientaccesspolicy.xml file in place. Here's an example of a very lenient one that allows all HTTP methods and headers. We have used this successfully for our API (which is popular, though I don't know how much traffic we get from Silverlight).

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*" http-methods="*">
        <domain uri="http://*" />
        <domain uri="https://*" />
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true" />
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

This needs to be placed in a clientaccesspolicy.xml file at the root of the domain the API you are trying to use is on.