Cross Domain security error in Silverlight?

折月煮酒 提交于 2019-12-19 10:57:24

问题


I'm trying to read a feed from Yahoo Pipes into a Silverlight Application. I keep getting a SecurityException, which sounds like a cross domain policy problem, but Yahoo pipes, if you go through the pipes.yahooapis domain, has a cross domain policy, so should be ok. I tried the exact same code, but going to the Digg API, and it works fine (although this is rest rather than an rss feed). Could my error have nothing to do with Cross Domain policies?

I use the following code for the web request :

 WebClient wc = new WebClient();    
 wc.DownloadStringAsyncCompleted += new DownloadStringCompletedEventHandler(wc_DlStrCompleted);    
 wc.DownloadStringAsync(new Uri(yahooPipesUrl));

The exception I get is a System.Security.SecurityException.

The url I'm trying is this one

http://pipes.yahooapis.com/pipes/pipe.run?_id=4rBri9Ef3RG8CEGLLe2fWQ&_render=rss&feedUrl=http://feeds.feedburner.com/follesoe


回答1:


The policy file in place is:

<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> 
<cross-domain-policy> 
  <site-control permitted-cross-domain-policies="master-only" /> 
  <allow-access-from domain="*" /> 
</cross-domain-policy>

There is a current problem that Silverlight does not work with the entire Flash Cross Domain Policy file format...I would expect that the site-control element is breaking it.




回答2:


The crossdomain.xml policy file at http://pipes.yahooapis.com/crossdomain.xml specifies only secure (https:) requests in the allow-access-from element. See the documentation about the format here:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
  <site-control permitted-cross-domain-policies="master-only" />
  <allow-access-from domain="*" secure="true" />
</cross-domain-policy>



回答3:


There is no Client Access policy file at http://pipes.yahoo.com/crossdomain.xml or http://pipes.yahoo.com/clientaccesspolicy.xml

Therefore the SecurityException is correct behavior.

What is the exact URL that you are trying to access?



来源:https://stackoverflow.com/questions/428461/cross-domain-security-error-in-silverlight

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!