Geek Answers Handbook

Clientaccesspolicy.xml is not requested for the first time in some browsers

I am having a weird problem calling crossdomain web service in Silverlight 4.

Immediately after launch, the application calls the web service on the same host from where it was downloaded, but on a different port (for example, the application is located at http://www.mydomain.com:80 , and the web service is http: // www.mydomain.com:81 ). SSL is not involved. The host provides the proper clientaccesspolicy.xml file, and everything works correctly most of the time (for example, 99.9%).

However, in some cases, the browser does not request clientaccesspolicy.xml, and as a result, the webservice call is blocked and fails with a cross-domain error.

Typically, this is the sequence of queries that you see with the Fiddler or Chrome developer tools:

  • index.html (the page hosting the silverlight application)
  • Silverlight.js
  • application.xap
  • clientaccesspolicy.xml (requested and downloaded correctly)
  • call webservice

In some cases, however, you only see

  • index.html (the page hosting the silverlight application)
  • Silverlight.js
  • application.xap
  • → cross-domain error (without clientaccesspolicy request, without calling a web service).

This only happens on a minority of machines (everything works under Windows 7), if all these conditions are true:

  • the application works in Chrome, Firefox or outside the browser (IE always works)
  • the first time the page loads (that is, if you click the browser reload button, the problem will disappear. Close / restart the browser and the first time you still have a problem)
  • Fiddler does not work (if you run traffic through Fiddler, the problem disappears). However, the Chrome developer tools do not work.
  • the machine is inside the same domain as the application server . If you go to a page from an external network (with the same device), there is no problem there.

On these machines, under these conditions, the problem is reproduced 100%.

What could be the reason for this? What steps can I follow to track the problem?

+7
source share
1 answer

This problem is obviously quite rare, but with some help from Microsoft, I found a solution. I am sending it for future reference, so hopefully this will not happen again.

As a security measure, Silverlight blocks any cross-domain call between the Internet zone and the local intranet zone . In this case, it does not even request clientaccesspolicy.xml. Therefore, if the application is hosted on the website www.myhost.com (in the Internet zone), Silverlight prevents it from calling the web service on www.another.com (local intranet zone).

This blog post explains this in detail.

So, if you have one or more of the following symptoms (even though they have rejected obvious crossdomain errors, such as a garbled or unulocal clientaccesspolicy.xml):

  • crossdomain error from some apparently random machines (several different locations / domains), but working with other machines.
  • clientaccesspolicy.xml is not requested at all
  • works with some browsers, not others. Apparently random, sometimes not working with any browser.
  • sometimes there is no problem when Fiddler is open, but error without starting Fiddler
  • everything works correctly on localhost

Perhaps you should try the following: to host the application host and web service in the same security zone:

  • go to IE security settings (these parameters are also used by any application that accesses the network, i.e. any other browser)
  • add the address where the application is hosted and the address where the web service is hosted to the Local intranet sites OR
  • uncheck the box "Automatically detect intranet network" (so that they both appear in the Internet zone )
+11
source

More articles:


All Articles