Skip Navigation LinksHome / Articles / View Article

Silverlight X-Domain Scenario

+ Add to SilverlightShow Favorites
0 comments   /   posted by Emil Stoychev on Jun 26, 2008
(0 votes)
Categories: Tips and Tricks

Yesterday we've published Silvester - Silverlight Twitter widget and the idea was to let people put it on their blogs. To use the widget you need only an HTML snippet placed somewhere on your blog/profile page. The snippet contains an <object> tag that refers the widget's XAP file from our domain. So what you actually do is refer a resource from other domain, a.k.a x-domain scenario or cross-domain scenario.

Silverlight is a client technology and as such it sets a lot security requirements to keep the applications secure by default.

What I should do if I want to use a XAP file from other domain?

For security reasons in cross-domain activation scenarios all interaction between the host HTML page and the Silverlight application is disabled by default. To make your Silverlight application available for use in an x-domain scenario you need to set the ExternalCallersFromCrossDomain property in the AppManifest.xml file.

   1: <Deployment xmlns="http://schemas.microsoft.com/client/2007/deployment"
   2:     xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
   3:     ExternalCallersFromCrossDomain="FullAccess">
   4:     ...
   5: </Deployment>

ExternalCallersFromCrossDomain is an enumeration of type System.Windows.CrossDomainAccess with the following values:

  • NoAccess - default in a cross-domain scenario - no access for cross domain callers
  • ScriptableOnly - script access only, i.e. access to Scriptable objects

More info about this is available on MSDN.

Related Articles

Deployment.ExternalCallersFromCrossDomain Property on MSDN

CrossDomainAccess Enumeration on MSDN

HTML Bridge: Security Settings on MSDN

Breaking Changes Between Beta 1 and Beta 2 on MSDN

Share


Comments

Comments RSS RSS
No comments

Add Comment

 
 

   
  
  
   
Please add 3 and 4 and type the answer here:

Join the free SilverlightShow webcast 'Running Silverlight Outside the Browser and with Elevated Trust'. Sept 7th, 8 am - 9 am PDT.
In this live session Chris Anderson will cover configuring and debugging OOB mode, toast notifications, elevated trust, direct file access and much more.
Learn more | Register | See more webinars (hide this)