Skip to main content

Silverlight 2.0 Beta1 CrossDomain Issues

Preparing for my upcoming "What's New with ASP.NET 3.5 Extensions" presentation at the Central Ohio Day of .Net, I ran into a roadblock with my simple Silverlight demo.

I have a Silverlight application calling an ASP.Net Web Service (traditional ASMX). The Silverlight application is hosted on an ASPX page served up in an ASP.Net Web Application.

I kept receiving a mix of the following two errors:

An exception of type 'System.ServiceModel.CommunicationException' occurred in System.ServiceModel.dll but was not handled in user code

Additional information: [CrossDomainError]

---------------------------------------------------------------

An exception of type 'System.ServiceModel.ProtocolException' occurred in System.ServiceModel.dll but was not handled in user code

Additional information: [UnexpectedHttpResponseCode]
Arguments:Not Found

Essentially, this is saying, "hey this control/page you're browsing on safesite.com is trying to interact with something over on unsafesite.com...and we're preventing it". Good for security, bad for demos.

Originally, when creating my Silverlight application, I chose the "Generate an HTML test page to host Silverlight within this project" option instead of creating a new web application. Bad idea. You'll always experience this cross domain issue using the HTML hosting page while calling a backend service. I quickly switched to a web application.

The easiest fix for me was to switch the web site and web service from using Cassini  localhost with dynamic ports to the machine name and named virtual directories.

Here's my original properties on the web service project:

image

I switched it to:

image

The fine folks at Microsoft even provided a helpful "Create Virtual Directory" button.

Within my Silverlight project, I also needed to update the Service Reference (orginal):

image

I switched it to:

image

After you Configure Service Reference (above), make sure you Update Service Reference (below) to update the configuration code built for you by Visual Studio:

image

Despite the Silverlight 2.0 Beta1 recent release, there is much traffic about this issue in the forums and on blogs. It's actually nothing new. I ran into this issue with Flash a while back. Another, more production-ready solution is to leverage a policy file indicating to the object (Silverlight, in this case) that it's ok to interact with a particular service on some other domain. This is a file named crossdomain.xml and/or clientaccesspolicy.xml. More information at "Some tips on cross-domain calls" and "How to: Make a Service Available Across Domain Boundaries".

RELATED

Silverlight 2.0 and WCF

Silverlight Forums CrossDomainError

Comments

Kevin said…
Intersting post and good to know to watch out for this.

Popular posts from this blog

TFS Error | The type initializer for 'Microsoft.TeamFoundation.Build.Server.BuildInformationNodeBinder' threw an exception.

Posting this one for the search engines. If you ever receive the exception "The type initializer for 'Microsoft.TeamFoundation.Build.Server.BuildInformationNodeBinder' threw an exception.", more than likely, your drive space is at 0 on your TFS application tier box.

I encountered this at a client recently. The root cause was that IIS logs had filled up the OS drive (C:\). I switched IIS logging to the applications drive (D:\) which cleaned up the OS drive and resolved the issue.

Detailed message:


TF53010: The following error has occurred in a Team Foundation component or extension:


Date (UTC): 6/7/2011 4:18:53 PM

Machine: TFSATBOX

Application Domain: /LM/W3SVC/8080/ROOT/tfs-1-129519118182628600

Assembly: Microsoft.TeamFoundation.Framework.Server, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a; v2.0.50727

Service Host: 7ecfbd77-b386-4d75-b038-b05474782696 (DefaultCollection)

Process Details:

Process Name: w3wp

Process Id: 3676

Thread Id: 5752

Ac…

Verified by Visa: Everything We Tell Folks to Avoid

Phishing is defined by F-Secure as: "Fraudulent e-mail or website claiming to be legitimate seeking indentifiable information. Phishing is an attempt to steal your personal data."When I recently attempted an online purchase from WalMart using my VISA card, being a security wanta-be, I immediately thought phishing when redirected to verifiedbyvisa.com and saw this dialog:

Seriously, these folks have to be kidding. You're asking for my personal data during a transaction and claim that's its a service "...at no additional cost." Wow! Thanks...but absolutely not, you jokers. As a malicious thief, I can go a long way with this data.

This is exactly the type of experience which aids malfeasance and the folks trying to steal personal data / identities. How long have we been working to educate folks to avoid providing this type of data under these type of circumstances? Years. And we're just now starting to turn the corner.

VISA, get rid of this! When folks submi…

Windows 10 Creator's Update and Office Conflicts

Recently, Microsoft pushed the "Creators Update" out to Windows 10. It was available in April but it seems to have been force-pushed in the past 2 days. On my mother-in-law's computer, Creator's caused Excel to render a "Bad Image" message when attempting to start declaring "MSVCP140.dll is either not designed to run on Windows or it contains an error". I attempted the SFC and DISM repairs as advised on Tom's site to no avail. When I attempted an Office repair, Office disappeared completely. At this point, I definitely started to panic.

Fortunately, I noticed a pending reboot due to an install/update. Allowing Windows to install that update and rebooting twice brought Excel and Office back to life. I did have to re-register the software but all is well now. If you encounter this issue, stop what you're doing and install/restart Windows. Anecdotally, I've since hear of many folks encountering similar issues.