Navigation

Milos Solution Platform (External Blog)

The Milos Solution Platform is .NET's premier platform for building business applications. This blog is meant for developers who use or evaluate Milos. This blog is used to share tidbits of information provided by the Milos developers at EPS. Many of the posts put the spotlight on new features. We generally recommend that all Milos users (developers) at least scan this blog to keep up with the Milos news.

Content Area Footer

Sunday, February 08, 2009
Self-Hosted WCF Cross-Domain Service Call Policies

Yesterday I blogged about a new Milos feature that allows to self-host Basic HTTP services, which is a feature that is useful when one has a service that is hosted using other bindings, but wants to expose the Basic HTTP binding in addition to others, which is typically done in Silverlight or browser scenarios (click here for yesterday's post).

When hosting Basic HTTP services for Silverlight, it is also important to know that Silverlight by default can only call services that are part of the same web application as the Silverlight app itself. This will practically never be the case when you self -host a Basic HTTP service. To allow that service to be called from Silverlight, the service must opt in to be callable across domains. (Note: Different ports also count as different domains in this case). This is a security restriction to avoid cross-site attacks.

Using the Milos self-host Basic HTTP feature, you can also enable cross-domain calling like so:

ServiceGarden.AllowCrossDomainCalls();

For instance, if you want to host a service that is available both over TCP/IP and Basic HTTP and allows cross-domain calls, it could be done like so:

ServiceGarden.AllowCrossDomainCalls();
ServiceGarden.AddServiceHostNetTcp(typeof(EventService));
ServiceGarden.AddServiceHostBasicHttp(typeof(EventService));

Note that the cross-domain call only relates to HTTP based access, but not to other protocols.

Note also that the cross-domain call is enabled by means of a policy that is now available. You can browse to that policy using your web browser. For instance, if you run this in a test environment on localhost, you can now browse to http://localhost/clientaccesspolicy.xml, to see the exact settings that are exposed. This is what Silverlight accesses to allow a cross-domain call.

Note that it is possible to set additional parameters. In particular, you can specify which sites can make a cross domain call. For instance, if you only want to accept calls from www.Microsoft.com and www.Google.com, you can restrict the cross domain calls in the following fashion:

ServiceGarden.AllowCrossDomainCalls(new Uri[] {
    new Uri("http://www.Microsoft.com"),
    new Uri("http://www.Google.com") });

Note that these features are available on the ServiceGarden class as well as the development host. When the development host is used, the policy is listed in the UI as an additional service endpoint.

 

Posted @ 1:40 PM by Egger, Markus (markus@code-magazine.com) -
Comments (14)



Comments:

RE: Self-Hosted WCF Cross-Domain Service Call Policies
Tuesday, June 21, 2011 9:05 PM by new era - vsg@gcv.com

In particular, you can specify which sites can make a cross domain call.


ed
Wednesday, July 20, 2011 2:02 AM by ed - luocamel23@yahoo.com

I enjoyed every little bit part of it and I will be waiting for the new updates.


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Monday, September 26, 2011 7:56 PM by Rovy Rose Will - adzdelacruz@gmail.com

I was regret that I never be part of this program and even such an informative blog to me. It's been too fascinating that I truly stunned this site. Thanks!


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Tuesday, September 27, 2011 12:45 AM by Britney - marshamay28@gmail.com

You give the nice information that many people don't know before. most of your contents are make me have more knowledge. it is very different.Anyway, thanks for sharing.


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Tuesday, November 08, 2011 6:40 PM by SWF Converter for Mac - plant2013@gmail.com

Preparation: Free download and install Mac SWF Video Converter, launch it.


FM TRANSMITTER
Wednesday, December 07, 2011 8:47 PM by FM TRANSMITTER - sunce2015@gmail.com

A large number of people are dreaming of having a perfect home theater system. However, installing a home theater has turn out to be rather intricate and long speaker cable runs are normally undesirable for aesthetic reasons. Manufacturers have lately introduced new products and technologies.


tutu app
Monday, May 22, 2017 7:17 AM by tutu app - terminalwayfive@gmail.com

Designed for both, iOS and Android, the Tutu app is a widely recognized free app for games and game hacks.


tplinklogin
Friday, August 18, 2017 4:00 AM by tplinklogin - sanjanasmudhiraj@mail.com

tplinklogin Hello, readers, It’s time to know about one of the best wireless networks present nowadays


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Tuesday, December 12, 2017 12:45 AM by Assignment land

All things considered NET.TCP blueprint isn't perceived by Silverlight 4. At any rate right now it is. Keeping in mind the end goal to utilize NET.TCP authoritative, it's required that we utilize customBinding.


https://mahresultsnic2018.in/
Thursday, February 08, 2018 12:11 AM by https://mahresultsnic2018.in/ - praveenpandup@mail.com

https://mahresultsnic2018.in/ All the candidates who have written Maharastra 10th exams might be eagerly waiting for Mah SSC results 2018


manabadi.com
Saturday, March 17, 2018 12:46 AM by manabadi.com - raanaprataps@mail.com

manabadi.com results to check intermediate and ssc 10th results from Manabadi 2018


AntiRevoke
Thursday, April 12, 2018 1:07 AM by Julie Watson - CarlEHall@jourrapide.com

Anti Revoke For Android


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Tuesday, July 03, 2018 4:09 AM by asdf - xjb11130@ckoie.com

sad fsadf asdfdsa


RE: Self-Hosted WCF Cross-Domain Service Call Policies
Saturday, July 14, 2018 4:07 AM by bestessay rating - scd86373@kopqi.com

In this blog I have received the best stories and messages. That all you can use to update better stories and cross domain services. Then we will catch their online essay features.


Post a Comment:

Comment Title (required)

Your Name (optional)

Your Email (optional)

Your Web Site (optional)

Your Comment (required)

 

 

 

 

 

 

 

Syndication RSS 2.0 RSS 2.0

All My Blogs:
My personal blogs:
Dev and Publishing Dev and Publishing
Travel and Internat. Living Travel and Internat. Living
Other blogs I contribute to:
Milos Blog (US) Milos Blog (US)
VFPConv. Dev Blog (US) VFPConv. Dev Blog (US)
VFPConv. Dev Blog (DE) VFPConv. Dev Blog (DE)

 

Blog Archives
 All Blog Posts

 2010
    November (1)
2009
    July (2)
    February (2)
    January (1)
2008
    December (1)
    October (3)
    June (1)
    April (3)
    February (1)
    January (1)
2007
    December (1)
    October (2)
    September (2)
    July (1)
    June (2)
    May (4)
    April (6)
    March (8)
    February (3)
    January (2)
2006
    December (2)
    November (2)

 

 

 

This Blog is powered by MilosTM Collaboration Components.