clientaccesspolicy.xml vs. crossdomain.xml

Silverlight supports two different mechanisms for services to opt-in to cross-domain access:
•    Place a clientaccesspolicy.xml file at the root of the domain where the service is hosted to configure the service to allow cross-domain-access.
•    Place a valid crossdomain.xml file at the root of the domain where the service is hosted. Silverlight supports a subset of the crossdomain.xml schema. This file format is supported as well by ADOBE FLASH (originally by them).

 

clientaccesspolicy.xml is for silverlight

<?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <grant-to> <resource include-subpaths="true" path="/"/> </grant-to> </policy> </cross-domain-access> </access-policy>

 

crossdomain.xml is for flash and also silverlight

<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" headers="*" /> </cross-domain-policy>