Cross domain access policy in Silverlight applications
page 4 of 6
by Sergey Zwezdin
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 36444/ 64

Prevention of attacks

Earlier we have considered various kinds of attacks which can be carried out using Silverlight applications. For prevention of such attacks special safety measures which are called "Crossdomain Client Access Policy" exist. Let us consider how it works.

The main idea is that applications any accesses to data which are out of the domain from Silverlight are forbidden by default.

It is possible to present it schematically as follows.

Figure 3: The cross-domain access

Such restriction guarantees that no other applications from other domains can access to a server.

It is important that this restriction is implemented at Silverlight level, e.g. Silverlight Runtime, to ensure the functionality of this mechanism. For Silverlight developers such an approach means that at the access to a server from the application from other domain a SecurityException will be thrown. This restriction extends not only to web-services but also to any other data which we try to receive from Silverlight applications (for example, a simple XML-file).

View Entire Article

User Comments

Title: oyun forum   
Name: oyun forum
Date: 2010-05-09 5:10:06 AM
Thanks man

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2024  |  Page Processed at 2024-06-18 5:29:07 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search