The problem
I have a page with a silverlight object. It attempts to retrieve XML from another (external cross domain) page. But I am struggling with a security exception.
I have this code working brilliantly in WPF.
When using a website hosting a silverlight application with the same code, the user agent string of the HttpRequest object is null (and seemingly cannot be set). In fact there is no header information at all - this causes a security exception when attempting to make my asynchronous call.
The question
Why is the user-agent string (and header information) null in my silverlight 4 application when making an asynchronous call using HttpWebRequest?
Thanks in advance!
sounds like you are might be hitting a cross domian issue
does your external xml have a clientaccesspolicy file or a crossdomain file on the site?
http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx
Also what is the exception ? can you post.
Update:
OK, Have looked and run your code and yes it a crossdomian issue. The site "http://eu.wowarmory.com/" has a crossdomian file but only allow access from the sites listed in that file ? is you site one of those ? If not you are hitting crossdomain security. (WPF runs on the full CLR and so does not have these restrictions.)
There are options ...
-Silverlight 4 running in elevated trust is one - but that is OOB
-Doing it in Javascript and the passing the data into Silverlight
-Get you server to do the work for you i.e. proxy
-Get them to change the crossdomain file !
There are others it really depends on what you are trying to achieve overall? can you explain more ?
Related
I have a client who installed our silverlight app recently. it works fine from their server itself. but when they try to run it from a client, they can log in through the aspx login page, but on the main page, which hosts the tag and the .xap file, they see absolutely nothing!
I cannot see their screens, just get occasional screenshots via email and cross my fingers that they are typing the URL I tell them to. Even Shareview is not working for them - they can see my screen but I cannot see theirs.
So I am pleading - help! Please throw out some wacky ideas. I just learned an hour or so ago that they did not even have silverlight installed, so the mornings debugging effort was a waste of time. So who knows what the next fascinating source of problems is?
Here is the user-agent info. Oor app is .net 4.0 could that be the problem? It does noty look to my untrained eye that the client supports 4.0 (from the web server log):
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.30;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 401 3 5 0
Getting closer - I see that the GET request for the XAP is returning 401 - not found! What would do that?
It's very possible that they are blocking XAP files either directly or indirectly at the firewall. XAP files are simply ZIP files and inspection-based firewalls tend to look at these as a security risk. You may want to see if they can setup an exception in their rules.
Hmm..
1) check if your client access the good url. Request their IP address, then check the web server logs. ie: are they requesting the good url, are they downloading the xap? (check if they use a proxy, too?)
2) check that they restarted their browser after installing the Silverlight runtime.
3) Do you handle the UnhandledException event for your Application class? If no, use it to send detailed exception logs to your server on application crash.
4) Use javascriptto initialize your Silverlight application. This way, you can be notified if the runtime fail to start, (for example if it failed to load the xap file) You can use ajax to report the issue to the webserver.
I have a custom proxy class for a single WCF web-service (takes a string in, sends a string back). The asynchronous web service call works great from my Windows Form app. However, when I call it from a test Silverlight app I get an error: Hresult 0x80000012. This error is for Extension Attributes on files I believe... Go figure.
Using Fiddler I can confirm that no traffic is making it to IIS which is hosting the service, so it isn't the usual cross-domain restriction issue. I've tried using both "localhost" (which works in the Windows Forms app) and a name defined in my hosts file just in case "localhost" was causing the problem.
I've tested it by making the async call from the UI thread and also from a thread-pool queue item with the same results.
The proxy code is basically just simplified down from what the MS proxy generator creates, setting up bindings and settings programatically instead of via config files, and I use basically the same source to compile normal .Net and Silverlight versions of the libraries involved. (Now, the MS proxy code it is based on is from a WCF web service, not from the RIA template code, so maybe there are differences there...)
Four days of fruitless search on this one. Any help or suggestions would be wildly appreciated!
Figured it out. I was using (stupidly) a backslash in part of the URL that I used to set up the service call. Most of the interior parts of the MS code handled that ok and transposed them to forward slashes -- on Windows Forms everything worked seamlessly in fact. However, the Silverlight libraries couldn't handle it and threw the very helpful "HResult 0x80000012" error.
Changing my backslashes to slashes seems to have fixed the problem!
I have a silverlight business aplication that gets data from silverlight enabled webservice.
When I run the application in dev environment, it works fine.
when i deploy the application and the Asp.net web development server is working, then to the application works fine.
But when I stop the development server, the application can't access a service.
My questions are:
When I deploy a silverlight business application, doesn't the service get deployed and get started.
The endpoint address in my ServiceReferences.Clientconfig file is endpoint address="http://localhost:9702/MyWebservice.scv. Do I need to change this?
The enpoint address in the web.config is blank.
Appreciate your help
Because the WCF client code is declared as a "partial" class, what I've been doing to this point is creating another c# partial class file to host a GetClient() method on it. You'll notice that the code is taking into account the port that the service is on... in a few of the environments that I've posted or will be posting to, as well as the development environment, the application is not always on port 80.
Namespace Project.Service
{
public partial class ServiceClient
{
public static ServiceClient GetClient()
{
return new ServiceClient("CustomBinding_Service",
new System.ServiceModel.EndpointAddress(new Uri(string.Format("{0}://{1}:{2}/Services/Service.svc",
Application.Current.Host.Source.Scheme, Application.Current.Host.Source.Host, Application.Current.Host.Source.Port), UriKind.Absolute)));
}
}
}
Hope this helps someone!
Yes you are going to want to change your endpoint address. I recommend doing it in the silverlight code when creating the connection to the WCF service. The service itself lives on the web server, whereas the silverlight application lives on the clients computer. If the web server stops, the web service stops but the silverlight app can keep running.
edit:
To do this in code, as long as the path is always in the same domain as the app you can use do like so:
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.None) //Use whatever security you need here
{
MaxReceivedMessageSize = int.MaxValue,
MaxBufferSize = int.MaxValue
};
Client client = new Client(binding, new EndpointAddress(new Uri(Application.Current.Host.Source, "../MyService.svc")));
Thanks so much for your help. I tried your approach to create the client code but that didn't work. And that's because the problem seems to be somewhere else.
So I installed fiddler to see the traffic.
Fiddler showed that the service was being accessed but the http response code was 302 showing that there was some redirection involved.
The address of my application is like this http:///Silverlightapp/(S(oirppxrwzhlf2a2vbia1ui45))/Default.aspx#/Home and it is hosted on IIS 6.
So I had to employ a workaround by installing the service on machine with IIS7 (and there was no session id involved like in the above url).I still kept the silverlight application hosted on IIS 6.
Anyway, in summary, to anyone who reads the thread, I did the following to troubleshoot and solve issue(temporarily)
Changed the end point address in the ServiceReferences.ClientConfig file. When you add the service using discover option in VS, the endpoint address is of the localhost and this must be changed.
Registered the service model using ServiceModelReg -i command. (this solved my problem that my applicaiton was only working from development server and not IIS)
-Put the CrossDomain and ClientAccessPolicy files in c:]inetpub\wwwroot folders.
-Used fiddler to look at http response codes. I had to do no configuration in fiddler.
Changed the binarymessageEncoding to textMessageEncoding iin the web.config file of the silverlight web project that also hosted the ecf service. I did this becasue adding a silverlight enabled wcf service creates a custom binding configuration in the web.config file by default uses binary encoding. I needed text encoding to see errors in fidder. But this didn't help much becasue I only saw the name of the operation in the Inspector>xml tab in fiddler. This was the same even after my issues was resolved by workaround.
Thanks for the help
Don't do it in code. Otherwise you won't be able to change it later without recompiling the application (when the address will need to change, perhaps years down the road when you've lost the source code :)
Change the address in ServiceReferences.ClientConfig to where the service is actually hosted... e.g. http://example.com/myVdir/MyWebservice.svc
If later on you need to change the address without recompiling:
- Open the .xap file (it's just a zip file with a different extension)
- Find the .ClientConfig file and change the address
- Put it back together as a .zip file and rename to .xap
Also, I can't remember anymore whether the .ClientConfig supports relative addresses (e.g. just "MyWebService.svc"), but if it does it may be a good solution as well.
I'm working on trying to ftp a file to the server through a silverlight application. Where the location to upload the file on server file system, exists outside the sandbox area for the web server. In this case the web server root exists at "C:\test\www\" and the location to upload the file will exist at "C:\User\Uploads". In this scenerio i'm not sure if Http POST will work (doesn't that use the web server root). I just need to upload the file selected by the user to a different location that may exist outside the sandbox. With silverlight i'm thinking sockets are my last option based on the limited port range for silverlight being 4502-4532. Can i do this using WebClient and Http POST? Can i make an ftp connection through silverlight or javascript?
This is an interesting scenario, since it sounds like you are doing this all on the same machine (both client and server). I am responding to the vague original question, and would love additional data to help answer this completely.
FTP uploading itself is not supported by Silverlight, but the concept of uploading a file is, through an HTTP stream of data.
If you want to do an HTTP upload from a client machine to the server: You can use the OpenFileDialog control in Silverlight 2 and 3 to read that data, then use WebClient to upload it.
If you want to do a download from something your web server can send, to the client machine, then you'd need to use Silverlight 3 or newer, which features a SaveFileDialog control.
All Silverlight file dialogs require a user-initiated action for them to work, function, and the user will need to select the file name(s) for security purposes.
Hope this helps!
Assuming your server is ASP.NET based I would use a simple WebClient POST into a .ashx handler. Have the handler write the body of the post to a file in "C:\User\Uploads".
As long as the ftp server is on the same host as the silverlight app you can use sockets and code your own ftp client, its not very hard and there's plenty of examples out there.
In the meantime, name it Silverlight 5, Sockets got an update: with ClientAccessPolicy.xml the port-range got boosted and an in-browser elevated-trust mode is available.
Therefore I've created sharpLightFtp to enable rudimental Ftp.
I'm working on building a Silverlight application whereas we want to be able to have a client hit a url like:
http://{client}.domain.com/
and login, where the {client} part is their business name. so for example, google's would be:
http://google.domain.com/
What I was wondering was if anyone has been able, in silverlight, to be able to use this subdomain model to make decisions on the call to the web server so that you can switch to a specific database to run a query? Unfortunately, it's something that is quite necessary for the project, as we are trying to make it easy for their employees to get their company specific information for our software.
Wouldn't it work to put the service on a specific subdomain itself, such as wcf.example.com, and then setup a cross domain policy file on the service to allow it to access it?
As long as this would work you could just load the silverlight in the proper subdomain and then pass that subdomain to your service and let it do its thing.
Some examples of this below:
Silverlight Cross Domain Services
Silverlight Cross Domain Policy Helpers
On the server side you can check the HTTP 1.1 Host header to see how the user came to your server and do the necessary customization based on that.
I think you cannot do this with Silverlight alone, I know you cannot do this without problems with Javascript, Ajax etc. . That is because a sub domain is - for security reasons - treated otherwise than a sub-page by the browsers.
What about the following idea: Insert a rewrite rule to your web server software. So if http://google.domain.com is called, the web server itself rewrites the URL to something like http://www.domain.com/google/ (or better: http://www.domain.com/customers/google/). Would that help?
Georgi:
That would help if it would be static, but alas, it's going to all be dynamic. My hope was to have 1x deployment for the application, and to use the http://google.domain.com/ idea to switch to the correct database for the user. I recall doing this once when we built an asp.net website, using the domain context to figure out what skin to use, etc.
Ates: Can you explain more about what you are saying... sounds like you are close to what I am trying to come up with. Have you seen such a tutorial for this?
The only other way I have come up with to make this work is to have a metabase that when the user logs in, it will switch them to the appropriate database as required... was just thinking as well that telling Client x to hit:
http://ClientX.domain.com/ would have been sweeter than saying to hit http://www.domain.com/ and login. It seemed as if they were to hit their name, and to show it personalized for them right from the login screen would have been much more appealing for the client base.
#Richard B: No, I can't think of any such tutorial that I've seen before. I'll try to be more verbose.
The server-side approach in more detail:
Direct *.example.com to the same IP in your DNS settings.
The backend app that handles login checks the Host HTTP header (e.g. the "HTTP_HOST" server variable in some platforms). That would contain the exact subdomain.example.com that the client used for reaching your server. Extract the subdomain part and continue...
There can also be a client-side-only approach. I don't know much about Silverlight but I'm assuming that you should be able to interface Silverlight with JavaScript. You could read document.location with JavaScript and pass it to your Silverlight applet, whereon further data fetching etc. logic would rely on the subdomain that was passed in by JavaScript.
#Ates:
That is what we did when we wrote the ASP.Net system... we pushed a slew of *.example.com hosts against the web server, and handled using the HTTP headers. The hold-up comes when dealing with WCF pushing the info between the client and the server... it can only exist in one domain...
So, for example, when you have {client}.example.com and {sandbox}.example.com, the WCF service can't be registered to both. It also cannot be registered to just *.example.com or example.com, so that's where the catch 22 is coming in at. everything else I have the prior knowledge of handling.
I recall a method by which an application can "spoof" another domain name in certain instances. I take it in this case, I would need to do such a configuration? Much to research yet I believe.