Silverlight Cross Domain Policy Error

To reduce the risk of Cross-site forgery exploits, Silverlight by default does not allow cross-domain communication. To allow a Silverlight control to access a service in another domain the permission needs to be explicitly set.

There are two different ways to allow cross-domain access:

A clientaccesspolicy.xml file needs to be placed at the root of the domain where the service is hosted.
A crossdomain.xml file needs to be placed at the root of the domain where the service is hosted.

Below is an example of a clientaccesspolicy.xml file. This file's configuration will allow access from any other domain to all resources on the current domain.

<?xml version="1.0" encoding="utf-8"?> 
<access-policy> 
<cross-domain-access> 
    <policy> 
      <allow-from http-request-headers="SOAPAction"> 
        <domain uri="*"/> 
      </allow-from> 
      <grant-to> 
        <resource path="/" include-subpaths="true"/> 
      </grant-to> 
    </policy> 
</cross-domain-access> 
</access-policy>

Below is an example of a crossdomain.xml file. This file will allow access from any other domain.

<?xml version="1.0"?> 
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> 
<cross-domain-policy> 
    <allow-http-request-headers-from domain="*" headers="SOAPAction,Content-Type"/> 
</cross-domain-policy>