Dışarıya aktar (0) Yazdır
Tümünü Genişlet
Bu içerik dilinizde bulunmamaktadır ancak İngilizce sürümüne buradan bakabilirsiniz.

Silverlight and Flash Support

Updated: June 18, 2014

The Azure SDK includes support for cross-domain scenarios for Silverlight and Flash clients.

Same Origin Policy and Cross Domain Access

Browsers and client-side programming languages, such as Javascript, enforce a security policy called the same origin policy. This policy restricts cross domain calls; that is, it only allows code running in the browser to call code that resides on the host site from which the browser code was downloaded. This policy does not allow code running in a browser to call code residing on a different site (the target site).

You can set up cross-domain access explicitly if the target site places a specific policy file at its root. For Silverlight, this policy file is called ClientAccessPolicy.xml. For Flash, the cross-domain policy file is called CrossDomain.xml. The following is an example of a simple ClientAccessPolicy.xml file:

<?xml version=""1.0"" encoding=""utf-8""?>
            <allow-from http-request-headers="*" http-methods="*">
                <domain uri="https://*"/>
                <domain uri="http://*"/>
                <resource path="/" include-subpaths="true" />

For the Access Control service, by default all service namespaces have cross-domain access set up. For Service Bus, you must explicitly configure cross-domain access. To enable uploads of the policy file to the root of the service namespace, Service Bus provides REST commands (PUT, DELETE) that enable this. For example:

static HttpStatusCode PublishClientAccessPolicy(string serviceNamespace, string authHeaderValue, byte[] fileContentArray)
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(string.Format("https://{0}.{1}/clientaccesspolicy.xml", serviceNamespace, ServiceBusUriPostFix));

    request.Method = "PUT";
    request.ContentType = "text/xml";

    request.ContentLength = fileContentArray.Length;
    request.Headers[AuthorizationHeader] = authHeaderValue;

    Stream dataStream = request.GetRequestStream();
    dataStream.Write(fileContentArray, 0, fileContentArray.Length);

    return SendHttpRequestAndGetResponse(request);

Similarly, the following code deletes the policy file:

static HttpStatusCode DeleteClientAccessPolicy(string serviceNamespace, string authHeaderValue)
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(string.Format("https://{0}.{1}/clientaccesspolicy.xml", serviceNamespace, ServiceBusUriPostFix));

    request.Method = "DELETE";
    request.Headers[AuthorizationHeader] = authHeaderValue;
    return SendHttpRequestAndGetResponse(request);

Custom HTTP Header

To programmatically address secured endpoints, Service Bus requires an Access Control token with a “Manage” claim to be sent through an Authorization HTTP header. Because Silverlight does not allow applications to write directly to the Authorization HTTP header, the Service Bus services API supports the X-MS-Authorization HTTP custom header, which behaves similarly to the Authorization HTTP header. The following example demonstrates the use of this custom header.

const string XMSAuthorizationHeader = "X-MS-Authorization";

public void CreateMessageBuffer(UploadStringCompletedEventHandler createMessageBufferCompleted)
            string bufferLocation = AddTrailingSlashIfNeeded(this.messageBufferLocation);

            WebClient webClient = new WebClient();
            webClient.BaseAddress = bufferLocation;
            webClient.Headers[XMSAuthorizationHeader] = this.authHeaderValue;
            webClient.Headers[HttpRequestHeader.ContentType] = "application/atom+xml;type=entry;charset=utf-8";
            webClient.UploadStringCompleted += createMessageBufferCompleted;

            this.AppendOutputText("MessageBuffer.Create: Sending request to create message buffer");
            webClient.UploadStringAsync(new Uri(bufferLocation), "PUT", DefaultPolicy, "MessageBuffer.Create");

Topluluk İçeriği

© 2014 Microsoft