I have a Silverlight 5 app that is making requests to a WCF data service over HTTPS on a separate domain (server) hosted via IIS 6 (at say mydomain.com/service.svc).
The silverlight app gets a SecurityException, which I assume is related to not finding a proper clientaccesspolicy.xml file. I have a clientaccesspolicy.xml file defined at mydomain.com's wwwroot folder that looks like
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
The weird part is that when looking at Fiddler traffic, there is never a request attempted for mydomain.com/clientaccesspolicy.xml.
The other thing is that the clientaccesspolicy.xml is served only over https (IIS setting on that server only allows ssl/tls connections), so could that be part of the problem?
Give this a try: