Client Access Policy File and Subdomains

if you worked with Silverlight and WCF, you no doubt are familiar with ClientAccessPlicy.xml.  Recently I found a use case that is not documented in the link above and had me stumped actually.  Our application was hosted on a subdomain, something like  I added client access policy file to the root of the domain,, but was still getting security exceptions.  The security white paper (see link above) mentions sub-domains but only from perspective of the hosted file.  Once I put clientaccesspolicy file at the root of the subdomain, my errors went away.  Not something I expected to find.


Leave a Reply

Your email address will not be published. Required fields are marked *