Jesse Collins Blog

Software, Security, Silverlight

Browse by Tags

Tagged Content List
  • Blog Post: On the Web's deny-read policy

    Eric Lawrence tackles the often-misunderstood details of the "deny-read" part of the same-origin policy: http://blogs.msdn.com/ieinternals/archive/2009/08/28/Explaining-Same-Origin-Policy-Part-1-Deny-Read.aspx I've never heard it called "deny-read" before. But I like it. As Eric points out in...
  • Blog Post: Why doesn't my XAP load on a cross-domain page?

    Why doesn't my XAP load on a cross-domain page? Probably because you're not setting the mime-type of the XAP to "application/x-silverlight-app". What's the point of this restriction? Well, we found during the development of Silverlight 2 that threats involving a Bad Guy loading a good XAP on his own...
Page 1 of 1 (2 items)