+3  A: 

Quote:

Using for cross-domain communication requires guarding against several types of security vulnerability that can be used to exploit Web applications. Cross-site forgery is a class of exploits that becomes a threat when allowing cross-domain calls. This exploit involves a malicious Silverlight control transmitting unauthorized commands to a third-party service, without the user's knowledge. To prevent cross-site request forgery, Silverlight only allows site-of-origin communication by default for all requests other than images and media. For example, a Silverlight control hosted at http://contoso.com/mycontrol.aspx can only access services on that same domain by default – for example http://contoso.com/service.svc, but not a service at http://fabrikam.com/service.svc. This prevents a malicious Silverlight control hosted on the http://contoso.com domain from calling unauthorized operations on a service hosted on the http://fabrikam.com domain.

To enable a Silverlight control to access a service in another domain, the service must explicitly opt-in to allow cross-domain access. By opting-in, a service states that the operations it exposes can safely be invoked by a Silverlight control, without potentially damaging consequences to the data the service stores.

EDIT: based on comment/question ...

I'll just give my probably imperfect understanding of the situation, but this makes sense to me.

A browser in general is constrained in what it can route you to, by making it difficult to access any host other than the one serving up http pages. This is true no matter what resource is under discussion. And these constraints need to be applied by inference to anything else that runs in the context of the browser/web page, including Silverlight. So this is just extrapolating an existing mechanism for allowing foreign references.

I'm not sure how you intend to distinguish a "service" from a "socket". Generally services use sockets; there's some process (service or otherwise) sitting on a host watching to make connections on a port; one type of connection is a socket.

le dorfier  2009-03-22 22:47:27
1) I'm asking about sockets, not services. 2) This doesn't answer my question.
Spencer Ruport  2009-03-22 23:09:36
See posted image
Spencer Ruport  2009-03-22 23:17:58
I just don't see how Silverlight basically asking a host "what can i access" is anything more than just annoying. Malicious apps will just ignore the policy and go for whatever resource they like so it's not preventing anything. I just don't see the point.
Spencer Ruport  2009-03-23 04:00:11
I assume Silverlight gets its access to the internet through the browser - it doesn't have (logically) independent access. It looks like you've found out this is true by experimentation. Of course someone can ping any socket at any ip address with other means, but that's always the case.
le dorfier  2009-03-23 05:09:33
This is just to make sure it can't be done through a third-party web-based application.
le dorfier  2009-03-23 05:10:25
That seems kind of silly to me. Any malicious user who knows a thing or two about hacking wouldn't bother using a Silverlight app for that kind of thing even if it were possible. It's nothing more than a nuisance for the rest of us.
Spencer Ruport  2009-03-23 10:37:10
I figured out a good reason for it. See answer below.
Spencer Ruport  2009-03-23 21:09:23
+1  A: 

I finally figured out one good reason to do this.

Silverlight apps have the possibility of being distributed/executed very quickly. Say, as advertisements on a popular site for example. In that case it would be very easy for someone to use a Silverlight app to run a DoS attack on a host simply by giving it to an advertising provider. However since all Silverlight apps check the policy file for the host first it limits what hosts and services this kind of attack can target.

Spencer Ruport  2009-03-23 16:17:56

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?