Change Silverlight Isolated Storage Identity

StackOverflow https://stackoverflow.com/questions/20913550

Question

I would like for Isolated Storage in my Silverlight application to be identified by the domain of the xap it loads from, not by the host domain as displayed in the browser URL, which it does by default.

According to the Types of Isolated Storage documentation there should be a way to store under the "Publisher Identity" by strongly naming the assembly, instead of identifying the store by the URL supplying the application. I quote:

Assembly identity is the evidence of the assembly. This might come from a cryptographic digital signature, which can be the assembly's strong name, the software publisher of the assembly, or its URL identity. If an assembly has both a strong name and a software publisher identity, then the software publisher identity is used. If the assembly comes from the Internet and is unsigned, the URL identity is used.

I've strongly named the assembly (sn verified) and added the certificate to trusted root on my machine. I'm serving the page locally through iis but the store is still identified by the site's URL.

I've tried creating the store 2 different ways:

IsolatedStorageSettings.SiteSettings[mykey] = myvalue;
//and
IsolatedStorageFile.GetUserStoreForApplication().CreateFile("myfile.txt");

The id can be seen inside C:\Users\afeldman\AppData\LocalLow\Microsoft\Silverlight\is\20ngypzr.gs4\1l3t5sqo.aji\1\s\...\id.dat text file, and unfortunately it remains tied to the host URL.

Has anyone managed to get the isolated store to be identified with a non host URL identifier by using strongly named assemblies, or any other means?

No correct solution

OTHER TIPS

So, for some reason, it started working the way I wanted. The identity of the Isolated Storage is identified by the domain that served the .xap. To clarify:

relative path in the .xap src path like this

<object data="data:application/x-silverlight-2," type="application/x-silverlight-2">
    <param name="source" value="/mypath/my.xap" />
</object>

Since my.xap is provided as part of site, the store will be associated with that site's domain.

If you provide the .xap from a different source then use the full path in the .xap src path like this:

<object data="data:application/x-silverlight-2," type="application/x-silverlight-2">
    <param name="source" value="http://usethisdomain/mypath/my.xap" />
</object>

The store will now be associated with usethisdomain. No assembly signing necessary. I'm not really sure why I was seeing the different results I was seeing before.

Additionaly, the Types of Isolation documentation doesn't seem to fully apply to Silverlight. All my attempts to strongly name the assembly didn't change the isolated storage identity. Investigated the silverlight System.IO.IsolatedStorage code with a decompiler but didn't find any code that looked for assembly strong names. Maybe it's just really hidden.

In conclusion, if you can control the domain of the source parameter then you can control the identity of isolated storage in silverlight.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top