How to make HTTP PUT and DELETE work in Silverlight 4

StackOverflow https://stackoverflow.com/questions/7448705

Question

I would prefer to avoid getting into a debate about whether HTTP verbs PUT and DELETE are appropriate or obsolete and focus on the question of actually making Silverlight work when "forced" to use these verbs.

I am trying to create a Silverlight 4 client application that calls an existing REST web service that has operations for the PUT and DELETE verbs. This service is not going to change.

I've added the following statement into constructor in my App.xaml.cs:

WebRequest.RegisterPrefix("http://", WebRequestCreator.ClientHttp);

The service has a clientaccesspolicy.xml file that contains:

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

I am using the WebClient class to handle GET and POST requests. When I attempt to do the same with PUT or DELETE for the verb/method, I get an ambiguous "security error" which led me to adding the statement above.

I've seen various posts and blog articles talking about using HttpWebRequest to get around this but have not found one that actually SHOWS HOW to make these (asynchronous) calls from a Silverlight client.

If there is something wrong with the code above, please let me know. Otherwise, if you can show me or point me to an example demonstrating how these requests can be implemented, I'd greatly appreciate the help.

Was it helpful?

Solution 2

I've solved my problem but am still not 100% sure why it is fixed.

At the suggestion of a co-worker, I enabled running the application out-of-browser and checked the setting to require elevated trust when running outside the browser. The app ran fine. I disable running out-of-browser and the app still runs fine!

As the setting says, it requires elevated trust WHEN RUNNING OUTSIDE THE BROWSER. So, if this was the problem, then I'm not sure having it checked should be fixing my problem when running IN the browser. But it does...

OTHER TIPS

In your clientaccesspolicy.xml file, you must allow the PUT and DELETE HTTP verbs.

I usually allow all HTTP verbs, which would look like this given your original configuration:

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*" http-methods="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>

Notice the added http-methods attribute on the allow-from element.

Add HttpWebRequest.RegisterPrefix("http://",WebRequestCreator.ClientHttp); HttpWebRequest.RegisterPrefix("https://", WebRequestCreator.ClientHttp);

https://mattduffield.wordpress.com/2011/12/11/silverlight-specified-method-is-not-supported-on-this-request/

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top