Silverlight使用HttpWebRequest和HttpWebResponse时发生System.Security.SecurityException: 安全性错误

异常代码发生在第二句

HttpWebRequest request = result.AsyncState as HttpWebRequest;

WebResponse response = request.EndGetResponse(result);

提示信息：

System.Security.SecurityException ---> System.Security.SecurityException: 安全性错误。

   位于 System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
   位于 System.Net.Browser.BrowserHttpWebRequest.<>c__DisplayClass5.<EndGetResponse>b__4(Object sendState)
   位于 System.Net.Browser.AsyncHelper.<>c__DisplayClass2.<BeginOnUI>b__0(Object sendState)
   --- 内部异常堆栈跟踪的结尾 ---
   位于 System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state)
   位于 System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult)

   位于 SilverlightApplication2.MainPage.ResponseCallback(IAsyncResult result)

解决：

   在\webapps\ROOT\下增加两个文件：

   crossdomain.xml和clientaccesspolicy.xml

------------------------------------------------------------------------

--crossdomain.xml--

------------------------------------------------------------------------

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM " http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>

------------------------------------------------------------------------

--clientaccesspolicy.xml--

------------------------------------------------------------------------

<?xml version="1.0" encoding="utf-8"?>
            <access-policy>
              <cross-domain-access>
                <policy>
                  <allow-from http-request-headers="*">
                    <domain uri="*"/>
                  </allow-from>
                  <grant-to>
                    <resource path="/" include-subpaths="true"/>
                  </grant-to>
                </policy>
              </cross-domain-access>
            </access-policy>