If you're on .NET 4 then you should DEFINITELY apply the fix because your web.config file can be downloaded.
If your Silverlight app is consuming a WCF service and that service also lives in ASP then you will need to apply the fix to that service as well.
As a side note: please remember that a Silverlight application is downloaded and runs from the user's local machine. You have to be really careful about how authentication and roles management is implemented because anybody can unzip the xap file, go through
the code with .NET Reflector and figure out how to get past your authentication or roles implementation. (I'm talking about things like it's not enough to use visibility to hide certain screens or functionality from users)
DeviantSeev
Member
30 Points
17 Posts
Re: Are Silverlight Apps Affected
Sep 22, 2010 05:02 PM|LINK
If you're on .NET 4 then you should DEFINITELY apply the fix because your web.config file can be downloaded.
If your Silverlight app is consuming a WCF service and that service also lives in ASP then you will need to apply the fix to that service as well.
As a side note: please remember that a Silverlight application is downloaded and runs from the user's local machine. You have to be really careful about how authentication and roles management is implemented because anybody can unzip the xap file, go through the code with .NET Reflector and figure out how to get past your authentication or roles implementation. (I'm talking about things like it's not enough to use visibility to hide certain screens or functionality from users)