When calling a cross-domain service, Silverlight will check for the existence of clientaccesspolicy.xml first. This is the format defined by Silverlight and provides a pretty flexible way to define who can access what services. If not found, it will then default to look for crossdomain.xml, which is the file format implemented for Adobe Flash. It is important to note that this file will also still work for most public web services.
<?xml version=”1.0″ encoding=”utf-8″?>
<resource path=”/” include-subpaths=”true”/>
<!DOCTYPE cross-domain-policy SYSTEM “http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd”>
<allow-http-request-headers-from domain=”*” headers=”*”/>
Either way, when you are done with the file, it needs to go in the ROOT of the domain. This is important as it is not the application root, but the root web. Even if your app is at domain.com/myapp, the policy file needs to be at domain.com/clientaccesspolicy.xml.
Anyhow, maybe these files will help you.