Remote debugging

XAML Spy 3 | XAML Spy 2

Describing how to configure and use the remote debugging feature of XAML Spy.

Introduction

XAML Spy is able to spy on apps that run on remote devices. This feature (introduced in the September 2012 Update) enables a number of exciting new scenarios;

  • remote debug a Silverlight app running on MacOS
  • remote debug a Windows Phone app running on an actual phone device
  • remote debug a Windows Store app running an on ARM tablet
  • remote debug a PixelSense app running on an actual Surface device
  • and more..

Windows Phone apps that run in a Windows Phone 8 emulator require remote debugging as well. Windows Phone 8 emulators are Hyper-V virtual machines having their own IP address. This requirement does not apply to Windows Phone 7 and 8.1 emulators.

Note
Remote debugging is disabled by default, learn more at Remote debugging disabled by default.

Configure remote debugging

For remote debugging to work, remote XAML apps need to be able to open a TCP connection to the machine running the XAML Spy Service. First of all XAML Spy needs to be configured to allow remote apps to connect. Next to that the firewall (if enabled) needs to be configured to allow inbound TCP connnections to the XAML Spy Service. Both XAML Spy and the firewall need to be configured on the machine running the XAML Spy Service or else remote debugging will not work.

Firewall configuration is easy, the XAML Spy installer can configure the Windows Firewall automatically for you. Continue reading to learn more about the specifics of configuring remote debugging.

XAML Spy configuration

Enabling remote debugging is a configuration setting available in the XAML Spy settings. Navigate to settings > xaml spy service and check the option Enable remote debugging. When disabled, incoming connections that originate from an IP address other than the XAML Spy service address will be ignored. Remote XAML apps trying to connect to a XAML Spy service having remote debugging disabled will encounter a connection lost (or similar) error message as shown in the image below.

Remote debugging requires at least one public facing IP address to be used by the XAML Spy service. If you host the XAML Spy service on the loopback interface (localhost, 127.0.0.1) only, remote debugging will not work. Either select the any IP address or a specific public facing IP address.

Do not forget to click the apply changes button after changing the XAML Spy service settings. Only then the XAML Spy Windows service is restarted and will use the new configuration settings. For more information about configuring the XAML Spy service, see this tutorial.

Automatic firewall configuration

The section discusses how to automatically configure the Windows Firewall. When using other firewall products, you'll need to apply similar settings manually. Windows Firewall disallows remote TCP connections to the XAML Spy service by default. Either configure the Windows Firewall automatically during XAML Spy installation, or configure the firewall manually as is described in the section below. The following image shows the XAML Spy install dialog for automatic firewall configuration.

When configured automatically, the XAML Spy installer adds the following inbound rule to the Windows Firewall;

Rule name XAML Spy
Allowed program [InstallDir]XamlSpyService.exe
Protocol and ports Any
Scope Remote IP addresses from the local subnet only
Profile All (domain, private and public)

An outbound rule does not need to be configured in the Windows Firewall. By default outbound connections that do not match a rule are allowed. 

Manual firewall configuration

Follow these steps to manually configure the Windows Firewall.

  1. Open the Windows Firewall advanced settings (Control Panel > System and Security > Windows Firewall > Advanced settings)
  2. Right click Inbound Rules and select New Rule... to open the New Inbound Rule Wizard.
  3. Select Program rule and go to the next screen
  4. Select the [InstallDir]XamlSpyService.exe program path and click next
  5. Select Allow the connection and go to the next screen
  6. Apply to all profiles (domain, private and public)
  7. And provide a name for the inbound rule in the final screen.
  8. Double the created XAML Spy rule and select the Scope tab
  9. In the Remote IP Address section, select the Local subnet from the predefined set of computers.

Security considerations

XAML Spy connections are password protected. To further restrict access to the XAML Spy service you may consider the following options;

Protocol and ports
The Windows Firewall allows rules to be defined for programs and for protocols and ports. By allowing access to the XamlSpySvc.exe program, you do not need to specify a protocol or port range. If you need to limit access to the protocol and port, make sure the protocol is set to TCP and the port is set to the same port configured in the XAML Spy Service settings.
Local IP addresses
Limit access to specific local IP addresses. You may want to limit access to a specific public facing IP address when your machine has multiple public facing IP addresses configured.
Remote IP addresses
Limit access to specific remote IP addresses. By default the XAML Spy rule allows connections from IP addresses in the local subnet. You can further limit access by providing specific IP addresses for remote devices.
Profile restrictions
The XAML Spy inbound rule is configured for all firewall profiles (domain, private and public). The domain profile applies to networks where the host system can authenticate to a domain controller. The private profile is a user-assigned profile and is used to designate private or home networks. The public profile is used to designate public networks such as Wi-Fi hotspots at coffee shops, airports, and other locations. Depending on your situation you may choose to disable the XAML Spy rule for certain profiles.
Local vs remote apps
Remote debugging is not used when your Silverlight, Windows Phone, Windows Store or WPF app is running on the same machine as the XAML Spy Service. If you do not require remote apps to connect, you may choose to disable remote debugging in the XAML Spy configuration and disable the XAML Spy rule in your firewall.

Connect to a remote XAML Spy service

Once remote debugging is configured properly a remote XAML app can connect to the XAML Spy Service. Setting up a remote connection within a XAML app needs to be done manually in code. Apart from Windows Phone apps running in a Windows Phone 8 emulator, XAML Spy does not support automatic deployments of remote apps. You will need to reference a XAML Spy client library in your XAML project and add a few lines of code to connect to XAML Spy. For step-by-step tutorials on connecting manually see the How to connect documentation.

Once a remote connection has been established, the remote app automatically appears in the XAML Spy explorer. An app is identified as remote by the IP address of the remote machine it's running on.

When the firewall is configured to disallow access, the following error message is shown in the XAML app trying to connect. The error message is an indication that the firewall is actively preventing access to the XAML Spy Service.