crossdomain.xml

   1 <?xml version="1.0"?>
   2 <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
   3 <cross-domain-policy>
   4
   5
   6 <!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->
   7
   8 <!-- Most restrictive policy: -->
   9         <site-control permitted-cross-domain-policies="none"/>
  10
  11
  12
  13 <!-- Least restrictive policy: -->
  14 <!--
  15         <site-control permitted-cross-domain-policies="all"/>
  16         <allow-access-from domain="*" to-ports="*" secure="false"/>
  17         <allow-http-request-headers-from domain="*" headers="*" secure="false"/>
  18 -->
  19 <!--
  20   If you host a crossdomain.xml file with allow-access-from domain="*"
  21   and don’t understand all of the points described here, you probably
  22   have a nasty security vulnerability. ~ simon willison
  23 -->
  24
  25 </cross-domain-policy>