<?xml version="1.0"?> |
<?xml version="1.0"?> |
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> |
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> |
<cross-domain-policy> |
<cross-domain-policy> |
|
|
|
|
<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html --> |
<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html --> |
|
|
<!-- Most restrictive policy: --> |
<!-- Most restrictive policy: --> |
<site-control permitted-cross-domain-policies="none"/> |
<site-control permitted-cross-domain-policies="none"/> |
|
|
|
|
|
<!-- Least restrictive policy: --> |
<!-- Least restrictive policy: --> |
<!-- |
<!-- |
<site-control permitted-cross-domain-policies="all"/> |
<site-control permitted-cross-domain-policies="all"/> |
<allow-access-from domain="*" to-ports="*" secure="false"/> |
<allow-access-from domain="*" to-ports="*" secure="false"/> |
<allow-http-request-headers-from domain="*" headers="*" secure="false"/> |
<allow-http-request-headers-from domain="*" headers="*" secure="false"/> |
--> |
--> |
<!-- |
<!-- |
If you host a crossdomain.xml file with allow-access-from domain="*" |
If you host a crossdomain.xml file with allow-access-from domain="*" |
and don’t understand all of the points described here, you probably |
and don’t understand all of the points described here, you probably |
have a nasty security vulnerability. ~ simon willison |
have a nasty security vulnerability. ~ simon willison |
--> |
--> |
|
|
|
</cross-domain-policy> |
</cross-domain-policy> |
|
|