1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html --> <!-- Most restrictive policy: --> <site-control permitted-cross-domain-policies="none"/> <!-- Least restrictive policy: --> <!-- <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="*" to-ports="*" secure="false"/> <allow-http-request-headers-from domain="*" headers="*" secure="false"/> --> <!-- If you host a crossdomain.xml file with allow-access-from domain="*" and don’t understand all of the points described here, you probably have a nasty security vulnerability. ~ simon willison --> </cross-domain-policy> |