projects / disclosr.git / blobdiff
search:
summary | shortlog | log | commit | commitdiff | tree
side by side | plain
Add disclo.gs homepage
[disclosr.git] / documents / crossdomain.xml
blob:a/documents/crossdomain.xml -> blob:b/documents/crossdomain.xml 
--- a/documents/crossdomain.xml
+++ b/documents/crossdomain.xml
@@ -1,1 +1,26 @@
+<?xml version="1.0"?>
+<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
+<cross-domain-policy>
 
+
+<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->
+
+<!-- Most restrictive policy: -->
+	<site-control permitted-cross-domain-policies="none"/>
+
+
+
+<!-- Least restrictive policy: -->
+<!--
+	<site-control permitted-cross-domain-policies="all"/>
+	<allow-access-from domain="*" to-ports="*" secure="false"/>
+	<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
+-->
+<!--
+  If you host a crossdomain.xml file with allow-access-from domain="*"
+  and don’t understand all of the points described here, you probably
+  have a nasty security vulnerability. ~ simon willison
+-->
+
+</cross-domain-policy>
+
Unnamed repository; edit this file to name it for gitweb.
GitPHP by Chris Han