crossdomain.xml

 1<?xml version="1.0"?>
 2<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
 3<cross-domain-policy>
 4  
 5  
 6<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->
 7
 8<!-- Most restrictive policy: -->
 9	<site-control permitted-cross-domain-policies="none"/>
10	
11	
12	
13<!-- Least restrictive policy: -->
14<!--
15	<site-control permitted-cross-domain-policies="all"/>
16	<allow-access-from domain="*" to-ports="*" secure="false"/>
17	<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
18-->
19<!--
20  If you host a crossdomain.xml file with allow-access-from domain=“*” 	 	
21  and don’t understand all of the points described here, you probably 	 	
22  have a nasty security vulnerability. ~ simon willison
23-->
24
25</cross-domain-policy>