03a2de71b4
Signed-off-by: Gwenhael Le Moine <gwenhael.le.moine@gmail.com>
25 lines
No EOL
802 B
XML
25 lines
No EOL
802 B
XML
<?xml version="1.0"?>
|
||
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
|
||
<cross-domain-policy>
|
||
|
||
|
||
<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html -->
|
||
|
||
<!-- Most restrictive policy: -->
|
||
<site-control permitted-cross-domain-policies="none"/>
|
||
|
||
|
||
|
||
<!-- Least restrictive policy: -->
|
||
<!--
|
||
<site-control permitted-cross-domain-policies="all"/>
|
||
<allow-access-from domain="*" to-ports="*" secure="false"/>
|
||
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
|
||
-->
|
||
<!--
|
||
If you host a crossdomain.xml file with allow-access-from domain=“*”
|
||
and don’t understand all of the points described here, you probably
|
||
have a nasty security vulnerability. ~ simon willison
|
||
-->
|
||
|
||
</cross-domain-policy> |