/hyde/tests/sites/test_grouper/content/crossdomain.xml
XML | 25 lines | 5 code | 7 blank | 13 comment | 0 complexity | af73af2833f98573a45bd4ae18d0954e MD5 | raw file
1<?xml version="1.0"?> 2<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> 3<cross-domain-policy> 4 5 6<!-- Read this: www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html --> 7 8<!-- Most restrictive policy: --> 9 <site-control permitted-cross-domain-policies="none"/> 10 11 12 13<!-- Least restrictive policy: --> 14<!-- 15 <site-control permitted-cross-domain-policies="all"/> 16 <allow-access-from domain="*" to-ports="*" secure="false"/> 17 <allow-http-request-headers-from domain="*" headers="*" secure="false"/> 18--> 19<!-- 20 If you host a crossdomain.xml file with allow-access-from domain=“*” 21 and don’t understand all of the points described here, you probably 22 have a nasty security vulnerability. ~ simon willison 23--> 24 25</cross-domain-policy>