Can someone post a well formed crossdomain xml sample

Question

I ve been reading that Adobe has made crossdomain xml stricter in flash 9-10 and I m wondering of someone can paste me a copy of one that they know works  Having some trouble finding a recent sample on Adobe s site

User · Answer

Take a look at Twitter s   http   twitter com crossdomain xml   lt  xml version  1 0  encoding  UTF-8   gt   lt cross-domain-policy xmlns xsi  http   www w3 org 2001 XMLSchema-instance  xsi noNamespaceSchemaLocation  http   www adobe com xml schemas PolicyFile xsd  gt       lt allow-access-from domain  twitter com    gt       lt allow-access-from domain  api twitter com    gt       lt allow-access-from domain  search twitter com    gt       lt allow-access-from domain  static twitter com    gt       lt site-control permitted-cross-domain-policies  master-only   gt       lt allow-http-request-headers-from domain    twitter com  headers     secure  true   gt   lt  cross-domain-policy gt

User · Answer

A version of crossdomain xml used to be packaged with the HTML5 Boilerplate which is the product of many years of iterative development and combined community knowledge  However  it has since been deleted from the repository  I ve copied it verbatim here  and included a link to the commit where it was deleted below    lt  xml version  1 0   gt   lt  DOCTYPE cross-domain-policy SYSTEM  http   www adobe com xml dtds cross-domain-policy dtd  gt   lt cross-domain-policy gt     lt  -- Read this  https   www adobe com devnet articles crossdomain policy file spec html -- gt      lt  -- Most restrictive policy  -- gt     lt site-control permitted-cross-domain-policies  none   gt      lt  -- Least restrictive policy  -- gt     lt  --    lt site-control permitted-cross-domain-policies  all   gt     lt allow-access-from domain     to-ports     secure  false   gt     lt allow-http-request-headers-from domain     headers     secure  false   gt    -- gt   lt  cross-domain-policy gt    Deleted in  1881 https   github com h5bp html5-boilerplate commit 58a2ba81d250301e7b5e3da28ae4c1b42d91b2c2

User · Answer

Take a look at Twitter s   http   twitter com crossdomain xml   lt  xml version  1 0  encoding  UTF-8   gt   lt cross-domain-policy xmlns xsi  http   www w3 org 2001 XMLSchema-instance  xsi noNamespaceSchemaLocation  http   www adobe com xml schemas PolicyFile xsd  gt       lt allow-access-from domain  twitter com    gt       lt allow-access-from domain  api twitter com    gt       lt allow-access-from domain  search twitter com    gt       lt allow-access-from domain  static twitter com    gt       lt site-control permitted-cross-domain-policies  master-only   gt       lt allow-http-request-headers-from domain    twitter com  headers     secure  true   gt   lt  cross-domain-policy gt

User · Answer

In production site this seems suitable    lt  xml version  1 0   gt   lt cross-domain-policy gt   lt allow-access-from domain  www mysite com    gt   lt allow-access-from domain  mysite com    gt   lt  cross-domain-policy gt

User · Answer

This is what I ve been using for development    lt  xml version  1 0    gt   lt cross-domain-policy gt   lt allow-access-from domain       gt   lt  cross-domain-policy gt    This is a very liberal approach  but is fine for my application   As others have pointed out below  beware the risks of this

User · Answer

If you re using webservices  you ll also need the  allow-http-request-headers-from  element  Here s our default  development   allow everything  policy    lt  xml version  1 0    gt   lt cross-domain-policy gt     lt site-control permitted-cross-domain-policies  master-only   gt     lt allow-access-from domain      gt     lt allow-http-request-headers-from domain     headers      gt   lt  cross-domain-policy gt

User · Answer

If you re using webservices  you ll also need the  allow-http-request-headers-from  element  Here s our default  development   allow everything  policy    lt  xml version  1 0    gt   lt cross-domain-policy gt     lt site-control permitted-cross-domain-policies  master-only   gt     lt allow-access-from domain      gt     lt allow-http-request-headers-from domain     headers      gt   lt  cross-domain-policy gt

User · Answer

This is what I ve been using for development    lt  xml version  1 0    gt   lt cross-domain-policy gt   lt allow-access-from domain       gt   lt  cross-domain-policy gt    This is a very liberal approach  but is fine for my application   As others have pointed out below  beware the risks of this

User · Answer

This is what I ve been using for development    lt  xml version  1 0    gt   lt cross-domain-policy gt   lt allow-access-from domain       gt   lt  cross-domain-policy gt    This is a very liberal approach  but is fine for my application   As others have pointed out below  beware the risks of this

User · Answer

In production site this seems suitable    lt  xml version  1 0   gt   lt cross-domain-policy gt   lt allow-access-from domain  www mysite com    gt   lt allow-access-from domain  mysite com    gt   lt  cross-domain-policy gt

User · Answer

If you re using webservices  you ll also need the  allow-http-request-headers-from  element  Here s our default  development   allow everything  policy    lt  xml version  1 0    gt   lt cross-domain-policy gt     lt site-control permitted-cross-domain-policies  master-only   gt     lt allow-access-from domain      gt     lt allow-http-request-headers-from domain     headers      gt   lt  cross-domain-policy gt

User · Answer

A version of crossdomain xml used to be packaged with the HTML5 Boilerplate which is the product of many years of iterative development and combined community knowledge  However  it has since been deleted from the repository  I ve copied it verbatim here  and included a link to the commit where it was deleted below    lt  xml version  1 0   gt   lt  DOCTYPE cross-domain-policy SYSTEM  http   www adobe com xml dtds cross-domain-policy dtd  gt   lt cross-domain-policy gt     lt  -- Read this  https   www adobe com devnet articles crossdomain policy file spec html -- gt      lt  -- Most restrictive policy  -- gt     lt site-control permitted-cross-domain-policies  none   gt      lt  -- Least restrictive policy  -- gt     lt  --    lt site-control permitted-cross-domain-policies  all   gt     lt allow-access-from domain     to-ports     secure  false   gt     lt allow-http-request-headers-from domain     headers     secure  false   gt    -- gt   lt  cross-domain-policy gt    Deleted in  1881 https   github com h5bp html5-boilerplate commit 58a2ba81d250301e7b5e3da28ae4c1b42d91b2c2

User · Answer

If you re using webservices  you ll also need the  allow-http-request-headers-from  element  Here s our default  development   allow everything  policy    lt  xml version  1 0    gt   lt cross-domain-policy gt     lt site-control permitted-cross-domain-policies  master-only   gt     lt allow-access-from domain      gt     lt allow-http-request-headers-from domain     headers      gt   lt  cross-domain-policy gt

User · Answer

This is what I ve been using for development    lt  xml version  1 0    gt   lt cross-domain-policy gt   lt allow-access-from domain       gt   lt  cross-domain-policy gt    This is a very liberal approach  but is fine for my application   As others have pointed out below  beware the risks of this

[flash] Can someone post a well formed crossdomain.xml sample?

Examples related to flash

Examples related to crossdomain.xml