What is a crossdomain.xml file?


A crossdomain.xml file is a file that usually sits in the root folder of your webserver.  This file is basically an opt-in to allow access to your data from outside your web domain.  This is the crossdomain bit - you have to actively give permission for someone to "trespass".


Many web applications require access to data from somewhere different than where the app file originates.  The crossdomain.xml file gives these web apps permission.

Things that may require crossdomain.xml access:
  • Flash
  • SWF
  • Flex
  • Adobe pdf reader
  • Silverlight

Example of a crossdomain.xml file:
This following example of a crossdomain file basically allows no access, it's the strictest policy. 

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
    <site-control permitted-cross-domain-policies="none"/>
</cross-domain-policy>


If you want to allow access then it's important to learn the sercurity implications so have a read of the following articles before allowing access to your web server:
www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html
curtismorley.com/2007/09/01/flash-flex-tutorial-how-to-create-a-crossdomainxml-file
jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site

Comments

Post a Comment

Popular posts from this blog

Query to get concurrent Program details with Parameter list and value set attached to parameter.

Image
Query : SELECT fcpt.user_concurrent_program_name,   fcp.concurrent_program_name,   fcp.concurrent_program_id,   fav.application_short_name,   fav.application_name,   fav.application_id,   fdfcuv.column_seq_num,   fdfcuv.end_user_column_name,   fdfcuv.form_left_prompt prompt,   ffvs.flex_value_set_name,   fdfcuv.enabled_flag,   fdfcuv.required_flag,   fdfcuv.display_flag FROM apps.fnd_concurrent_programs fcp,   apps.fnd_concurrent_programs_tl fcpt,   apps.fnd_descr_flex_col_usage_vl fdfcuv,   apps.fnd_application_vl fav,   apps.fnd_flex_value_sets ffvs WHERE fcp.concurrent_program_id       = fcpt.concurrent_program_id AND fav.application_id                = fcp.application_id AND fcpt.language                     = 'US' AND ffvs.flex_value_set_id           ...
Read more

AR and OM link in oracle apps / AR transaction and Sales Order join query

SELECT rcta.customer_trx_id, rcta.trx_number, rcta.trx_date, ac.customer_name, rctla.line_number inv_line_number, rctla.unit_selling_price inv_unit_selling_price, ooha.header_id, ooha.order_number, oola.line_number so_line_number, oola.line_id, oola.ordered_item, oola.ordered_quantity * oola.unit_selling_price so_amount FROM apps.ra_customer_trx_all rcta, apps.ra_customer_trx_lines_all rctla, apps.ar_customers ac, apps.oe_order_headers_all ooha, apps.oe_order_lines_all oola WHERE 1 = 1 AND rcta.customer_trx_id = rctla.customer_trx_id AND rcta.bill_to_customer_id = ac.customer_id AND ooha.header_id = oola.header_id AND rctla.interface_line_attribute6 = TO_CHAR(oola.line_id) AND rctla.interface_line_attribute1 = TO_CHAR(ooha.order_number) AND rcta.trx_number = nvl(:p_trx_number,rcta.trx_number) AND ooha.order_number = nvl(:p_order_number,ooha.order_number);
Read more

Japan Style: Architecture Interiors Design

Image
Enter the world of the stylish Japanese house, where every object in sight is a work of art. Japan Style introduces 20 special residences. With more than 200 color photographs, this book showcases the stunning beauty of old homes, and reveals how they are cared for by their owners. Traditional Japanese homes, with superbly crafted fine wood, great workmanship and seasonal interior arrangements, have an aesthetic of infinite simplicity. Unlike Japanese inns and historical buildings, the houses featured in this book are private property and are not open to public viewing. Japan Style offers a rare glimpse into the intimate world of the everyday Japanese and fascinating insight into the traditional architecture of Japan download link http://libgen.io/_ads/E7F3D5D3E376CB1E116D00AFC8E89AC4 .
Read more