Cross Domain Policy (crossdomain.xml)
A cross-domain policy file is an XML document that grants Adobe Flash Player (or other web client) permission to handle data across multiple domains. The most common location for a policy file on a server is in the root directory of a domain with the filename crossdomain.xml (e.g. http://example.com/crossdomain.xml).
When a client hosts content from a particular source domain and that content makes requests directed towards a domain other than its own, the remote domain would need to host a cross-domain policy file that grants access to the source domain, allowing the client to continue with the transaction. (http://www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html)
An example of a simple, permissive cross-domain policy file:
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy>
Examples
Loading a Cross Domain Policy File from a Remote Server
// (Loader) Application initialization public function initApp():void { Security.allowDomain( "remoteservername" ); Security.loadPolicyFile( "http://remoteservername/crossdomain.xml" ); var request:URLRequest = new URLRequest( "http://remoteservername/crossdomain.xml" ); var loader:URLLoader = new URLLoader(); loader.load( request ); }