Flash / Flex / ActionScript/Development/cross domain policy
Содержание
- 1 Adobe"s official policy-file syntax is XML-based and has the following structure:
- 2 Any number of <allow-access-from> tags can be included in a policy file
- 3 A policy file is an XML file that lists any domains that are allowed access to the code in the .swf.
- 4 Explicitly deny access to any domain except the current one
- 5 the * character authorizes all origins:
- 6 The following policy file allows all domains to connect to ports 80 and 110 (standard HTTP and POP mail ports):
- 7 To allow access to any and all domains
Adobe"s official policy-file syntax is XML-based and has the following structure:
<source lang="java">
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy
SYSTEM "http://www.adobe.ru/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="domainOrIP"/>
</cross-domain-policy>
</source>
Any number of <allow-access-from> tags can be included in a policy file
<source lang="java">
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy
SYSTEM "http://www.adobe.ru/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="example1.ru"/> <allow-access-from domain="example2.ru"/> <allow-access-from domain="example3.ru"/>
</cross-domain-policy>
</source>
A policy file is an XML file that lists any domains that are allowed access to the code in the .swf.
<source lang="java">
<?xml version="1.0"?> <cross-domain-policy>
<allow-access-from domain="www.otherdomain.ru" /> <allow-access-from domain="*.adobe.ru" /> <allow-access-from domain="68.45.67.89" />
</cross-domain-policy>
</source>
Explicitly deny access to any domain except the current one
<source lang="java">
<cross-domain-policy> </cross-domain-policy>
</source>
the * character authorizes all origins:
<source lang="java">
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy
SYSTEM "http://www.adobe.ru/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>
</source>
The following policy file allows all domains to connect to ports 80 and 110 (standard HTTP and POP mail ports):
<source lang="java">
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.ru/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy>
<allow-access-from domain="*" to-ports="80,110" />
</cross-domain-policy>
</source>
To allow access to any and all domains
<source lang="java">
<allow-access-from domain="*" />
</source>