Cross domain policies grant permission to communicate with servers other than the one
the client is hosted on.
Cross-domain XML file
The cross-domain policy is defined in an XML
A cross-domain policy file is an XML document that
grants a web client permission to handle data across multiple domains. When a client
hosts content from a particular source domain and that content makes requests
directed towards a domain other than its own, the remote domain must host a
cross-domain policy file that grants access to the source domain, allowing the
client to continue with the transaction. Policy files grant read access to data,
permit a client to include custom headers in cross-domain requests, and are also
used with sockets to grant permissions for socket-based connections.
For example, say that the Diffusion™ client is loaded from
static.example.com and the connection URL to the
Diffusion client is
crossdomain.xml file must be loaded from
A crossdomain.xml is required if one of the following is
- You are using Diffusion as a streaming data server and
a separate web server which are on different domains
- The Diffusion connection type is HTTP or HTTPS
- You are not using a load balancer to HTTP
rewrite Diffusion traffic
Note: You cannot use the iframe streaming transport with cross-domain
requests. This is not supported by Diffusion.