Policy File Configuration - Adobe 12001196 - Acrobat - Mac Manual

Section 7 Cross Domain Configuration
• Enhanced security is enabled and privileged locations are not locked. Here the warning button
appears with an options button. The user is provided with the option to trust the document once or
always. Trusting the document "always" results in adding the document as a privileged location.
Yellow message bar: Cross domain access not locked
Yellow message bar: Cross domain access locked

7.2 Policy file configuration

A cross-domain policy is simply a user-defined set of permitted data access rules encapsulated in a
crossdomain.xml file. It is only viable on servers that communicate via HTTP, HTTPS, or FTP. A
cross-domain policy file is an XML document that grants a web client permission to handle data across
one or more domains. When a client hosts content from a particular source domain and that content
makes requests directed towards a domain other than its own, the remote domain would need to host a
cross-domain policy file that grants access to the source domain, allowing the client to continue with the
transaction. Policy files grant read access to data as well as permit a client to include custom headers in
cross-domain requests.
The cross domain feature introduced with 9.0 allows administrators to:
• Create a cross-domain policy based on a specification.
• Configure access to a broad range of locations relative to the requestor.
• Locate the policy according to a flexible set of rules.
7.2.1 Policy file syntax
An XML policy file contains a single <cross-domain-policy> tag, which contains zero or more
<allow-access-from> tags. Each <allow-access-from> tag contains a domain attribute specifying either an
exact IP address, an exact domain, or a wildcard domain (an asterisk followed by a suffix which matches
only domains that end with the specified suffix).
The full syntax of crossdomain.xml files is beyond the scope of this document, as those details are
available in the Cross Domain Policy File Specification
policy file schema as well as each different type of policy file (either HTTP, HTTPS, FTP) since policy files
hosted in each of those contexts are slightly different.
Note
Because Acrobat and Flash share the same cross domain model, the specification as well as much of
the Flash documentation may prove useful to you.
7.2.2 Policy file best practices
Page 56
DTD and XSDs are available to define the generic
Section 7 Cross Domain Configuration
Application Security Guide