set flash crossdomain.xml to allow only SSL connections?

Question

How do I set the flash crossdomain.xml file to only allow https ssl secured connections? I have this but I think this will allow non secure connections too.

< cross-domain-policy > < allow-access-from domain="*" secure="false" / > < /cross-domain-policy >

score 4 · Accepted Answer · answered Feb 07 '11 at 19:29

4

Like the example below, simply change secure="false" to secure="true" to only allow secure SSL connections.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
  <allow-access-from domain="*" secure="true" />
</cross-domain-policy>

http://code.google.com/p/doctype/wiki/ArticleFlashSecurityCrossDomain

answered Feb 07 '11 at 19:29

Nick

3,096
3
20
25

What if my settings already have to-ports="80"? Do I have to change it to to-port="443", too. Or simply remove the to-ports attribute? – Scott Chu Jan 17 '17 at 06:43

set flash crossdomain.xml to allow only SSL connections?

1 Answers1