<?xml version="1.0"?>
<cross-domain-policy>
  <site-control permitted-cross-domain-policies="all"/>
  <allow-http-request-headers-from domain="*" headers="*" secure="false"/>
  <allow-access-from domain="*" secure="false" />
</cross-domain-policy>
