The Internet is a means by which data is exchanged between clients and servers throughout the world. A variety of electronic file formats can be used exchange data. Additionally, a variety of client applications can be used to execute and display the various electronic file formats. For example, ADOBE's FLASH PLAYER application (“FLASH application”) executes and displays SHOCKWAVE FLASH files (“FLASH files”).
Generally, the FLASH application running on a client does not permit data contained within a FLASH file from a first domain (e.g., www.first-domain.com) to be accessed by a FLASH file from a second domain (e.g., www.second-domain.com). This security restriction may be referred to as creating a “domain boundary” that prohibits the sharing of data between FLASH files from different domains. Such sharing of data across a domain boundary can be termed as a “cross-domain data service.”
A crossdomain.xml policy file permits cross-domain data services for FLASH files from different domains being executed by a FLASH application. The crossdomain.xml policy file indicates to a FLASH application on a client (separate from the first and second domains) that FLASH files from a second domain have permission to cross the domain boundary and access data contained within the first domain's FLASH files.