A cross-domain policy file is an XML document that grants a web client—such as Adobe Flash Player, Adobe Reader, etc., permission to handle data across multiple domains. When a client hosts content from a particular source domain and that content makes requests directed towards a domain other than its own, the remote domain would need to host a cross-domain policy file that grants access to the source domain, allowing the client to continue with the transaction. Policy files grant read access to data, permit a client to include custom headers in cross-domain requests, and are also used with sockets to grant permissions for socket-based connections.
For full details, check out Adobe's article about the cross-domain policy file specification
- (PDF, 129 KB)