All Products
Document Center

Improper configuration issue in crossdomain.xml

Last Updated: Oct 31, 2017


The crossdomain.xml file in the root directory of the website indicates whether a remote Flash can load resources of the current website (images, web contents, and Flash). Improper configuration of the file may cause cross-site request forgery (CSRF) attacks.


If your website does not require loading external resources, change the domain attribute of the allow-access-from setting in the crossdomain.xml file to a domain name whitelist.