<?xml version="1.0"?>
<cross-domain-policy>
 <allow-access-from domain="*" />
<allow-http-request-headers-from domain=”*”/>
</cross-domain-policy>