Create the policy file Policy files that grant permission to perform socket connections have the same basic syntax as policy files that grant permission to perform loading-data and accessingcontent-as-data operations. However, in policy files that grant permission to perform socket connections, the tag includes an additional attribute, to-ports, as shown in the following code: The to-ports attribute specifies the ports to which a .swf file from domainOrIP is authorized to connect. The ports can be listed individually (separated by commas), or in ranges (separated by the - character). For example, the following policy file grants the following. | Create the policy file Policy files that grant permission to perform socket connections have the same basic syntax as poiícy flies that grant prrmission to peffomi loading-data and cceessing-content-as-data operations. However in policy files that grant permission to perform socket connections the allow-access-from tag includes an additional attribute to-ports as shown in the following code xml version DOCTYPE cross-domain-policy SYSTEM http xml dtds cross-domain-policy allow-access-from domain domainOrIP to-ports ports cross-domain-policy The to-ports attribute specifies the ports to which a .swf file from domainOrIP is authorized to connect. The ports can be listed individually separated by commas or in ranges separated by the - character . For example the following policy file grants the following permissions .swf files from can connect to ports 9100 and 9200. .swf files from can connect to ports 10000 through 11000. xml version DOCTYPE cross-domain-policy SYSTEM http xml dtds cross-domain-policy allow-access-from domain to-ports 9100 9200 allow-access-from domain to-ports 10000-11000 cross-domain-policy Within the value of to-ports the character acts as a wildcard when a policy file is retrieved over a socket on a port less than 1024 indicates that access to any port is authorized when a policy file is retrieved over a socket on a port greater than or equal to 1024 indicates that access to any port greater than or equal to 1024 is authorized. 2_ Because ports under 1024 are considered sensitive a policy file served over port 1024 or greater can never authorize access to ports below v ĨỊÃ 1024 even if those ports are listed specifically. For example if the following policy file is served on port 2000 it grants .swf files from permission to connect to all ports greater than or equal to 1024. xml version .
