<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
- <allow-access-from domain="*"/>
- <allow-http-request-headers-from domain="*" headers="Authorization,X_HTTP_METHOD_OVERRIDE"/>
- <allow-http-request-headers-from domain="*.openstreetmap.org" headers="*"/>
- <allow-http-request-headers-from domain="*.openstreetmap.net" headers="*"/>
- <allow-http-request-headers-from domain="*.openstreetmap.com" headers="*"/>
+ <allow-access-from domain="*" secure="false"/>
+ <allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>