<?xml version="1.0" encoding="utf-8"?>
<access-policy>
     <cross-domain-access>
           <policy>
                <allow-from http-request-headers="*">
                     <domain uri="*"/>
                </allow-from>
                <grant-to>
                     <resource path="/" include-subpaths="true"/>
                </grant-to>
           </policy>
     </cross-domain-access>
</access-policy>
