<?xml version="1.0" encoding="utf-8"?>  
<ACCESS-POLICY>  
  <CROSS-DOMAIN-ACCESS>  
<POLICY>  
      <ALLOW-FROM http-request-headers="*">  
        <DOMAIN uri="*" />  
      </ALLOW-FROM>  
      <GRANT-TO>  
        <RESOURCE include-subpaths="true" path="/" />  
      </GRANT-TO>  
    </POLICY>  
  </CROSS-DOMAIN-ACCESS>  
</ACCESS-POLICY>
