HTTP response header

The X-Permitted-Cross-Domain-Policies header tells clients like Flash and Acrobat what cross-domain policies they can use. If you don't want them to load data from your domain set the header's value to none

Header usage statistics

X-Permitted-Cross-Domain-Policies response header information and usage statistics.

Websites using header X-Permitted-Cross-Domain-Policies 806,438
Percentage of websites that use X-Permitted-Cross-Domain-Policies header 1.50%
Total discovered header values 59
Header uses directives No
Header values are unique or random No
Most popular in the country Canada

Distribution by websites popularity

X-Permitted-Cross-Domain-Policies detection in the top websites by popularity

Top 10k sites 390 websites
Top 100k sites 3,290 websites
Top 1m sites 15,582 websites

Websites utilizing X-Permitted-Cross-Domain-Policies

List of websites that use X-Permitted-Cross-Domain-Policies header

Domain Country Rank Contacts
www.dropbox.com United States of America 57
eventbrite.com United States of America 60
www.eventbrite.com United States of America 60
www.shopify.com United States of America 159
www.xing.com Germany 217
www.theverge.com United States of America 242
See full domain list
Flat price per the report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.

Common header values

List of top common X-Permitted-Cross-Domain-Policies header values

Header value Value prevalence
none 97.31%
master-only 2.44%
"master-only"; 0.09%
all 0.07%
self 0.02%
by-content-type 0.01%
value 0.01%
* 0.01%
master-only; 0.01%
"none" 0.01%
“master-only” 0.00%
master only 0.00%
none; 0.00%
: none 0.00%
'master-only'; 0.00%
“none” 0.00%
none master-only by-content-type by-ftp-filename all 0.00%
"master-only" 0.00%
'none' 0.00%
same-origin 0.00%