HTTP response header

The X-Permitted-Cross-Domain-Policies header tells clients like Flash and Acrobat what cross-domain policies they can use. If you don't want them to load data from your domain set the header's value to none

Header usage statistics

X-Permitted-Cross-Domain-Policies response header information and usage statistics.

Websites using header X-Permitted-Cross-Domain-Policies 259,008
Percentage of websites that use X-Permitted-Cross-Domain-Policies header 2.27%
Total discovered header values 35
Header uses directives No
Header values are unique or random No
Most popular in the country Canada

Distribution by websites popularity

X-Permitted-Cross-Domain-Policies detection in the top websites by popularity

Top 10k sites 333 websites
Top 100k sites 3,084 websites
Top 1m sites 14,126 websites

Websites utilizing X-Permitted-Cross-Domain-Policies

List of websites that use X-Permitted-Cross-Domain-Policies header

Domain Country Rank Contacts
eventbrite.com United States of America 60
www.eventbrite.com United States of America 60
www.shopify.com United States of America 159
www.theverge.com United States of America 242
www.ted.com United States of America 243
www.vox.com United States of America 246
See full domain list

Geographical Distribution

Header usage distribution by websites across the globe.

Common header values

List of top common X-Permitted-Cross-Domain-Policies header values

Header value Value prevalence
none 98.04%
master-only 1.83%
all 0.06%
self 0.01%
“master-only” 0.01%
by-content-type 0.01%
value 0.01%
"master-only" 0.00%
master-only; 0.00%
value="master-only" 0.00%
''none'' 0.00%
: none 0.00%
"master-only"; 0.00%
“none” 0.00%
same-origin 0.00%
none; 0.00%
masters-only 0.00%
http://www.alokabide.euskadi.eus 0.00%
"none" 0.00%
* 0.00%