The specification appears to only support whitelisting; all settings are of the form "allow-access-from", not "deny-access-from".
Blacklist cross-domain policy file
-
13-01-2022 - |
Question
Is it possible with a cross-domain policy file for use with Flash/AS3 to specify a blacklist? i.e. allow all URLs except the ones listed? So far I have only used it with whitelisting.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow