Flash gets authoritative and cracks down on misuse

If you’re a regular Flash developer, one thing you will have noticed is that the Flash Player is becoming stricter and stricter. When publishing Flash files, it is essential that you specify whether you are allowing the SWF to access local files or files held on a server. The problem comes when you want to access files on a different server, in which case you need to set up a cross-domain policy. This might sound like something out of an episode of Star Trek, but in truth is nothing more than an XML file that gives access to other domains. The XML file can be stored on your own server, and within it you can get access to a range of other servers that you may be required to get data from. This will especially be the case if you’re creating mashups or using APIs from other web services.
Whenever you send out a request to load any form of data, such as XML or variables from a server, Flash automatically looks for permission to load that file by looking for a file named ‘crossdomain.xml’. If the server you’re loading from does not have that, then you will need to add the following ActionScript to your file:

System.security.loadPolicyFile(“http://www.yourserver.com/crossdomain.xml”);

Within this file, you can then grant permission to other servers to retrieve your data.