Some times you may pass over the following problem: the data doesn’t loads although the flex application is showing busy cursor. It remains in the loading process but it doesn’t finish. One of the following thing happens:

As you can see in the image above the SWF is not accessing the same domain it come from as it resides on www.test.ro and tries to access www.testserver.ro. Due to flash player security policy this is not posible by default.

Here enters the crossdomain.xml file (the default cross-domain policy file). A cross-domain policy file is an XML file that provides a way for the server to indicate that its data and documents are available to SWF files served from other domains. Any SWF file that is served from a domain that the server’s policy file specifies is permitted to access data or assets from that server.

When a Flash document attempts to access data from another domain, Flash Player attempts to load a policy file from that domain.

crossdomain.xml resides at the root directory of the server that is serving the data. The following example policy file permits access to Flash documents that originate from foo.com, friendOfFoo.com, *.foo.com, and 105.216.0.40:

<?xml version="1.0"?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="www.friendOfFoo.com"/>
<allow-access-from domain="*.foo.com"/>
<allow-access-from domain="105.216.0.40"/>
</cross-domain-policy>

You can also configure ports in the crossdomain.xml file and you can use the loadPolicyFile() method to access a nondefault policy file.

If you are in the case bellow, then no need of cross domain policy file because the SWF come from the same domain it tries to access back.

Resources:
Using cross-domain policy files
Overview of permission controls
Cross-domain policy file usage recommendations for Flash Player
Allowing cross-domain data loading
About compatibility with previous Flash Player security models
cross domain policy files (moock.org)
Why crossdomain.xml is a good thing

Popularity: 34%