The Flash Player 7 includes an additional security feature that does not allow scripts to be read across domains. It also does not recognize two URLs for the same site, with and without "www", as being on the same domain. For example, http://www.yourdomain.com or not recognized as being the same as http://yourdomain.com
If you specified a full URL in the "Server File" parameters of the flashTimer component, for example http://www.yourdomain.com/servertime.php, and your site is accessed by the URL http://yourdomain.com, a security message will appear from the Flash 7 Player, asking to verifying the transfer of data.
The solution that Macromedia have is to create a crossdomain.xml policy file on your webserver. This is how you would create it:
1. Open a new
document in a text editor, such as Notepad.
2. Paste the following code into the document:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="yourdomain.com" />
</cross-domain-policy>
3. Change "yourdomain.com"
with your own domain, without the "www".
4. Save this file under the name: crossdomain.xml
5. Upload this file to the root of your webserver (usually the same place
where the HTML files reside).
For more
information on the cross-domain policy file, please see the following
Macromedia article:
http://www.macromedia.com/support/flash/ts/documents/loadvars_security.htm