If your SWF is hosted on server A, and it needs to access data from servers B, C, and D then you need to put a cross domain policy file on servers B, C, and D that permit access from server A.
Note, these servers (A,B,C,D) are different servers ... the names are not aliases. It kind of sounded like one of your host names is an alias for the other. The cross domain policy file you deploy on each web server should allow access from server A, since that is where your SWF is hosted: <allow-access-from domain="serverA.domain.com" /> Also, newer versions of the Flash player will complain if your cross domain policy file does not have a "site-control" tag. Here's a simple one I use: <site-control permitted-cross-domain-policies="master-only"/> Which means there's only one policy file for my site. Adobe has some good resources on their site: http://www.adobe.com/devnet/security/ Check out the articles titled "Cross-domain policy file specification" and "Understanding security changes in Flash Player 10". Regards, Sunil
