I've written a few sample apps. One that uses WebService and one that uses HTTPService.
- My app is running on my local box. - The WebService makes a request to say www.somewhere.com. - The HTTPServicemakes a request to say www.anotherdomain.com. Both requests work without a crossdomain.xml file on www.somewhere.com or www.anotherdomain.com. Am I not understanding correctly how the security model works? My understanding is that these 2 calls should not work. - Mike
