If you have http://www.example1.com/a.swf and the following lines in
Security.allowDomain("*");
Security.loadPolicyFile("http://example2.com/subfolder/crossdomain.xml");
When you try to compile, you will receive the following error:
Error opening URL 'http://example2.com/crossdomain.xml'
This happens due to the fact that there is a security change in Flash player 10. crossdomain.xml can no longer work in sub folder without a crossdomain.xml in root directory.
A root directory must have a crossdomain.xml with the following meta policy for crossdomain.xml in sub folder’s to work.
<cross-domain-policy>
<site-control permitted-cross-domain-policies="by-content-type"/>
</cross-domain-policy>
Below are references from official Adobe site:
Understanding the security changes in Flash Player 10 – Policy file strictness: Phase 2
Policy file changes in Flash Player 9 and Flash Player 10 – Meta-policies