我只是理解了它！它确实有做在我的Flash文件中的的Security.allowDomain 命令。我其实是主持的test.html 上domainone.com的子域，那就是把它扔了。它必须完全匹配，子域和所有。原来我并不需要的Security.allowDomain 命令引用domaintwo.com，也没有我需要的的crossdomain.xml 文件是present在所有的方案3！

I just figured it out! It did have to do with the Security.allowDomain commands in my Flash file. I was actually hosting the test.html on a subdomain of domainone.com, and that was throwing it off. It has to be an exact match, subdomain and all. It turns out I didn't need the Security.allowDomain command that referenced domaintwo.com, nor did I need the crossdomain.xml file to be present at all for Scenario 3!

由于在真实的版本这个剧本，我最终使用的，我不一定会知道什么domainone.com实际上是，我改变了code对Flash文件到该的顶部：

Since in the "real" version of this script that I end up using, I won't necessarily know what domainone.com actually is, I changed the code on the top of the Flash file to this:

import ajax.AjaxRequest;
try {
	var domain1:String = LoaderInfo(this.root.loaderInfo).parameters["allow"];
	if ( domain1.length > 0 ) {
		Security.allowDomain(domain1);
	}
} catch (error:Error) { }
try {
	var domain2:String = LoaderInfo(this.root.loaderInfo).parameters["allowhttps"];
	if ( domain2.length > 0 ) {
		Security.allowInsecureDomain(domain2);
	}
} catch (error:Error) { }
...

然后，在JavaScript中我使用嵌入到SWF那里摆在首位，我基本上抓住页从当前域document.location.toString（），检查它是否是使用HTTP或HTTPS，然后将域名作为允许和/或 allowhttps 的参数的FlashVars参数。有可能是一个更好的方式来做到这一点，不依赖于Flash变量（某种自动检测从Flash）设置的域了明确的，但我不会在ActionScript不够好图是精通出。而且，由于该文件已经做了一大堆的JavaScript和ActionScript之间的双向沟通​​，这不是什么大不了的事了。该解决方案是好足够了。

Then, in the JavaScript I'm using to embed the SWF there in the first place, I basically grab the current domain of the page from document.location.toString(), check whether it's using http or https, and then pass the domain in as allow and/or allowhttps in the flashvars parameter. There might be a "better" way to do this that doesn't rely on setting the domain up explicitly in the Flash Vars (some kind of automatic detection from within Flash), but I'm not versed in ActionScript well enough to figure that out. And since this file is already doing a whole bunch of bidirectional communication between JavaScript and ActionScript, it's not that big of a deal. This solution is good enough for me.