Loading SWF doesn't work when SWF is stored on local PC

I have an HTML file which contains a Flash .FLV player; which then loads a given FLV video and plays it. The idea is all these files are stored locally on the PC as part of an application install, we use HTML/flash for the help/manual.

On my PC it works fine but on a user's PC nothing is displayed. However if I host the exact same file-structure online and give them the URL, it works perfectly.

I am guessing this is a security issue of some sort but have no idea how to address it. The browser being used is actually a XULRunner app, i.e it's the FireFox 3 engine but not actually FF. Since my PC isa developer PC开发者_如何学编程 it's entirely possible I've done something in the past on another project that makes it work, rather than my PC being special in some way.

For reference the HTML has the following in it - this is generated from some 3rd-party app:

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="723" height="445" id="FLVPlayer">
  <param name="movie" value="FLVPlayer_Progressive.swf" />
  <param name="quality" value="high" />
  <param name="wmode" value="opaque" />
  <param name="scale" value="noscale" />
  <param name="salign" value="lt" />
  <param name="FlashVars" value="&amp;MM_ComponentVersion=1&amp;skinName=Halo_Skin_2&amp;streamName=../../videos&amp;autoPlay=true&amp;autoRewind=false" />
  <param name="swfversion" value="8,0,0,0" />
  <!-- This param tag prompts users with Flash Player 6.0 r65 and higher to download the latest version of Flash Player. Delete it if you don’t want users to see the prompt. -->
  <param name="expressinstall" value="Scripts/expressInstall.swf" />
  <!-- Next object tag is for non-IE browsers. So hide it from IE using IECC. -->
  <!--[if !IE]>-->
  <object type="application/x-shockwave-flash" data="FLVPlayer_Progressive.swf" width="723" height="445">
    <!--<![endif]-->
    <param name="quality" value="high" />
    <param name="wmode" value="opaque" />
    <param name="scale" value="noscale" />
    <param name="salign" value="lt" />
    <param name="FlashVars" value="&amp;MM_ComponentVersion=1&amp;skinName=Halo_Skin_2&amp;streamName=../../videos&amp;autoPlay=true&amp;autoRewind=false" />
    <param name="swfversion" value="8,0,0,0" />
    <param name="expressinstall" value="Scripts/expressInstall.swf" />
    <!-- The browser displays the following alternative content for users with Flash Player 6.0 and older. -->
    <div>
      <h4>Content on this page requires a newer version of Adobe Flash Player.</h4>
      <p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p>
    </div>
    <!--[if !IE]>-->
  </object>
  <!--<![endif]-->
</object>

It sure is a security issue browsers do not have access to local files.
It worked on your system because you were in your sandbox.
Two things you can do.
First one - Host the FLVs online and access it that way. Like every other player out there.
Second one - Create an Air app.