Flash Security Exception in URLLoader (subdomain issue)

I'm working on a Flash magazine. When the magazine loads, it starts fetching all the needed images for the pages. However, I've run into a strange Security Issue :S. Let me try to explain...

This is how everything is setup on the server:

mydomain.com/view.html          <--- the main page that embeds /swf/theviewer.swf
mydomain.com/swf/theviewer.swf  <--- the magazine viewer

mydomain.com/img/img01.jpg      <-
mydomain.com/img/img02.jpg      <--
mydomain.com/img/img03.jpg ...  <--- all the images that the mag fetches

The magazine is 'hard'-coded to always fetch images from 'mydomain.com/img/*'.

If I open my browser, and navigate to 'http://mydomain.com/view.html' everything works out neat.

However, if I go to 'http://WWW.mydomain.com/view.html' instead, the viewer throws a Security Exception (an URLLoader throws it, actually).

Can someone help me figure out what's going on?

UPDATE:

I've properly setup my crossdomain.xml file to allow *.mydomain.com

Also, I've set 'allowScriptAccess' to sameDomain. Still have the same issue.

There's another thing, a couple friends that were testing the site said that when opening the site with Firefox this does NOT happen (everything's fine), however if I 开发者_如何学JAVAuse Firefox, error's there. Maybe it has something to do with browser's own security policies.

You may have a cross domain security issue. Since the domain roots are the same, but one is excluding the "www", it is likely that the SWF (or your html/javascript) is seeing it as a different domain since it is not an exact match.

Here is an article on what I am talking about. http://blancer.com/tutorials/30030/quick-tip-a-guide-to-cross-domain-policy-files/

Also, make sure that your "allowScriptAccess" property is set to "sameDomain" or "always". here is a related article on that as well.. http://kb2.adobe.com/cps/164/tn_16494.html