Do not think that embedded in flash HTML is not important, sometimes small problems can lead to big "riots."
For example:
<param name="allowScriptAccess" value="sameDomain" />
Use allowscriptaccess to enable a flash application to communicate with its HTML page. This parameter is required because the Fscommand () and GetURL () actions may cause JavaScript to use the permissions of the HTML page, which may differ from the permissions of the Flash application. This has an important relationship to cross-domain security.
That is to say, if the SWF is under blog.80s.net.cn, but the page is under fmail.80s.net.cn, want to use Geturl or Fscommand call JS in the page is not OK
Unless you set the value to always
Value parameter Description:
Always allows scripting operations to be performed at any time.
Never prevents all scripts from performing operations.
Samedomain allows script operations to be performed only when the Flash application comes from the same domain as the HTML page.
The default values used by all HTML publishing templates are samedomain.