As it turns out, your site needs a policy file.
This is hard to figure out, as the only symptom is that your flash file will not, for the life of you, pull data when you open it via http request. It does however work beautifully when you open it from filesystem or test it through flash developer. In my opinion, it should not work when you open it via file protocol, and this is a bug with macromedia’s logic…. but whatever.
If you trace the http requests (something live live-http-headers works well) you will see this
GET http://mysite.com/flashfile.htm - 200 GET http://mysite.com/flashfile.swf - 200 GET http://mysite.com/crossdomain.xml - 404
It is the crossdomain.xml file, which when not present will not allow a flash file to pull data from your site, if the flash file is located on a different domain.
Here is an example crossdomain.xml file which will allow flash files located on any domain to query a webservice on your domain
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>