Is it possible to bypass the cross-domain.xml requirement for an Adobe AIR application built with Flex?

Question

Is it possible for an Adobe AIR application to connect to a remove webservice that does not expose a cross-domain.xml file? If so, how do you configure the security sandbox within Air to allow this?

I have attempted a socket connection and received the following error:

securityErrorHandler: 
[SecurityErrorEvent 
    type="securityError" 
    bubbles=false 
    cancelable=false 
    eventPhase=2 
    text="Error #2048: Security sandbox violation: app:/MyApp.swf cannot 
            load data from gmail.com:5222." errorID=0
]

Answer 1

AIR applications do not have a same domain policy like Flash Player in the browser. So you do not usually need cross domain policy files with AIR apps. However sometimes AIR will throw SecurityErrorEvent's that can be ignored. Here is an example:

<?xml version="1.0" encoding="utf-8"?>
<mx:WindowedApplication xmlns:mx="http://www.adobe.com/2006/mxml"&gt;

  <mx:applicationComplete>
    <![CDATA[
      var s:Socket = new Socket();
      s.addEventListener(ProgressEvent.SOCKET_DATA, function(event:ProgressEvent):void {
        t.text += event.target.readUTFBytes(event.target.bytesAvailable);
      });
      s.addEventListener(Event.CONNECT, function(event:Event):void {
        t.text += "Event.CONNECT\n\n";
        s.writeUTF("GET / HTTP/1.0\n\n");
      });
      s.addEventListener(SecurityErrorEvent.SECURITY_ERROR, function(event:SecurityErrorEvent):void {
        trace('security sandbox error ignored');
      });
      s.connect("www.jamesward.com", 80);
    ]]>
  </mx:applicationComplete>

  <mx:TextArea id="t" width="100%" height="100%"/>

</mx:WindowedApplication>