I was having a problem today with a Flex app that uploads images using a coldfusion file. The situation was that web users could hit this website using two separate domains (i.e. - myCoolSite.com vs. myKoolSite.com).
The application file had a variable that would specify the domain name, and I would build the ActionUrl for the Flex app using this domain name. The Flex application would bomb (only in IE for some reason) when the action page url was not the same domain as the one they came in on (which the Flash SWF url was at). Keep in mind that its the exact same site on the server.
The Flex error was #2049 Security sandbox violation: _ cannot upload data to.... This states the Url is bad. Not so. The app was just having problems using the url on a different domain. So, I changed the code that builds the ActionUrl based on the current domain, and voila! Problem solved.
Simple code to create ActionUrl is below:
<cfset uploadActionStringUrl = "#httpValue##cgi.HTTP_HOST#/myFileContainingCFFILE.cfm">
Happy Turkey Day everyone! Be safe.