Flash player has got a strong security policy. It doesn’t load any resources (including xml-files) from an alien domain. The proper domain is the one the swf file is loaded from. Please note that the domain names http://somesite.com and http://www.somesite.com are different domain names for the Flash player.
A universal solution is to redirect users from one domain to another, so that the domain name concurs with the one which is hard-coded into the application. If a user opens http://somesite.com, then he must be redirected to http://www.somesite.com (or vice-versa).