Ok, so I had my first WTF moment last night in trying to be more AS3 and flash happy. I started the FreshBooks API AS3 Library, and I tested it in Flex 3 and AIR. It worked great. Just so that the FreshBooks folks would know I started the project, I hit their contact us form and let them know. I was reading the API docs the other day and was surprised to see that they had added my library to the list of projects. How Cool! The only rub was they labeled it as a Flash project. That got me wondering if I had used anything that would keep it from working in Flash.

I scanned the code and was very pleased to see that the only class that would be an issue was ArrayCollection. So I changed that up and made and array out of it. No Sweat. Everything compiles and I am a happy guy. So I run it to test it out.

ArgumentError: Error #2096: The HTTP request header Authorization cannot be set via ActionScript.

Wait, what?!?! I set it via actionscript in a flex project with no issues. How is this different? Well I dug a little deeper and here is the rub. In the livedocs for AS3 URLRequestHeader its specified that Authorization is a reserved word. But in the class docs for Flex 2 URLRequestHeader it is not. Although I thought last night when I was looking at this the Flex 3 livedocs for URLRequestHeader didnt list it, it apears to. The problem is, this code works in Flex and AIR, but not in an AS3 only project.

First question is why is it reserved in AS3 and not Flex. Second, why does it work in Flex 3 when it shouldn’t. Third, how they hell am I supposed to authenticate against remote services without this?

I appeal to the flash gods that are smarter than me. Please set me straight