This is something I came across at work that I thought I would share, because at first, it had me scratching my head.
One question I did not ask when I first realized that there was cookie support in AIR, was 'Where are the cookies stored?'. Well, it turns out that AIR uses the operating system's network stack for cookie support. Which means that AIR shares its cookies with any other browsers that use the network stack, which includes Internet Explorer on Windows Safari on OSX. Firefox manages its own cookies so it is unaffected by any of this.
I realized this when I was testing an AIR application that communicated with a ColdBox application. If I logged into the AIR application, which automatically logged into the ColdBox application, then when I would browse to the ColdBox application in Internet Explorer, I would already be logged in.
I kind of wish that, like Firefox, AIR would manage its own cookies. It seems wrong that it should work this way. Maybe I am off-base, but I don't like it. I don't know if it is too late for this to ever change, but if it can...