We introduced a dialog to mitigate an issue where attackers could exfiltrate information from local-with-filesystem SWFs to the network by creatively encoding data in URLs. We've made a string of bugfixes over the last couple releases dealing with specific instances of this issue. As a security-in-depth measure, we introduced this dialog to create a speed-bump against exfiltrating large amounts of data, as there's a maximum length to a given URL. A script that requested hundreds of crafted URLs as a method for exfiltrating data would not be nearly as useful if the end-user gets a prompt every time.
The allow everything behavior sounds like it might be a bug, although it would be interesting to know if the Flash Debugger throws any error message (if you're using the standard release player at the moment).
If it is just mysteriously failing, it would be helpful to file a bug with SWFs that reproduce the issue. You can do that at bugbase.adobe.com. If you reply to this message with the bug number, I'll make sure that it gets triaged and get back to you with a workaround, escalate it to the engineering team for a fix or both.
If you can, you might want to use ExternalInterface.call() to initiate navigation, and then do the actual navigation using JavaScript. This will get you around the dialog.