Bug 330443 caused a regression on the trunk for RSS feeds which are loading the web page in an iframe. i.e. <iframe src="http url for the article"> the requesting location for the imae is the src of the iframe and not the mailbox url loading the message. We end up always denying the load because we can't get the information we need. Before 330443 we threw an error so the content policy manager ignored our reject request. After 330443 landed, we don't return an error so the reject decision takes place.

Using version 3 alpha 1 (20061102) I see the exception below in the error console: Error: uncaught exception: [Exception... "Security error" code: "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location: "<unknown>"] BUT..The html page in question does load, even with the error. I'm only bringing this up due to the possibilty that the intended security restriction in #330443 is being ignored. I for one, indeed think that many of these "security" changes are much too limiting, so personally don't care. Just an FYI on the security implications. Source for the rss feed: <html> <head> <title>The Burning Mountain</title> <base href="http://www.nasa.gov/multimedia/imagegallery/image_feature_690.html"> <style type="text/css"> body { margin: 0; border: none; padding: 0; } iframe { position: fixed; top: 0; right: 0; bottom: 0; left: 0; border: none; } </style> </head> <body> <iframe id ="_mailrssiframe" src="http://www.nasa.gov/multimedia/imagegallery/image_feature_690.html"> Over 120 million years ago, a single mass of granite punched through the Earth?s crust and intruded into the heart of the Namib Desert in what is now northern Namibia </iframe> </body> </html>

I've fixed this regression on the trunk as part of Bug 359479 which is a security bug that you can't see. sorry! But it should be fixed in tomorrow's builds.

this got fixed on the branch as well when Bug 359479 landed there.

verified fixed 1.8.1.3 on Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.0 ID:2007032620 - tested the remote images in RSS Articles and its working fine.