diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp
index 6f69763c09a2..16926b28e6fa 100644
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -686,7 +686,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
         { "aim",             AllowProtocol  },
         { "data",            AllowProtocol  },
         { "keyword",         DenyProtocol   },
-        { "resource",        DenyProtocol   },
+        { "resource",        ChromeProtocol },
         { "gopher",          AllowProtocol  },
         { "datetime",        DenyProtocol   },
         { "finger",          AllowProtocol  },
@@ -707,8 +707,13 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
                 mPrefs->GetBoolPref("security.checkloaduri", &doCheck);
                 return doCheck ? ReportErrorToConsole(aTargetURI) : NS_OK;
             case ChromeProtocol:
-                return (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) ?
-                    NS_OK : ReportErrorToConsole(aTargetURI);
+                if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME)
+                    return NS_OK;
+                // resource: and chrome: are equivalent, securitywise
+                if ((PL_strcmp(sourceScheme, "chrome") == 0) ||
+                    (PL_strcmp(sourceScheme, "resource") == 0))
+                    return NS_OK;
+                return ReportErrorToConsole(aTargetURI);
             case AboutProtocol:
                 // Allow loading about:blank, otherwise deny
                 if(NS_FAILED(targetUri->GetSpec(getter_Copies(targetSpec))))
diff --git a/layout/generic/nsImageFrame.cpp b/layout/generic/nsImageFrame.cpp
index 2e0759330d10..9ecabcf6d84c 100644
--- a/layout/generic/nsImageFrame.cpp
+++ b/layout/generic/nsImageFrame.cpp
@@ -1461,7 +1461,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
 {
   PRBool shouldLoad = PR_TRUE; // default permit
 
-#if 0
   nsCOMPtr<nsIScriptSecurityManager> securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
 
   if (securityManager) {
@@ -1472,7 +1471,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
     if (NS_FAILED(proceed))
       return PR_FALSE;
   }
-#endif
 
   // XXX leave this if 0'd until there is a good way to test it.
 #if 0
diff --git a/layout/html/base/src/nsImageFrame.cpp b/layout/html/base/src/nsImageFrame.cpp
index 2e0759330d10..9ecabcf6d84c 100644
--- a/layout/html/base/src/nsImageFrame.cpp
+++ b/layout/html/base/src/nsImageFrame.cpp
@@ -1461,7 +1461,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
 {
   PRBool shouldLoad = PR_TRUE; // default permit
 
-#if 0
   nsCOMPtr<nsIScriptSecurityManager> securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
 
   if (securityManager) {
@@ -1472,7 +1471,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
     if (NS_FAILED(proceed))
       return PR_FALSE;
   }
-#endif
 
   // XXX leave this if 0'd until there is a good way to test it.
 #if 0