diff --git a/content/base/src/nsDataDocumentContentPolicy.cpp b/content/base/src/nsDataDocumentContentPolicy.cpp
index 478db8c5cbdf..b0c52ed97dca 100644
--- a/content/base/src/nsDataDocumentContentPolicy.cpp
+++ b/content/base/src/nsDataDocumentContentPolicy.cpp
@@ -87,14 +87,12 @@ nsDataDocumentContentPolicy::ShouldLoad(PRUint32 aContentType,
   }
 
   if (doc->IsBeingUsedAsImage()) {
-    // Only allow SVG-as-an-image to load local resources that inherit security
-    // context (basically just data: URIs), to prevent data leakage.
+    // Allow local resources for SVG-as-an-image documents, but disallow
+    // everything else, to prevent data leakage
     bool hasFlags;
-    nsresult rv =
-      NS_URIChainHasFlags(aContentLocation,
-                          nsIProtocolHandler::URI_IS_LOCAL_RESOURCE |
-                          nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
-                          &hasFlags);
+    nsresult rv = NS_URIChainHasFlags(aContentLocation,
+                                      nsIProtocolHandler::URI_IS_LOCAL_RESOURCE,
+                                      &hasFlags);
     if (NS_FAILED(rv) || !hasFlags) {
       // resource is not local (or we couldn't tell) - reject!
       *aDecision = nsIContentPolicy::REJECT_TYPE;
diff --git a/layout/reftests/svg/as-image/reftest.list b/layout/reftests/svg/as-image/reftest.list
index ce49679607eb..54fc3ad92665 100644
--- a/layout/reftests/svg/as-image/reftest.list
+++ b/layout/reftests/svg/as-image/reftest.list
@@ -109,11 +109,11 @@ random == img-and-image-1.html img-and-image-1-ref.svg # bug 645267
 # tests for external resources vs. data URIs in SVG as an image
 == svg-image-datauri-1.html            lime100x100.svg
 HTTP == svg-image-datauri-1.html       lime100x100.svg
-== svg-image-external-1.html           blue100x100.svg
+fails-if(Android) == svg-image-external-1.html           lime100x100.svg
 HTTP == svg-image-external-1.html      blue100x100.svg
 == svg-stylesheet-datauri-1.html       lime100x100.svg
 HTTP == svg-stylesheet-datauri-1.html  lime100x100.svg
-== svg-stylesheet-external-1.html      blue100x100.svg
+random == svg-stylesheet-external-1.html      lime100x100.svg # see bug 629885 comment 9
 HTTP == svg-stylesheet-external-1.html blue100x100.svg
 
 # test that :visited status is ignored in image documents