For Windows 8.1 apps, you can no longer use an iframe for non-secure http URIs. You will get the error message in the question which suggests that you can just add your URI to ApplicationContentUriRules, but it will only allow you to add https URIs to the rules.
So you will have to use the proprietary <x-ms-webview>
tag instead of <iframe>
if you want to serve non-secure content from your app. (e.g. <x-ms-webview src="http://www.google.com">
)
see http://www.kraigbrockschmidt.com/2014/01/13/frame-to-webview-part-one/