"Chrome detected unusual code" error in previously working iframe

Question

I had a perfectly working PHP page with an iframe inside. Suddenly it stoped working in Chrome with this error:

Chrome detected unusual code on this page and blocked it to protect your personal information...

Any idea how to solve it?

Answer 1

After looking around found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' (reference)

So the fastest solution (and involving the least change in code) is to disable X-XSS-Protection by sending a value of 0 from the server.

Here is how to do it from PHP

header("X-XSS-Protection: 0");

Answer 2

Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' and mainly this issue found in Chrome Version 60 and window 10 PC see the below reference link related t this issue

https://bugs.chromium.org/p/chromium/issues/detail?id=702542

https://bugs.chromium.org/p/chromium/issues/detail?id=706038

https://productforums.google.com/forum/#!topic/chrome/4MUJd75N4Jw