Adrián E Adrián E - 21 days ago 8
PHP Question

"Chrome detected unusual code" error in previously working iframe

I had a perfectly working PHP page with an iframe inside. Suddenly it stoped working in Chrome with this error:


Chrome detected unusual code on this page and blocked it to protect your personal information...


Any idea how to solve it?

Answer Source

After looking around found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' (reference)

So the fastest solution (and involving the least change in code) is to disable X-XSS-Protection by sending a value of 0 from the server.

Here is how to do it from PHP

header("X-XSS-Protection: 0");