I had a perfectly working PHP page with an iframe inside. Suddenly it stoped working in Chrome with this error:
Chrome detected unusual code on this page and blocked it to protect your personal information...
After looking around found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' (reference)
So the fastest solution (and involving the least change in code) is to disable X-XSS-Protection by sending a value of 0 from the server.
Here is how to do it from PHP