• Register
0 votes
115 views

Problem :

My working PHP page with an iframe inside suddenly stopped started giving following error
chrome detected unusual code on this page and blocked it to protect your personal information
6 5 3
6,930 points

Please log in or register to answer this question.

2 Answers

0 votes

Solution :

I had faced the same issue recently.
After doing lot of research i found the solution on this issue.

I found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block'

So the fastest solution according to me is to disable X-XSS-Protection by sending just a value of 0 from the server.

Followig is example of how to do it from PHP

header("X-XSS-Protection: 0");

Further Readings:

9 7 4
38,600 points
0 votes

Solution:

After searching  web found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' (reference)

So the latest solution (and concerning the least change in code) is to disable X-XSS-Protection by sending a value of 0 from the server.

Here is the process how to do it from PHP

header("X-XSS-Protection: 0");

This is occured by a webpage displaying HTML that was POST'd to it, at the time that HTML contains JS event triggers, for example :

<p class="someParagraph" onClick="doTheMagicThing();">

In case you have an iframe, that accepts text like this in a POST or a forum, and you show that text, as well, thereafter Chrome will issue the error (and successfully block the page), if not you have the X-XSS-Protection header disabled.

This error message is triggered at the time Google  Chrome conceives a “cross-site scripting” attack is occuring. These attacks occur at the time a browser is tricked into rendering HTML or JavaScript that is not intended to be a part of the website being shown.

In case you administer the website

In case you’re viewing this message on a website you administer, and it’s occuring at the time usual usage, for example submitting a form, you can inhibit it by including a page header to the POST submission.

For PHP

header('X-XSS-Protection:0');

For ASP.net

HttpContext.Response.AddHeader("X-XSS-Protection","0");

 

10 6 4
31,120 points

Related questions

0 votes
1 answer 2 views
2 views
Problem: Please help me to solve it
asked Mar 18 Ifra 24.4k points
0 votes
1 answer 2 views
2 views
Problem: Can somebody help me solve the error I am getting the state information is invalid for this page and might be corrupted.?
asked 6 days ago Sana8989 8.9k points
0 votes
1 answer 29 views
29 views
I want to know the reason why
asked Jul 25, 2020 James Martin 2.2k points
1 vote
1 answer 56 views
56 views
Problem: I have written a very simple application. Please find below the code for my simple application which is calling the API in each second. After each of the call a chrome memory allocation size for that particular tab increases continuously. But not by the reducing that memory. ... xhttp.send();     } </script> </body> </html> Kindly help me in finding out the root cause of this issue.
asked May 27, 2020 Martin K 6.6k points
0 votes
1 answer 2 views
2 views
Problem Actually, I want to know more about chrome undo the action of &ldquo;prevent this page from creating additional dialogs?I couldn't find any clear answer to this anywhere.
asked 4 days ago neeraj 9.5k points
0 votes
1 answer 2 views
2 views
Problem: What are my options for dealing with this issue &ldquo;Which interface is executed faster and is safe from sql injection attacks&rdquo;?
asked Mar 30 tuhin1 48.4k points
0 votes
1 answer 2 views
2 views
Problem: I tried to download the Google Chrome code, and be able to totally edit it, on my computer, without all the depot tools and couldn`t figure out the right way.
asked Apr 3 Jack20 2.7k points
0 votes
2 answers 4 views
4 views
Problem: Please help me on > 'access denied you don't have permission to access on this server chrome' ?
asked Mar 18 sadi1982 36.3k points
0 votes
1 answer 1 view
1 view
Problem: I'll make a submission for a response to my question. Please, I have searched the internet but have not found any useful material, and I am now having trouble continuing my studies.
asked Apr 1 rakib1 51.5k points