• Register
0 votes

Problem :

My working PHP page with an iframe inside suddenly stopped started giving following error
chrome detected unusual code on this page and blocked it to protect your personal information
6 5 3
6,930 points

Please log in or register to answer this question.

2 Answers

0 votes

Solution :

I had faced the same issue recently.
After doing lot of research i found the solution on this issue.

I found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block'

So the fastest solution according to me is to disable X-XSS-Protection by sending just a value of 0 from the server.

Followig is example of how to do it from PHP

header("X-XSS-Protection: 0");

Further Readings:

9 7 4
38,600 points
0 votes


After searching  web found that Chrome changed its default implementation of X-XSS-Protection to 'X-XSS-Protection: 1; mode=block' (reference)

So the latest solution (and concerning the least change in code) is to disable X-XSS-Protection by sending a value of 0 from the server.

Here is the process how to do it from PHP

header("X-XSS-Protection: 0");

This is occured by a webpage displaying HTML that was POST'd to it, at the time that HTML contains JS event triggers, for example :

<p class="someParagraph" onClick="doTheMagicThing();">

In case you have an iframe, that accepts text like this in a POST or a forum, and you show that text, as well, thereafter Chrome will issue the error (and successfully block the page), if not you have the X-XSS-Protection header disabled.

This error message is triggered at the time Google  Chrome conceives a “cross-site scripting” attack is occuring. These attacks occur at the time a browser is tricked into rendering HTML or JavaScript that is not intended to be a part of the website being shown.

In case you administer the website

In case you’re viewing this message on a website you administer, and it’s occuring at the time usual usage, for example submitting a form, you can inhibit it by including a page header to the POST submission.



For ASP.net



10 6 4
31,120 points

Related questions

1 vote
1 answer 47 views
Problem: I have written a very simple application. Please find below the code for my simple application which is calling the API in each second. After each of the call a chrome memory allocation size for that particular tab increases continuously. But not by the reducing that memory. ... xhttp.send();     } </script> </body> </html> Kindly help me in finding out the root cause of this issue.
asked May 27, 2020 Martin K 6.6k points
0 votes
1 answer 23 views
I want to know the reason why
asked Jul 25, 2020 James Martin 2.2k points
0 votes
1 answer 22 views
Problem: I want to create a page to search and show results on same page. i have the html code with form to search for a result ,but i need php code to search and display on same page. <html> <head> <title>Search</title> <link rel="stylesheet" type="text/css" href="style. ... </label> <input type="text" name="search" /> <input type="submit" name="submit" value="Search" /> </form> </body> </html>
asked Oct 30, 2020 prog_learner 2.5k points
0 votes
1 answer 72 views
Problem: Can any one guide me ? "This commercial database offers news and information on legal, public records, and business issues are? A) CSi B) Proquest Dialog C) Dow Jones Factiva D) Lexisnexis"
asked Feb 21, 2020 maddi86 5.4k points
0 votes
1 answer 34 views
Problem: I have installed wordpress and wordpress them setting on cpanel,but now i am facing this issue that wordpress detected my website is at risk can anyone help to resolve this issue.
asked Nov 1, 2020 prog_learner 2.5k points
0 votes
1 answer 1.6K views
Problem : I am trying to build the Google Chrome extension. I searched on every platform and took every step to resolve my below error &ldquo;Your file was not found it may have been moved or deleted. err_file_not_found&rdquo; I have done everything that I could , but ... \User Data**),like the other extensions my extension also has no folder. Please let me know how to fix the extension issue.
asked Jan 22, 2020 jwilliam 3.9k points
0 votes
1 answer 230 views
Problem : When I try to upload my application on to the GoDaddy shared Plesk hosting account, I get the below error. &ldquo;This program is blocked by group policy. For more information, contact your system administrator.&rdquo; Does anyone know a purpose of this block or why the Microsoft puts it there? Please Note : The app uses C# and not VB.
asked Feb 4, 2020 jwilliam 3.9k points
2 votes
1 answer 35 views
Problem : I have some issues with chrome browser because of my eyes issues I can&rsquo;t see the bright colors .My browser tab bar has a light tan and white color theme. My eyes are really very sensitive to light bright colors. so I want to customize the color of my ... them because I I am unable to see them. I may go blind from this bright colored browser tab. How can I fix the chrome issue?
asked May 6, 2020 stewart 4k points