In Chrome, embedded content using iframe or script fails silently on the first page view or preview after editing the page - occurs in Google Chrome 24.0.1312.57.
A website editor may not see the contents of the iframe, embedded object or script on saving the page for the first time, but on reloading the page the site works as expected. The error console shows "Refused to execute a JavaScript script. Source code of script found within request."
This is a tracking issue for Google Chrome bug which may affect Drupal users and administrators when editing a page. The issue occurs when an editor with rights to full html and is adding an iframe, embedded content or script into the page inline, and may affect many similar web based CMS systems.
https://groups.google.com/a/chromium.org/forum/?fromgroups=#!topic/chromium-bugs/LR1DS6MY3jE
To reproduce: as a website editor with rights to 'full html' or 'filtered html', but with iframe tag accepted, try to add iframe embed code for a google calendar or a simple web page such as the example below. When the page is saved for the first time, Drupal displays the updated page, or optionally a preview of the page.
<iframe src="http://www.example.com"></iframe>
I spotted this in current version of Chrome - 24.0.1312.57 on OS X.. The content of the iframe is silently be dropped. The only error message appears in the Chrome error console. Right click and inspect page to see the error console.
"Refused to execute a JavaScript script. Source code of script found within request."
I had expected to see either the contents of the frame, or at least some form of error message to let me know about this change of behavior.
This occurs when adding a more complex page including scripts such as a Google Calendar, YouTube or other sites providing iframe embed example code.
On editing and saving the page after adding some html using a web based editer
<iframe src="http://calendar.google.com......."></iframe>
Although allowing embedded content might not be recommended for large websites, I would not be surprised to find that small sites using this method to add such content.
Sean Farrell
Edinburgh