Problem
When trying to submit a form which contains HTML or JavaScript – you receive an error message which reads
This page isn't working Chrome detected unusual code on this page and blocked it to protect your personal information (for example, passwords, phone numbers, and credit cards). ERR_BLOCKED_BY_XSS_AUDITOR
Solution
This error message is triggered when Google Chrome believes a “cross-site scripting” attack is happening. These attacks happen when a browser is tricked into rendering HTML or JavaScript that is not meant to be a part of the website being displayed.
If you administer the website
If you’re seeing this message on a website you administer, and it’s happening during normal usage, for example submitting a form, you can suppress it by adding a page header to the POST submission.
For PHP
header('X-XSS-Protection:0');
For ASP.net
HttpContext.Response.AddHeader("X-XSS-Protection","0");
If you don’t administer the website
Make contact with your website administrator – it’s something that should be aware of and fix.
In the meanwhile you could use another browser, e.g. Firefox.
Or you can launch Chrome with the xss auditor disabled.
This is done by creating a shortcut with the following path:
For 64-bit Chrome:
"C:\Program Files\Google\Chrome\Application\chrome.exe" -disable-xss-auditor
For 32-bit Chrome:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -disable-xss-auditor
