Refused to execute a JavaScript script. Source code of script found within request
Solution 1:
This "feature" can be disabled by sending the non-standard HTTP header X-XSS-Protection
on the affected page.
X-XSS-Protection: 0
Solution 2:
It's a security measure to prevent XSS (cross-site scripting) attacks.
This happens when some JavaScript code is sent to the server via an HTTP POST request, and the same code comes back via the HTTP response. If Chrome detects this situation, the script is refused to run, and you get the error message Refused to execute a JavaScript script. Source code of script found within request
.
Also see this blogpost about Security in Depth: New Security Features.