Scenario :
I have built desktop based Force.com platform and now i have enabled the Salesforce 1 Mobile app on my environment. Now if i try to load the same Desktop based Quote Detail page on Iphone 5 emulator on Google Chrome, i get this error
: [Report Only] Refused to frame 'https://c.na10.visual.force.com/apex/QuoteDetail?id=a0RF000000IYFfjMAH&sfdcIFrameOrigin=https%3A%2F%2Fna10.salesforce.com&isdtp=p1&sfdcIFrameHost=web' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
Please if some one could help me figure out the reason. Really appreciate it
From the comments, here is the quote detail page:
<apex:page standardController="Quote__c" title="Quote Detail" sidebar="false">
<apex:form >
<c:QuoteDetail theQuoteId="{!Quote__c.Id}" />
</apex:form>
</apex:page>
Best Answer
You are seeing this error due to a Content Security Policy (CSP) breach - a CSP is an HTTP header that defines a bunch of policies for resources. You are falling foul of the frame-src restriction. You can read more about this at:
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
If the iphone5 emulator you are using is a chrome app, the default behaviour for those is to disallow external resources in iframes:
https://developer.chrome.com/apps/contentSecurityPolicy (search for frame-src).
If you don't have a real device I would use the desktop version of Salesforce1 (/one/one.app) with the browser resized appropriately.