Potential forms iframes impacted in Chrome 92

If you are using Cross-origin iframe JS dialogs in your Bonita forms, you might be impacted by this change in Chrome and Edge 92+.

Symptoms

Cross Origin iframes will not trigger native JavaScript dialogs in Chrome and Edge versions 92 and above.

As of Chrome version 92, users may experience issues when using iframes in the Bonita forms. This impact may appear with buttons that were previously functioning, or components, or other content not performing as expected. In the Chrome developer console logs impacted users will see the following error:

A different origin subframe tried to create a JavaScript dialog. This is no longer allowed and was blocked. See https://www.chromestatus.com/feature/5148698084376576 for more details.

If you use Cross-origin iframe JS dialogs that use javaScript alert(), confirm(), or prompt(), you will need to change your implementation to be compliant with the recent Chrome changes.

Users can also continue to use the workarounds listed below while you update your code to be compliant in Chrome 92+.

Workaround

1. Impacted users can use an alternate supported browser such as Firefox or Safari

2. Chrome 92 users can workaround this issue by adding the following flag to your Google Chrome Shortcut: --disable-features="SuppressDifferentOriginSubframeJSDialogs"

Note 1: This change will not work unless you fully close out of all Chrome Windows and relaunch.
Note 2: This workaround will not work anymore starting Chrome 95.

How to implement the workaround

Windows:
1. Quit all running instances of Chrome.
2. Right-click your Chrome shortcut.
3. Select Properties.
4. At the end of the Target: field paste in the following command line flag only, do not make any other changes to the current target: --disable-features="SuppressDifferentOriginSubframeJSDialogs"
With that example flag, it should look like: chrome.exe --disable-features="SuppressDifferentOriginSubframeJSDialogs" or "chrome.exe" --disable-features="SuppressDifferentOriginSubframeJSDialogs" (Note: Please ensure there is a space between the current target and the flag)
5. Click Apply > OK.
6. Launch Chrome using your shortcut.

Mac:
1. Quit all running instances of Chrome.
2. Run the terminal application.
3. In the terminal, run the command:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-features="SuppressDifferentOriginSubframeJSDialogs"
4. Press Enter.

More information

Here is the official announcement to be found in the Chrome 92 Release Note

Different-origin iframes cannot trigger JavaScript dialogs

Chrome 92 prevents iframes from triggering prompts (window.alert, window.confirm, window.prompt) if the iframe is a different origin from the top-level page. This change is intended to prevent embedded content from spoofing the user into believing a message is coming from the website they're visiting, or from Chrome itself.
If you have any web apps affected by this change, you can use the temporary enterprise policy SuppressDifferentOriginSubframeDialogs to revert to the previous behavior. This policy will be removed in Chrome 95.