Trying to use the embed script from Google Trends results in the following error under Chrome.
Refused to display 'url' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
I've put the script in the body of an index.html, and hosted it locally, as well as on an external server.
From what I can gather, it's to stop 'clickjacking', but it seems weird that the script Google provides doesn't work with their own browser. Firefox works just fine.
Is this a fundamental issue with Google Trend embeds just not working with Google's own products, or is it an issue with my server setup?
It's because your browser is set to block third party cookies. Enable third party cookies and the embedded Google Trends iframe will work.
If you look closely at the failing iframe request it contains this header:
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
The header links to this page with this explanation:
In some situations, the cookies we use to secure and authenticate your Google Account and store your preferences may be served from a different domain than the website you're visiting. This may happen, for example, if you visit websites with Google +1 buttons.
Some browsers require third party cookies to use the P3P protocol to state their privacy practices. However, the P3P protocol was not designed with situations like these in mind. As a result, we've inserted a link into our cookies that directs users to a page where they can learn more about the privacy practices associated with these cookies.