I'm having a problem saving resources or chunks with iframes in them. I'm not using a text editor at all.
Both resources and chunks save just fine when I remove the iframes, and templates will save with the iframes on them (and show up as expected on the site). At the moment this means that any page with iframes requires a separate template - I can live with that if I have to, but I'm worried it might be a symptom of some deeper problem.
It's odd that he can save it in a template, though, just not a chunk or resource. And usually mod_security will abort the entire form submission process, not strip it out and go ahead and save the rest.
Yes, that's what I meant - the code wasn't getting stripped, the entire save was failing for chunks and resources when an iframe was present.
My host has kindly dealt with this for me - I had triggered a modsec rule (or perhaps about five of them).
I wonder if I set off the rule because of a configuration error - when I first installed MODX, although I changed the name of the core .htaccess (and successfully redirected changelog to a 404, as per the dashboard warning message), I hadn't yet edited the content of the .htaccess, and the warning message was still present - I got rid of the message later, but by then I think I had already tried to use iframes. A cautionary tale, perhaps, about ignoring config warnings.
@Jako - BTW, I'm the same guy who posted this problem on Stack Overflow, although that was before I found I was able to use iframes in templates without trouble - thanks for your advice.