Disabling Xss

Hi guys,

I didn't know where to place my question and decided to put it in general.

The situation is as follows: I'm trying to create a newsletter with fancy banners and so on. The banners are iframe tags precisely said flash banners that are shown while I am in the creation page. But, when I click on Preview everything is shown except for the banners. I opened the Inspect element window and saw the error

“The XSS Auditor refused to execute a script in '…' because its source code was found within the request. The auditor was enabled as the server sent neither an 'X-XSS-Protection' nor 'Content-Security-Policy' header.”

Tried putting php scripts in the html editor it just comments them, also goes for the javascripts…

I am asking how and where can I turn off the XSS protection ?