Someone a few years back showed how to do "click-jacking". Now, many sites, such as google, set a custom X-frame-options header to be only ORIGIN. This will not allow the html to be displayed in an iframe by browsers that respect that header. In short, for the showcase example, all of the forms use google search as an example.
There are many options to fix this:
Original issue: http://code.google.com/p/pyjamas/issues/detail?id=688 (February 16, 2012 14:40:59)
From Jeff.Van...@gmail.com on February 16, 2012 14:47:12:
Ok, submitting a google.com/custom search gives a 403 even if I use it (via Chrome) directly in the browser.