diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8ceaa85..0598527 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,39 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.11.1] — 2026-06-02
+
+### Fixed
+- **Detail-page toolbar no longer pushes the title off-screen (#672).** The
+  header already stacked breadcrumb / title / toolbar as three full-width rows
+  (#658/#674), but a `ModelAdmin` with 8+ actions still overflowed
+  horizontally and dragged the H1 + breadcrumb out of view. Root cause was the
+  flexbox `min-width: auto` default on the content column: `<main>` is a flex
+  item, so it refused to shrink below the intrinsic width of the widest
+  toolbar and `flex-1` blew it past the viewport — no header re-stacking could
+  help. `<main>` now carries `min-w-0` so it shrinks to the viewport and the
+  toolbar's `flex-wrap` actually reflows the buttons; the toolbar row is
+  `w-full min-w-0`, long action labels wrap inside their button
+  (`whitespace-normal break-words`) instead of forming a wide min-content box,
+  and the Edit/Delete cluster stays right-aligned (`ml-auto`) on the last line
+  regardless of how many custom actions exist. New `examples/many_actions`
+  `PipelineAdmin` fixture (12 batch + 2 detail-only actions) plus
+  `DetailPage.test.tsx` guards pin the wrapping behaviour.
+- **Legacy-iframe shows a clear fallback instead of a broken-image icon
+  (#673).** When the legacy admin refuses to be framed (Django's
+  `XFrameOptionsMiddleware` sends `X-Frame-Options: DENY`, or a cross-origin
+  `frame-ancestors` block), the browser painted its broken-image glyph and no
+  `error` event fired. `LegacyIframe` now runs a `loading → loaded → refused`
+  state machine — `onLoad` marks the frame loaded; a ~4s timeout with no
+  `onLoad` marks it `refused` and swaps in an explicit "Embedding refused by
+  the legacy admin — open in new tab" fallback (keeping the proven-working
+  Open-in-new-tab button and the #665 same-origin validation + `sandbox`).
+  README now documents the required backend headers
+  (`X-Frame-Options: SAMEORIGIN` / removing `XFrameOptionsMiddleware`; for
+  cross-origin, `Content-Security-Policy: frame-ancestors <spa-origin>` plus
+  `SESSION_COOKIE_SAMESITE = "None"` + `SESSION_COOKIE_SECURE`), and the
+  `examples/jobs` `?run_custom=1` variant exercises the path end-to-end.
+
 ## [1.11.0] — 2026-06-02
 
 ### Added
diff --git a/README.md b/README.md
index 5f28842..edf30f4 100644
--- a/README.md
+++ b/README.md
@@ -663,6 +663,57 @@ typical workaround is to keep that model on the legacy
 [experience-toggle strip](#experience-toggle-strip-optional) — the
 SPA + legacy admin happily coexist.
 
+#### Embedding the legacy admin in an iframe — required backend headers
+
+When a `ModelAdmin` overrides `change_form_template` / `add_form_template`,
+the SPA embeds the legacy admin page in an `<iframe>` (the row above). For
+the browser to actually render that frame, the **legacy admin responses must
+allow being framed by the SPA's origin** — otherwise the embed is refused and
+the SPA shows a "Embedding refused by the legacy admin — open in new tab"
+fallback (never a broken-image icon, #673).
+
+Most projects mount `django.middleware.clickjacking.XFrameOptionsMiddleware`,
+which by default sets `X-Frame-Options: DENY` on **every** response and blocks
+the iframe. Configure the legacy responses as follows:
+
+**Same origin (SPA and legacy admin under one host — the common case):**
+
+```python
+# settings.py
+X_FRAME_OPTIONS = "SAMEORIGIN"   # was the implicit "DENY"
+# …or drop XFrameOptionsMiddleware entirely if you don't need clickjacking
+# protection on the legacy surface.
+```
+
+`SAMEORIGIN` lets the same-origin SPA frame the legacy page while still
+blocking cross-site framing.
+
+**Cross-origin (SPA and legacy admin on different origins):**
+
+```python
+# On the legacy admin responses (e.g. via a middleware or
+# django-csp), allow ONLY the SPA origin to frame them:
+#   Content-Security-Policy: frame-ancestors https://admin.example.com
+#
+# And, because the iframe is a cross-site context, the legacy session
+# cookie must be sent in it:
+# settings.py
+SESSION_COOKIE_SAMESITE = "None"   # send the cookie in the cross-site frame
+SESSION_COOKIE_SECURE = True       # required whenever SameSite=None
+```
+
+Without these, the framed legacy page either refuses to load (`frame-ancestors`
+block) or loads unauthenticated (cookie dropped) and bounces through a login
+redirect the browser then refuses to display. The
+[`examples/jobs`](examples/jobs) `JobAdmin` (the `?run_custom=1` variant)
+exercises this path end-to-end against the example backend.
+
+> The SPA detects a refused frame client-side (a `loading → loaded → refused`
+> state machine: a ~4s window with no iframe `load` event ⇒ refused) and
+> renders the fallback. A future server-side `legacy_iframeable` flag computed
+> from the response middleware chain (cross-repo, rest-api) could switch to the
+> "open in new tab only" UI immediately — tracked as a follow-up.
+
 ---
 
 ## Writing safe `list_display` callables
diff --git a/examples/many_actions/__init__.py b/examples/many_actions/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/examples/many_actions/admin.py b/examples/many_actions/admin.py
new file mode 100644
index 0000000..3039e43
--- /dev/null
+++ b/examples/many_actions/admin.py
@@ -0,0 +1,105 @@
+"""``PipelineAdmin`` — the many-actions fixture that pins the detail-page
+toolbar wrapping behaviour (#672).
+
+The point of this admin is purely the *number* and *width* of its actions.
+Stock Django ``@admin.action`` declarations only:
+
+* **12 batch actions** — default (queryset-shaped) third parameter, so the API
+  signature classifier marks them ``target: "batch"``. They render BOTH in the
+  changelist multi-select dropdown AND as buttons on the detail page.
+* **2 detail-only actions** — ``obj_id`` / ``str``-shaped third parameter, so
+  the classifier marks them ``target: "detail"``. They render ONLY as detail
+  buttons, never in the changelist dropdown.
+
+14 buttons (several with long descriptions) on one detail page cannot fit on a
+single row at 1280/1024/768/480 px. Before #672 the toolbar overflowed
+horizontally and pushed the H1 title + breadcrumb off-screen; now the SPA
+stacks the header as three full-width rows and ``flex-wrap``s the toolbar.
+"""
+
+from __future__ import annotations
+
+from django.contrib import admin
+from django.contrib import messages
+
+from examples.many_actions.models import Pipeline
+
+
+@admin.register(Pipeline)
+class PipelineAdmin(admin.ModelAdmin):
+    list_display = ("name", "status")
+    actions = [
+        "recompute_derived_field_a",
+        "recompute_derived_field_b",
+        "recompute_derived_field_c",
+        "rerun_pipeline_step_1",
+        "rerun_pipeline_step_2",
+        "rerun_pipeline_step_3",
+        "invalidate_downstream_cache",
+        "mark_as_reviewed_by_operator",
+        "mark_as_pending_operator_review",
+        "export_selected_rows_as_csv",
+        "export_selected_rows_as_json",
+        "notify_owner_of_selected_rows",
+    ]
+
+    # --- 12 batch actions (changelist dropdown + detail button) ----------- #
+
+    @admin.action(description="Recompute Derived Field A")
+    def recompute_derived_field_a(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Recomputed Derived Field A.", level=messages.SUCCESS)
+
+    @admin.action(description="Recompute Derived Field B")
+    def recompute_derived_field_b(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Recomputed Derived Field B.", level=messages.SUCCESS)
+
+    @admin.action(description="Recompute Derived Field C")
+    def recompute_derived_field_c(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Recomputed Derived Field C.", level=messages.SUCCESS)
+
+    @admin.action(description="Re-run Pipeline Step 1")
+    def rerun_pipeline_step_1(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Re-ran Pipeline Step 1.", level=messages.SUCCESS)
+
+    @admin.action(description="Re-run Pipeline Step 2")
+    def rerun_pipeline_step_2(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Re-ran Pipeline Step 2.", level=messages.SUCCESS)
+
+    @admin.action(description="Re-run Pipeline Step 3")
+    def rerun_pipeline_step_3(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Re-ran Pipeline Step 3.", level=messages.SUCCESS)
+
+    @admin.action(description="Invalidate Downstream Cache")
+    def invalidate_downstream_cache(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Invalidated downstream cache.", level=messages.SUCCESS)
+
+    @admin.action(description="Mark As Reviewed By Operator")
+    def mark_as_reviewed_by_operator(self, request, queryset):  # noqa: ANN001
+        queryset.update(status="reviewed")
+
+    @admin.action(description="Mark As Pending Operator Review")
+    def mark_as_pending_operator_review(self, request, queryset):  # noqa: ANN001
+        queryset.update(status="pending_review")
+
+    @admin.action(description="Export Selected Rows As CSV")
+    def export_selected_rows_as_csv(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Exported as CSV.", level=messages.SUCCESS)
+
+    @admin.action(description="Export Selected Rows As JSON")
+    def export_selected_rows_as_json(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Exported as JSON.", level=messages.SUCCESS)
+
+    @admin.action(description="Notify Owner Of Selected Rows")
+    def notify_owner_of_selected_rows(self, request, queryset):  # noqa: ANN001
+        self.message_user(request, "Notified owners.", level=messages.SUCCESS)
+
+    # --- 2 detail-only actions (detail button only) ----------------------- #
+    # `obj_id` / `str`-shaped third parameter → classifier marks `detail`.
+
+    @admin.action(description="Open Detailed Audit View For This Pipeline Run")
+    def open_detailed_audit_view(self, request, obj_id: str):  # noqa: ANN001
+        self.message_user(request, f"Opened audit view for {obj_id}.", level=messages.INFO)
+
+    @admin.action(description="Replay Last Operation On This Pipeline Run")
+    def replay_last_operation(self, request, obj_id: str):  # noqa: ANN001
+        self.message_user(request, f"Replayed last operation on {obj_id}.", level=messages.INFO)
diff --git a/examples/many_actions/apps.py b/examples/many_actions/apps.py
new file mode 100644
index 0000000..d83fad0
--- /dev/null
+++ b/examples/many_actions/apps.py
@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+
+
+class ManyActionsConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "examples.many_actions"
+    label = "many_actions"
+    verbose_name = "Many Actions"
diff --git a/examples/many_actions/migrations/0001_initial.py b/examples/many_actions/migrations/0001_initial.py
new file mode 100644
index 0000000..1fd39eb
--- /dev/null
+++ b/examples/many_actions/migrations/0001_initial.py
@@ -0,0 +1,26 @@
+from django.db import migrations
+from django.db import models
+
+
+class Migration(migrations.Migration):
+    initial = True
+    dependencies: list = []
+
+    operations = [
+        migrations.CreateModel(
+            name="Pipeline",
+            fields=[
+                (
+                    "id",
+                    models.BigAutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("name", models.CharField(max_length=255)),
+                ("status", models.CharField(default="idle", max_length=32)),
+            ],
+        ),
+    ]
diff --git a/examples/many_actions/migrations/__init__.py b/examples/many_actions/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/examples/many_actions/models.py b/examples/many_actions/models.py
new file mode 100644
index 0000000..0d91e36
--- /dev/null
+++ b/examples/many_actions/models.py
@@ -0,0 +1,19 @@
+from django.db import models
+
+
+class Pipeline(models.Model):
+    """A ``Job``-style model whose admin declares a deliberately large set of
+    actions (12 batch + 2 detail-only) so the detail-page toolbar is forced to
+    wrap onto multiple lines — the regression fixture for #672.
+
+    A single row of 14 buttons (several with long descriptions) is visibly
+    impossible at any reasonable viewport, so the SPA's stacked-header +
+    ``flex-wrap`` toolbar layout has to reflow them rather than push the title
+    or breadcrumb off-screen.
+    """
+
+    name = models.CharField(max_length=255)
+    status = models.CharField(max_length=32, default="idle")
+
+    def __str__(self) -> str:
+        return self.name
diff --git a/examples/project/settings.py b/examples/project/settings.py
index 5caaa03..045e3d3 100644
--- a/examples/project/settings.py
+++ b/examples/project/settings.py
@@ -46,6 +46,9 @@
     # Custom-form fixture: a ModelAdmin with a request-driven custom view +
     # custom template, proving the legacy-iframe escape hatch (#659).
     "examples.jobs",
+    # Many-actions fixture: a ModelAdmin with 12 batch + 2 detail-only
+    # actions, pinning the detail-page toolbar wrapping behaviour (#672).
+    "examples.many_actions",
 ]
 
 MIDDLEWARE = [
diff --git a/frontend/apps/web/src/Layout.tsx b/frontend/apps/web/src/Layout.tsx
index 8e92e03..e99cbf9 100644
--- a/frontend/apps/web/src/Layout.tsx
+++ b/frontend/apps/web/src/Layout.tsx
@@ -15,8 +15,19 @@ export function Layout({ children }: PropsWithChildren) {
     <div className="flex h-full min-h-screen">
       <Sidebar />
       {/* Content. Extra top padding on mobile + tablet clears the fixed
-          top bar (shown until lg). */}
-      <main className="flex-1 overflow-y-auto p-6 pt-20 lg:pt-6">
+          top bar (shown until lg).
+
+          `min-w-0` is load-bearing (#672): a flex item defaults to
+          `min-width: auto`, so `main` refuses to shrink below the
+          intrinsic width of its widest content. A detail-page toolbar
+          with 12+ action buttons makes that intrinsic width exceed the
+          viewport, so `flex-1` blew `main` PAST the viewport edge and
+          dragged the whole content column — title and breadcrumb
+          included — off-screen, no matter how the header rows were
+          stacked. `min-w-0` lets `main` shrink to the available width so
+          the toolbar's `flex-wrap` can actually wrap instead of
+          overflowing horizontally. */}
+      <main className="min-w-0 flex-1 overflow-y-auto p-6 pt-20 lg:pt-6">
         <LegacyAdminBanner />
         {children}
       </main>
diff --git a/frontend/apps/web/src/pages/DetailPage.test.tsx b/frontend/apps/web/src/pages/DetailPage.test.tsx
index 2bfbebc..e0732fc 100644
--- a/frontend/apps/web/src/pages/DetailPage.test.tsx
+++ b/frontend/apps/web/src/pages/DetailPage.test.tsx
@@ -1,14 +1,16 @@
 import '@testing-library/jest-dom/vitest';
 
 import { render, screen } from '@testing-library/react';
-import { describe, expect, it, vi } from 'vitest';
+import { afterEach, describe, expect, it, vi } from 'vitest';
 import { MemoryRouter, Route, Routes } from 'react-router-dom';
 
 import type { DetailResponse } from '@dar/data';
 
 // Minimal read-mode detail payload — enough for the header to render with
 // the title + toolbar (Refresh / Edit / Delete are permission-gated on).
-function detail(): DetailResponse {
+function detail(
+  overrides: Partial<DetailResponse> = {},
+): DetailResponse {
   return {
     app_label: 'auth',
     model_name: 'group',
@@ -21,15 +23,44 @@ function detail(): DetailResponse {
     object_actions: [],
     custom_views: [],
     save_options: { show_save: true },
+    ...overrides,
   } as unknown as DetailResponse;
 }
 
+// The #672 many-actions fixture mirrored on the client: 12 batch +
+// 2 detail-only object actions with long descriptions. This is what
+// `examples/many_actions` (PipelineAdmin) surfaces to the SPA.
+const MANY_ACTIONS = [
+  'Recompute Derived Field A',
+  'Recompute Derived Field B',
+  'Recompute Derived Field C',
+  'Re-run Pipeline Step 1',
+  'Re-run Pipeline Step 2',
+  'Re-run Pipeline Step 3',
+  'Invalidate Downstream Cache',
+  'Mark As Reviewed By Operator',
+  'Mark As Pending Operator Review',
+  'Export Selected Rows As CSV',
+  'Export Selected Rows As JSON',
+  'Notify Owner Of Selected Rows',
+  'Open Detailed Audit View For This Pipeline Run',
+  'Replay Last Operation On This Pipeline Run',
+].map((label, i) => ({
+  name: `action_${i}`,
+  label,
+  description: label,
+  target: i < 12 ? 'batch' : 'detail',
+}));
+
+// Mutable per-test detail payload the mocked useDetail returns.
+let detailState: DetailResponse = detail();
+
 vi.mock('@dar/data', async (importOriginal) => {
   const actual = await importOriginal<typeof import('@dar/data')>();
   return {
     ...actual,
     useApiClient: () => ({}),
-    useDetail: () => ({ data: detail(), loading: false, error: null, refresh: async () => {} }),
+    useDetail: () => ({ data: detailState, loading: false, error: null, refresh: async () => {} }),
   };
 });
 
@@ -45,6 +76,10 @@ vi.mock('../toast', () => ({
 // Import AFTER the mocks so DetailPage picks them up.
 const { DetailPage } = await import('./DetailPage');
 
+afterEach(() => {
+  detailState = detail();
+});
+
 function renderPage() {
   return render(
     <MemoryRouter initialEntries={['/auth/group/1']}>
@@ -84,3 +119,79 @@ describe('DetailPage header (#658 regression guard)', () => {
     expect(cluster).not.toBeNull();
   });
 });
+
+describe('DetailPage many-actions toolbar (#672 regression guard)', () => {
+  // jsdom has no layout engine, so we can't assert pixel overflow. Instead we
+  // pin the CSS contract that makes wrapping (not horizontal overflow)
+  // structurally inevitable when a ModelAdmin surfaces 12 batch + 2
+  // detail-only actions (the examples/many_actions PipelineAdmin fixture).
+
+  it('renders all 14 object-action buttons plus the Edit/Delete cluster', () => {
+    detailState = detail({ object_actions: MANY_ACTIONS as never });
+    renderPage();
+
+    for (const action of MANY_ACTIONS) {
+      expect(screen.getByRole('button', { name: action.label })).toBeInTheDocument();
+    }
+    expect(screen.getByRole('button', { name: /edit/i })).toBeInTheDocument();
+  });
+
+  it('lays the toolbar out as a full-width wrapping row, separate from title/breadcrumb', () => {
+    detailState = detail({ object_actions: MANY_ACTIONS as never });
+    renderPage();
+
+    const firstAction = screen.getByRole('button', { name: MANY_ACTIONS[0]!.label });
+    // The toolbar row is the flex-wrap container that holds the actions.
+    const toolbar = firstAction.closest('div.flex.flex-wrap');
+    expect(toolbar).not.toBeNull();
+    // Full width + min-w-0 so it shrinks to the viewport and `flex-wrap`
+    // reflows the buttons instead of overflowing horizontally (#672).
+    expect(toolbar?.className).toContain('w-full');
+    expect(toolbar?.className).toContain('min-w-0');
+    expect(toolbar?.className).toContain('flex-wrap');
+
+    // The toolbar is a sibling row UNDER the H1 — it never shares the H1's
+    // horizontal space (the off-screen-title regression).
+    const header = toolbar?.closest('header');
+    const title = screen.getByRole('heading', { level: 1 });
+    expect(header).not.toBeNull();
+    expect(header?.contains(title)).toBe(true);
+    expect(title.contains(toolbar as Node)).toBe(false);
+    expect(toolbar?.contains(title)).toBe(false);
+  });
+
+  it('keeps Edit/Delete right-aligned (ml-auto) on the last line after all 14 actions', () => {
+    detailState = detail({ object_actions: MANY_ACTIONS as never });
+    renderPage();
+
+    const edit = screen.getByRole('button', { name: /edit/i });
+    const cluster = edit.closest('div.ml-auto');
+    expect(cluster).not.toBeNull();
+    // Delete lives in the SAME trailing cluster, never orphaned.
+    const del = screen.getByRole('button', { name: /delete/i });
+    expect(cluster?.contains(del)).toBe(true);
+
+    // The trailing cluster comes AFTER every custom action in DOM order, so
+    // `ml-auto` parks it on the last toolbar line.
+    const toolbar = edit.closest('div.flex.flex-wrap');
+    const lastAction = screen.getByRole('button', {
+      name: MANY_ACTIONS[MANY_ACTIONS.length - 1]!.label,
+    });
+    const children = Array.from(toolbar?.children ?? []);
+    const lastActionIdx = children.findIndex((c) => c.contains(lastAction));
+    const clusterIdx = children.findIndex((c) => c.contains(edit));
+    expect(clusterIdx).toBeGreaterThan(lastActionIdx);
+  });
+
+  it('lets long action labels wrap inside the button (no wide min-content box)', () => {
+    detailState = detail({ object_actions: MANY_ACTIONS as never });
+    renderPage();
+
+    // The longest detail-only label must not force a nowrap min-content width.
+    const longest = screen.getByRole('button', {
+      name: 'Open Detailed Audit View For This Pipeline Run',
+    });
+    expect(longest.className).toContain('whitespace-normal');
+    expect(longest.className).toContain('break-words');
+  });
+});
diff --git a/frontend/apps/web/src/pages/DetailPage.tsx b/frontend/apps/web/src/pages/DetailPage.tsx
index ca86229..2f59e7d 100644
--- a/frontend/apps/web/src/pages/DetailPage.tsx
+++ b/frontend/apps/web/src/pages/DetailPage.tsx
@@ -140,7 +140,12 @@ export function DetailPage({
             multi-word titles too. */}
         <h1 className="text-2xl font-semibold text-balance break-words">{data.label}</h1>
         {!editing && (
-          <div className="flex flex-wrap items-center gap-2">
+          // Toolbar row (#658/#672): full-width (`w-full`) so it never
+          // shares horizontal space with the title/breadcrumb rows, and
+          // `flex-wrap` so 8–14 actions reflow onto further lines rather
+          // than overflowing. `min-w-0` lets the row shrink inside its
+          // flex ancestor so wrapping engages instead of pushing width.
+          <div className="flex w-full min-w-0 flex-wrap items-center gap-2">
             <button
               type="button"
               onClick={() => setHistoryOpen(true)}
diff --git a/frontend/apps/web/src/pages/detail/LegacyIframe.test.tsx b/frontend/apps/web/src/pages/detail/LegacyIframe.test.tsx
new file mode 100644
index 0000000..f88b163
--- /dev/null
+++ b/frontend/apps/web/src/pages/detail/LegacyIframe.test.tsx
@@ -0,0 +1,77 @@
+import '@testing-library/jest-dom/vitest';
+
+import { act, render, screen } from '@testing-library/react';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { LegacyIframe } from './LegacyIframe';
+
+const SAME_ORIGIN = '/admin/jobs/job/1/change/?run_custom=1';
+
+beforeEach(() => {
+  vi.useFakeTimers();
+});
+
+afterEach(() => {
+  vi.runOnlyPendingTimers();
+  vi.useRealTimers();
+});
+
+describe('LegacyIframe refusal detection (#673)', () => {
+  it('points the iframe src at the same URL as the Open-in-new-tab link', () => {
+    render(<LegacyIframe url={SAME_ORIGIN} onCancel={() => {}} refuseAfterMs={4000} />);
+    const iframe = screen.getByTitle('Legacy admin form') as HTMLIFrameElement;
+    const link = screen.getByRole('link', { name: /open in new tab/i }) as HTMLAnchorElement;
+    expect(iframe.src).toBe(link.href);
+    expect(iframe.src).toContain('/admin/jobs/job/1/change/');
+  });
+
+  it('keeps the iframe when onLoad fires before the timeout (loaded)', () => {
+    render(<LegacyIframe url={SAME_ORIGIN} onCancel={() => {}} refuseAfterMs={4000} />);
+    const iframe = screen.getByTitle('Legacy admin form');
+    act(() => {
+      iframe.dispatchEvent(new Event('load'));
+    });
+    // Advancing past the refusal window must NOT flip a successfully loaded
+    // frame to the fallback.
+    act(() => {
+      vi.advanceTimersByTime(5000);
+    });
+    expect(screen.getByTitle('Legacy admin form')).toBeInTheDocument();
+    expect(screen.queryByText(/embedding refused/i)).not.toBeInTheDocument();
+  });
+
+  it('renders the refused fallback (no broken-image iframe) when onLoad never fires', () => {
+    render(<LegacyIframe url={SAME_ORIGIN} onCancel={() => {}} refuseAfterMs={4000} />);
+    expect(screen.getByTitle('Legacy admin form')).toBeInTheDocument();
+
+    // No `load` event ever arrives (X-Frame-Options: DENY). After the
+    // timeout the SPA concludes the frame was refused.
+    act(() => {
+      vi.advanceTimersByTime(4000);
+    });
+
+    // The broken-image iframe is gone; a clear fallback takes its place.
+    expect(screen.queryByTitle('Legacy admin form')).not.toBeInTheDocument();
+    expect(screen.getByText(/embedding refused by the legacy admin/i)).toBeInTheDocument();
+    // Open-in-new-tab (the proven-working top-level navigation) is offered.
+    const link = screen.getByRole('link', { name: /open in new tab/i }) as HTMLAnchorElement;
+    expect(link.href).toContain('/admin/jobs/job/1/change/');
+  });
+
+  it('does not flip to refused before the timeout elapses', () => {
+    render(<LegacyIframe url={SAME_ORIGIN} onCancel={() => {}} refuseAfterMs={4000} />);
+    act(() => {
+      vi.advanceTimersByTime(3999);
+    });
+    expect(screen.getByTitle('Legacy admin form')).toBeInTheDocument();
+    expect(screen.queryByText(/embedding refused/i)).not.toBeInTheDocument();
+  });
+
+  it('still rejects an off-origin URL with the inert error card (no iframe, no timer)', () => {
+    render(
+      <LegacyIframe url="https://attacker.example/admin/" onCancel={() => {}} refuseAfterMs={4000} />,
+    );
+    expect(screen.queryByTitle('Legacy admin form')).not.toBeInTheDocument();
+    expect(screen.getByText(/can’t be displayed/i)).toBeInTheDocument();
+  });
+});
diff --git a/frontend/apps/web/src/pages/detail/LegacyIframe.tsx b/frontend/apps/web/src/pages/detail/LegacyIframe.tsx
index 7fdaacf..f6cf8dc 100644
--- a/frontend/apps/web/src/pages/detail/LegacyIframe.tsx
+++ b/frontend/apps/web/src/pages/detail/LegacyIframe.tsx
@@ -7,7 +7,21 @@
 // sidebar, and toolbar stay SPA-rendered; only the form body is the legacy
 // page. Integrators can port the custom form to documented ModelAdmin hooks
 // at their own pace without blocking SPA adoption.
+//
+// Load-failure detection (#673): most projects mount
+// `django.middleware.clickjacking.XFrameOptionsMiddleware`, which sets
+// `X-Frame-Options: DENY` on EVERY response — including the legacy admin
+// page. The browser then refuses to render the framed document and paints
+// its broken-image glyph (document-with-X), with NO reliable `error` event
+// on the `<iframe>`. We detect the refusal with a `loading | loaded |
+// refused` state machine: `onLoad` flips us to `loaded`; a ~4s timeout that
+// fires while still `loading` (no onLoad ever arrived) flips us to
+// `refused`, and we swap the iframe for a clear fallback ("Embedding refused
+// — open in new tab") instead of leaving the browser's broken-image icon on
+// screen. See README › "Embedding the legacy admin" for the backend headers
+// (`X-Frame-Options: SAMEORIGIN`, cross-origin `frame-ancestors`, cookies).
 
+import { useEffect, useRef, useState } from 'react';
 import { ExternalLink } from 'lucide-react';
 
 import { Button, Card, t } from '@dar/ui';
@@ -17,15 +31,39 @@ import { safeLegacyUrl } from '../../legacy-url';
 export interface LegacyIframeProps {
   url: string;
   onCancel: () => void;
+  /** Milliseconds to wait for the iframe's `load` event before concluding
+   *  the legacy admin refused to be framed. Exposed for tests; defaults to
+   *  the 4s the issue prescribes. */
+  refuseAfterMs?: number;
 }
 
-export function LegacyIframe({ url, onCancel }: LegacyIframeProps) {
+type FrameStatus = 'loading' | 'loaded' | 'refused';
+
+export function LegacyIframe({ url, onCancel, refuseAfterMs = 4000 }: LegacyIframeProps) {
   // Validate the server-supplied `legacy_url` before it reaches the iframe
   // `src` / anchor `href` (#665): same-origin + http(s) only. A
   // `javascript:` / `data:` URL or an off-origin target is rejected and we
   // render an inert error card instead — never frame/link an unvalidated URL.
   const safe = safeLegacyUrl({ url });
 
+  const [status, setStatus] = useState<FrameStatus>('loading');
+  // Hold the timer id across renders so the cleanup can clear it.
+  const timerRef = useRef<ReturnType<typeof setTimeout> | null>(null);
+
+  // Arm the refusal timeout once we have a framable URL. If `onLoad` never
+  // fires (X-Frame-Options: DENY / frame-ancestors block), the timeout marks
+  // the frame `refused`; if it already loaded, the timeout is a no-op.
+  useEffect(() => {
+    if (safe === null) return;
+    timerRef.current = setTimeout(() => {
+      setStatus((prev) => (prev === 'loading' ? 'refused' : prev));
+    }, refuseAfterMs);
+    return () => {
+      if (timerRef.current !== null) clearTimeout(timerRef.current);
+    };
+    // `safe` re-derives from `url`; re-arm if the target changes.
+  }, [safe, refuseAfterMs]);
+
   if (safe === null) {
     return (
       <Card>
@@ -41,6 +79,43 @@ export function LegacyIframe({ url, onCancel }: LegacyIframeProps) {
     );
   }
 
+  const openInNewTab = (
+    <a
+      href={safe}
+      target="_blank"
+      rel="noopener noreferrer"
+      className="inline-flex items-center gap-1.5 rounded-md border border-gray-300 bg-white px-3 py-1.5 text-sm font-medium text-gray-700 hover:bg-gray-50 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-blue-500"
+    >
+      <ExternalLink className="h-4 w-4" aria-hidden /> {t('Open in new tab')}
+    </a>
+  );
+
+  // The legacy admin refused to be framed — render an explicit fallback with
+  // the same Open-in-new-tab affordance, NEVER the browser's broken-image
+  // glyph (#673). The "Open in new tab" link is the proven-working escape
+  // hatch (a top-level navigation isn't subject to X-Frame-Options).
+  if (status === 'refused') {
+    return (
+      <Card>
+        <div className="space-y-3">
+          <p className="text-sm text-gray-700">
+            {t(
+              'Embedding refused by the legacy admin — open in new tab. (The legacy backend' +
+                ' sent X-Frame-Options / frame-ancestors that block framing; see the' +
+                ' integration guide for the headers to allow it.)',
+            )}
+          </p>
+          <div className="flex flex-wrap items-center gap-2">
+            {openInNewTab}
+            <Button type="button" variant="ghost" onClick={onCancel}>
+              {t('Cancel')}
+            </Button>
+          </div>
+        </div>
+      </Card>
+    );
+  }
+
   return (
     <Card>
       <div className="space-y-3">
@@ -49,14 +124,7 @@ export function LegacyIframe({ url, onCancel }: LegacyIframeProps) {
             {t('This form is rendered by the legacy admin (custom change_form_template).')}
           </p>
           <div className="flex shrink-0 items-center gap-2">
-            <a
-              href={safe}
-              target="_blank"
-              rel="noopener noreferrer"
-              className="inline-flex items-center gap-1.5 rounded-md border border-gray-300 bg-white px-3 py-1.5 text-sm font-medium text-gray-700 hover:bg-gray-50 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-blue-500"
-            >
-              <ExternalLink className="h-4 w-4" aria-hidden /> {t('Open in new tab')}
-            </a>
+            {openInNewTab}
             <Button type="button" variant="ghost" onClick={onCancel}>
               {t('Cancel')}
             </Button>
@@ -65,6 +133,15 @@ export function LegacyIframe({ url, onCancel }: LegacyIframeProps) {
         <iframe
           src={safe}
           title={t('Legacy admin form')}
+          // Refusal detection (#673): a successful frame fires `load`; we mark
+          // it `loaded` and the refusal timer becomes a no-op. (We don't try
+          // to read `contentDocument` — the sandbox makes a same-origin page
+          // opaque, and a thrown SecurityError would be indistinguishable from
+          // success — the `load` event firing at all is the signal.)
+          onLoad={() => {
+            if (timerRef.current !== null) clearTimeout(timerRef.current);
+            setStatus('loaded');
+          }}
           // Defence-in-depth (#665): the legacy admin needs forms + scripts +
           // same-origin cookies to function, but this explicit allowlist drops
           // the unsafe-by-default capabilities — `allow-top-navigation`,
diff --git a/frontend/apps/web/src/pages/detail/ObjectActionButton.tsx b/frontend/apps/web/src/pages/detail/ObjectActionButton.tsx
index 3d836a4..c3c26d3 100644
--- a/frontend/apps/web/src/pages/detail/ObjectActionButton.tsx
+++ b/frontend/apps/web/src/pages/detail/ObjectActionButton.tsx
@@ -30,6 +30,10 @@ export function ObjectActionButton({
       variant="secondary"
       loading={busy}
       disabled={busy}
+      // Long action labels/descriptions (#672) wrap *inside* the button
+      // (`whitespace-normal` + `break-words`) instead of forcing a wide
+      // min-content box that would push the toolbar past the viewport.
+      className="max-w-full whitespace-normal text-left break-words"
       title={action.description}
       onClick={async () => {
         setBusy(true);
diff --git a/pyproject.toml b/pyproject.toml
index c38a5ee..898108f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "django-admin-react"
-version = "1.11.0"
+version = "1.11.1"
 description = "A drop-in React single-page admin for Django, driven entirely by ModelAdmin."
 authors = ["django-admin-react contributors"]
 license = "MIT"