Hi Lyle,
the code execution is a security feature to make sure that only allowed code will be executed. As long as the code is dynamic, you can’t control it because you don’t know what will be executed.
What you can do instead is to use the code block and render the field with PHP (check the ACF documentation for more customization options):
<?php
$iframe = get_field('textarea'); //this is your acf field
if($iframe) {
echo $iframe;
}
?>