为什么这个document.write iframe广告代码完全破坏了Internet Explorer? [英] Why does this document.write iframe ads code completely break Internet Explorer?
问题描述
TL; DR
Google - 提供了使用 document.write 注入iframe的转换跟踪代码突然导致页面在所有版本的Internet Explorer中停止执行,但通过注入相同的iframe一个非 document.write 方法。
故事:
Doubleclick是一个广告网络,提供一个JavaScript片段来跟踪来自广告的转化。
他们给出的代码片段如下所示:
< SCRIPT语言= JavaScript的 >
var axel = Math.random()+;
var a = axel * 10000000000000;
document.write('< IFRAME SRC =https://fls.doubleclick.net/activityi;src=143;type=donat01;cat=indir4;ord=1;num='+ a +' ?WIDTH = 10 HEIGHT = 10 FRAMEBORDER = 0>< / IFRAME>');
< / SCRIPT>
< NOSCRIPT>
< IFRAME SRC =https://fls.doubleclick.net/activityi;src=143;type=donat01;cat=indir4;ord=1;num=1?
WIDTH = 1 HEIGHT = 1 FRAMEBORDER = 0>< / IFRAME>
< / NOSCRIPT>
现在,我知道,由于种种原因,document.write是危险的,应该避免。但是,谷歌给了我这个代码,所以我想我可以信任它。
它突然开始为所有使用Internet Explorer的用户打破了我们所有的页面。和in一样,一旦它遇到 document.write ,页面就会完全停止渲染。这太疯狂了:互联网上最大的第三方广告商之一给了我JavaScript,它已经很好地将我的购买页面打碎了我的流量的25%!
我很快用Google Analytics中的注入技术代替了相同的代码:
var iframe = document.createElement('iframe' );
iframe.src = //网址;
iframe.width = 0;
iframe.height = 0;
iframe.frameborder = 0;
var ref = document.getElementsByTagName('script')[0];
ref.parentNode.insertBefore(iframe,ref);
解决了这个问题,却没有真正解释:
为什么使用document.write注入的几乎空的iframe会中断Internet Explorer,但是上面的这个方法不行?
我解决了这个问题;事实证明,它与< iframe> 的内容无关。
事实证明,该页面是由一个开始使用后端DOM解析器的框架提供的,其原因可能与<在 document.write 内的< script> 标记内完全删除/ < / iframe >结束标记,尽管它将它保留在后端。 (它可能试图执行 ETAGO 规则)。
我能够重现它的原因是因为我复制了生成的 document.write 代码,而不是原始代码,并且从未注意到缺少< / iframe> 。 (和我的功能的document.write代码没有剥离< / iframe> 标签,导致我相信问题是< )
因此,浏览器解析了一个未关闭的 So, I'm trying to find an answer to why this problem is happening; I've fixed the problem, but I want to know why it happened. Google-provided conversion tracking code that injected an iframe using Doubleclick is an advertising network that provides a JavaScript snippet to track conversions from ads. The snippet they give looks like this: Now, I know that, for all sorts of reasons, document.write is hazardous and should be avoided. But, Google is giving me this code, so, I figured I could trust it. It suddenly started breaking all of our pages for all users using Internet Explorer. As in, the page would stop rendering entirely once it hit the As triage, I quickly substituted in the same code using the injection technique found in Google Analytics: This resolved the problem, without actually explaining:< iframe> code>标记在页面上,Internet Explorer不知道如何处理,并通过iframe的解析部分方式死亡(我仍然不完全确定为什么)。 TL;DR
document.write suddenly caused the page to cease to execute in all versions of Internet Explorer, but was remedied by injecting the same iframe using a non-document.write method.The Story:
<SCRIPT language="JavaScript">
var axel = Math.random()+"";
var a = axel * 10000000000000;
document.write('<IFRAME SRC="https://fls.doubleclick.net/activityi;src=143;type=donat01;cat=indir4;ord=1;num='+ a + '?" WIDTH=10 HEIGHT=10 FRAMEBORDER=0></IFRAME>');
</SCRIPT>
<NOSCRIPT>
<IFRAME SRC="https://fls.doubleclick.net/activityi;src=143;type=donat01;cat=indir4;ord=1;num=1?"
WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
</NOSCRIPT>
document.write. This was crazy: One of the largest third party advertisers on the internet had given me JavaScript that had LITERALLY broken my purchase pages for 25% of my traffic!var iframe = document.createElement('iframe');
iframe.src = //the URL;
iframe.width = 0;
iframe.height = 0;
iframe.frameborder = 0;
var ref = document.getElementsByTagName('script')[0];
ref.parentNode.insertBefore(iframe, ref);
Why does a nearly empty iframe, injected using document.write, break Internet Explorer, but this method above doesn't?
I've solved the problem; it turns out that it had nothing to do with the contents of the <iframe>.
It turns out the page is served by a framework that began using a backend DOM parser that, for reasons likely related to the presence of </ within a <script> tag within the document.write, completely removes the </iframe> closing tag from the generated page, even though it preserves it in the backend. (It's probably trying to enforce ETAGO rules).
The reason I was able to reproduce it was because I was copying the generated document.write code, not the original code, and never noticed the missing </iframe>. (And my "functioning" document.write code didn't have the stripped out </iframe> tag, leading me to believe that the problem was the contents of the iframe.)
As a result, browsers parsed an unclosed <iframe> tag on the page, which Internet Explorer didn't know how to handle, and died part way through the parsing of the iframe (I'm still not totally sure why).
这篇关于为什么这个document.write iframe广告代码完全破坏了Internet Explorer?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
