如何检测 iframe 内的点击(跨域)?又名防止点击欺诈 [英] How to detect a click inside of an iframe (cross-domain)? Aka prevent click fraud
问题描述
我的广告系统提供商向我发出了关于点击欺诈的警告.没有更多信息,他们所推荐的只是为点击广告太快的用户隐藏广告".我写了一段 JS 脚本,在点击时隐藏所有带有广告的 DIV(使用 cookie)N 秒,但是这个解决方案不起作用,因为内部"内容(带有广告)是由调用和呈现的 JS 脚本生成的来自外部服务器的内容(正如您对广告系统所期望的那样).因此,当考虑跨域安全性时,它有点像 Catch 22.如何检测 DIV(本地定义)内的点击,其中的内容由外部 JS 呈现并在 iframe 中呈现?
示例:
<!-- 本地定义的 div --><div id="my-id"><!-- 在提供商的系统中标识我的广告--><脚本>var foo = blah//声明广告尺寸和内容//并在#my-id DIV 中呈现上下文广告
如果都是本地的,解决方案会很简单,因为内部 div 将继承父类(ad-class").在跨域的情况下,这是无效的.伙计们,有什么建议吗?
您无法检测跨域 iframe 中的点击事件.
也就是说,您可能有一个糟糕的选择:
您可以做的最接近的事情之一是检测焦点从您的窗口移动到 iframe:
window.focus();//强制关注当前窗口;window.addEventListener('blur', function(e){if(document.activeElement == document.querySelector('iframe')){alert('关注当前窗口并移动到 iframe/可能点击!');}});但是它不可靠,松散的焦点并不意味着点击,它可能是用户使用 TAB 在网站上移动.
另一个问题是,你只检测到第一次焦点移到 iframe 上,你不知道用户在那里做了什么,他可以点击一百万次,你永远不会知道.
I got a warning by my ad system provider about click fraud. No further info, all they are recommending is "hide the ads for users who click on ads too quickly'". I wrote a piece of JS script that hides all DIVs with ads for N seconds (using cookie) when clicked on, but this solution does not work as the "inner" content (with ads) is generated by an JS script that calls and renders the content from external server (as you would expect from an ad system). So, when one takes the cross-domain security into account it is kinda Catch 22. How can I detect a click inside a DIV (locally defined) of which content is rendered by an external JS and in iframe?
Example:
<div class="ad-class"> <!-- locally defined div -->
<div id="my-id"> </div> <!-- identifies my ad in the provider's system -->
<script>
var foo = blah // declares the ad dimensions and stuff
// and renders the contextual ad in #my-id DIV
</script>
</div>
Were it all local, solution would be easy as the internal div would inherit the parent class ("ad-class"). In case of cross-domain, this is not valid. Any tips, dudes?
You cannot detect click events in cross-domain iframe.
That put, you might have one bad option:
One of the nearest things you can do is detect that the focus moved from your window to the iframe:
window.focus(); //force focus on the currenct window;
window.addEventListener('blur', function(e){
if(document.activeElement == document.querySelector('iframe'))
{
alert('Focus Left Current Window and Moved to Iframe / Possible click!');
}
});
However it's not reliable, loose focus does not mean a click, it could be user moving across the website using TAB.
Another problem is that, you only detect the first time focus is moved to the iframe, you do not know what user does in there, he can click a million times and you will never know.
这篇关于如何检测 iframe 内的点击(跨域)?又名防止点击欺诈的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
