Why use [removed]?
I was wondering why ad\'s still use the document.write approach to inserting the add into the page
-
IMHO, that's not only pointless, but even incorrect. Angle brackets are not escaped, which'll render document technically invalid HTML (even though it'll work in all major browsers, because they try to recover from coders' errors). And in case one's serving his site with XHMTL pages as
application/xml+xhtml,document.write()just won't work at all.讨论(0) -
A way to make it somewhat less likely their add is blocked.
讨论(0) -
To match this with regex and to remove is easy :
<script type='text/javascript' src='http://addomain/someadd.js'></script>but the other is more complex and can be written in different formats.
I think this is the reason.
讨论(0) -
I work with a web advertising company, and from what I've heard, certain browsers (don't know off hand which ones) will allow you to drop script tags into the page, but won't allow you to automatically execute their contents.
So, to pull this off, you need to break the script tag into pieces so the browser doesn't treat it as a script tag, but rather as any old HTML Data. Then, as the DOM is processed serially, the next thing it evaluates, after writing out the script tag is... hey, that script tag you just wrote out.
At this point the script tag is evaluated and executed.
讨论(0) -
Often these document.write injected scripts have dynamic strings attached to them to bust out of caching, or to send some info about the client to the ad server. I suspect your example started out as something like this
document.write("<script type='text/javascript' src='http://addomain/someadd.js?"+extrastuff+"'><\/sc" + "ript>");but got tweaked over time, or was copied and modified by someone who didn't understand the extrastuff bit. But as you've written it there is no difference: the two ways you cite in your question are functionally the same.
讨论(0) -
This method avoids loading the external script if active scripting is disabled.
讨论(0)
加载中...
- 热议问题