Google Adsense 中的 Javascript 错误
在我的几个运行 AdSense 的网站上,我收到以下错误:
无法将消息发布到 [http://]googleads.g.doubleclick.net。 收件人有来源 http://www.anekdotz.com。
不安全的 JavaScript 尝试访问 带有 URL 的框架 [http://]www.anekdotz.com/ 来自框架 带网址 [http://]googleads.g.doubleclick.net/pagead /ads?client=ca-pub-9099580055602120&output=html&h=250&slotname=9210181593&w=300&flash=10.0.42&url=http%3A%2F%2Fwww.anekdotz.com%2F&dt =1269901036429&相关器=1269901036438&frm=0&ga_vid=711000587.1269901037&ga_sid=1269901037&ga_hid=654061172&ga_fc=0&u_tz=-240 &u_his=2&u_java=1&u_h=900&u_w=1440&u_ah =878&u_aw=1436&u_cd=24&u_nplug=10&u_nmime=101&biw=1365&bih=806&eid=44901212&fu=0&ifi=1&dtd=153&xpc=Xkfk1oufPQ&p=http %3A//www.anekdotz.com。 域、协议和端口必须匹配。
(来自 Chrome javascript 控制台)
广告似乎可以正常展示,并且不会影响我的本机 javascript 代码。然而,有时这些错误似乎会减慢页面加载速度。我该如何解决这个问题?
(我修改了网址,以便我可以发布此内容,因为我是新用户)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(9)
谷歌搞乱了他们的脚本。你对此无能为力。
由于某种原因,AdSense 脚本包含在父页面中的
http://pagead2.googlesyndicate.net/pagead/expansion_embed.js正在尝试将有关广告的信息发送到新编写的 <使用新的 HTML5 postMessage 设施:是的。那里有一些很好的缩小/混淆的代码。相信我,
Pa是'postMessage'!此调用
this.la中的targetOrigin参数设置为http://googleads.g.doubleclick.net。然而,新的 iframe 是在其src设置为about:blank的情况下编写的。这与目标源不匹配,因此浏览器必须拒绝发送消息。不过,似乎只有 Chrome 在控制台日志中对此提出了实际的抱怨。根本不知道为什么要这样做,更不用说为什么它不只是使用
'*'作为目标源......我真的不想涉足混淆的脚本来找出答案。但是,此错误不应导致页面加载速度减慢。如果您看到暂停,通常是在解析并获取其他外部脚本。Google have messed up their script. There's not much you can do about it.
For some reason
http://pagead2.googlesyndication.net/pagead/expansion_embed.js, included in the parent page by the AdSense scripts, is trying to send information about the advert into a newly-written<iframe>created to hold the advert, using the new HTML5 postMessage facility:Yeah. Some nice minified/obfuscated code there. Trust me,
Pais'postMessage'!The
targetOriginargument in this call,this.lais set tohttp://googleads.g.doubleclick.net. However, the new iframe was written with itssrcset toabout:blank. This doesn't match the target origin, so the browser must refuse to send the message. Only Chrome seems to be dropping an actual whinge to the console log about it though.No idea why it's doing this at all, never mind why it's not just using
'*'as a target origin... I'm not really feeling like wading into the obfuscated script to find out. However, this error should not cause page loading to slow down. If you're seeing pauses it's usually resolving and fetching other external scripts.Google 试图利用浏览器的一个怪癖,即某些浏览器会忽略 URL 为 about:blank 的窗口的同源策略,从而允许该窗口向任何站点提交 XMLHttpRequest,或者在本例中为 postMessage 请求。
据我所知,浏览器最近已经禁用了这种行为。您必须拥有一款这样的已修补浏览器。
希望这个损坏的功能不会影响您通过广告赚钱的能力。
如果您的网站因自身原因而生成 Javascript 错误,这很烦人,但当您在自己的页面上运行其他人的 Javascript 时,您必须接受这种可能性。
Google's trying to exploit a browser quirk whereby some browsers ignore the same-origin policy for windows with about:blank as the URL, allowing that window to submit XMLHttpRequest or, in this case, postMessage requests to any site.
As far as I know, browsers have recently been disabling this behaviour. You must have one such patched browser.
Hopefully, this broken functionality doesn't affect your ability to earn money from the ads.
It's annoying for your site to generate Javascript errors through no fault of your own, but it is a possibility you must accept when you run someone else's Javascript on your page.
这是正常的,因为您的浏览器会阻止来自其他网站的 CSRF 攻击。
要允许
googleads...访问您的网站并解决此问题,请在您的网站根目录中创建一个名为crossdomain.xml的文件,并在其中填充以下内容:进行测试,转到您的域 http://your-domain.com/crossdomain.xml 并进行确保该页面没有错误。您还允许使用通配符等(请参阅参考资料)。完成后,刷新页面。
希望有帮助。
实例:
http://www.blanjamudah.com/crossdomain.xml
参考:
http://en.wikipedia.org/wiki/Cross-site_request_forgery
http://curtismorley .com/2007/09/01/flash-flex-tutorial-how-to-create-a-crossdomainxml-file/
It's normal because your browser prevents CSRF attacks from other websites.
To allow
googleads...to access your website and solve this problem, create a file namedcrossdomain.xmlin your webroot and fill it with the following content:To test it, go to your domain http://your-domain.com/crossdomain.xml and make sure there are no errors for that page. You also allowed to use wildcards, etc (look at reference). When you're done, refresh your page.
Hope that helps.
Live example:
http://www.blanjamudah.com/crossdomain.xml
Reference:
http://en.wikipedia.org/wiki/Cross-site_request_forgery
http://curtismorley.com/2007/09/01/flash-flex-tutorial-how-to-create-a-crossdomainxml-file/
网站根目录中允许访问 googleads.g.doubleclick.net 的 crossdomain.xml 文件应该可以修复该问题。
请参阅此页面,http:// /www.warriorforum.com/adsense-ppc-seo-discussion-forum/458906-adsense-blank-space-problem.html
A crossdomain.xml file in the site root allowing access to googleads.g.doubleclick.net should fix it.
See this page, http://www.warriorforum.com/adsense-ppc-seo-discussion-forum/458906-adsense-blank-space-problem.html
对于搜索域名和协议错误代码后登陆此页面的用户:
AdSense 发布了新的 他们的 javascript 的异步版本解决了我们使用他们的旧嵌入代码时生成的跨域错误。当我们在 AJAX 密集型网站上使用他们的标准嵌入代码时,我们遇到了跨域错误。当我们实现他们的异步代码时,与正确定义的 crossdomain.xml 结合使用 跨域错误消失了。
For those who land on this page after searching for the domain and protocol error code:
AdSense has released a new async version of their javascript that addressed the cross-domain errors being generated when we used their older embed code. When we used their standard embed code on our AJAX-heavy site, we got the cross-domain error. When we implemented their async code, and in combination with a properly defined crossdomain.xml the cross-domain error went away.
这似乎是错误消息掩盖了真正原因的情况。真正的原因可能是某种 Adsense 配置错误;不幸的是,Adsense 似乎没有做足够的检查来提供更相关的错误消息。
我自己也遇到过这个错误,并在研究论坛后得出了这个结论,有些人报告在验证他们的银行帐户或其他内容后已修复该错误。就我而言,我的服务器端环境与 google_ad_client 参数混淆,因此真正的问题是该参数为空。一旦我解决了这个问题,广告就会展示,并且不再有错误消息。
所以在实践中,这实际上与同源策略无关。现在,adsense 代码是正确的,我现在甚至可以在本地主机以及服务器上运行时显示广告。
This seems to be a case of the error message masking the real cause. The real cause is probably some kind of Adsense misconfiguration; unfortunately Adsense doesn't seem to do sufficient checks to give a more relevant error message.
I had this error myself and came to this conclusion after researching the forums, where some people reported it was fixed after verifying their bank account or whatever. In my case, my server-side environment was messing with the google_ad_client parameter, so the real problem was that parameter being null. Once I fixed that, ads were showing and no more error message.
So in practice, it's really nothing to do with same-origin policy. Now that the adsense code is correct, I'm even now able to show ads when running on localhost, as well as on the server.
刚刚遇到类似的问题。不确定是否相关,但无论如何我都会解释一下。
我的页面上显示了两个广告,并且想通过仅在页面末尾调用此脚本一次来“重构”代码:
我的广告损坏了,我发现这个脚本标记必须放置在每个广告 var 脚本之后:
但是当我恢复更改时,第一个脚本标签仍然放置在我的页面底部,因此尝试加载另一个脚本标签作为广告。这失败了,我得到了你看到的这个错误。
因此,请检查您是否将两个广告脚本标记放在一起,而不是放在其他地方,例如:
Just got a similar problem. Not sure if it's related, but I'll explain anyway.
I had two ads showing on my page and wanted to "refactor" the code by only calling this script once at the end of the page:
My ads broke and I figured out that this script tag has to be placed just after each ads var script:
But when I had reverted my changes the first script tag was still also placed at the bottom of my page and thusly trying to load another one of my script-tags as an ad. This failed and I got this error you saw.
So check that you keep the two ads script tags after eachother and no place else, ex:
只需将
移动到顶部广告上方的页面,而不是下方的页面,为我解决了这个问题Simply moving
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>to the top of the page above the ads, instead of below, fixed this for me在 Google Adsense 仪表板(网络版或应用程序版)的“网站”选项卡中。确保您的网站设置为以 your-domain.com(或任何顶级域名)作为域,以 www.your-domain.com 作为子域。
In the Sites tab in your Google Adsense dashboard (web or app version). Make sure your site is setup with your-domain.com (or whichever tld) as the domain and www.your-domain.com as a subdomain.