Google Ads 不支持 HTTPS。还有哪些替代方案?

发布于 2024-09-15 02:04:20 字数 377 浏览 8 评论 0原文

众所周知,Google Ads 不支持 HTTPS,但由于我存储了用户的会话在不记名令牌/cookie 中,我觉得有必要对这些信息进行加密……至少这样我可以保护我的最终用户免遭黑客攻击。

我的选择是什么?我确信以前有人遇到过这个。可能有效的想法包括

  • 改变我做网站会员的方式
  • 使用 AdSense 以外的其他东西(MSN?或者其他任何人)
  • 向 Google 投诉,如果 AdSense 开启,我就无法跟踪我的用户
  • 寻找不同的方式来通过我的网站获利(也称为更改我的商业模式)

It's pretty well known that Google Ads doesn't support HTTPS, but since I store my user's session in a bearer token/cookie I feel the need to encrypt this information... at a minimum so I can protect my end users from being hacked.

What are my choices? I'm sure someone has come across this before. Ideas that may work include

  • Changing how I do website membership
  • Using something else other than AdSense (MSN?, anyone else)
  • Complaining to Google that I can't track my users if AdSense is on
  • Finding a different way to monetize my site (aka changing my business model)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

揽月 2024-09-22 02:04:20

如果您使用此 URL 来调用 adsense

https://pagead2.googleadservices.com/pagead/show_ads.js

而不是

http://pagead2.googlesyndication.com/pagead/show_ads.js

,会发生什么情况?

看起来它正在提供相同的脚本,您只需检查它是否可以检索您的页面内容来提供上下文广告。

这是无证的。只需在经典网址中添加“s”就会出现证书错误,因为证书的域是 *.googleadservices.com,因此是我建议的最终网址。这当然未经测试,但我很好奇它是否可行。

编辑:内容已交付,但我看不到是否收到任何警告,因为我的测试网站上的证书不受信任: https: //uandco.net/

编辑:我现在在同一 URL 上使用真实证书,但浏览器抱怨不安全的项目。这是因为,即使从 https URL 调用 adsense 脚本,也会生成对其他脚本和 iframe 的不安全 http 调用。

What happens if you use this URL for calling adsense

https://pagead2.googleadservices.com/pagead/show_ads.js

Instead of

http://pagead2.googlesyndication.com/pagead/show_ads.js

?

Looks like it's delivering the same script, you just have to check if it can retrieve your page content to deliver contextual ads.

This is undocumented. Just adding "s" in the classic URL gives a certificate error because the domain of the certificate is *.googleadservices.com, hence the final URL i propose. This is of course untested, but I'm curious to know if it could work.

EDIT: The content is delivered but I can't see if I get any warning because the certificate on my test website in not trusted: https://uandco.net/

EDIT: I'm now using a real certificate on the same URL but browsers are complaining about unsecured items. This is because the adsense script, even when called from its https URL, generates unsecured http calls to other scripts and iframes.

没︽人懂的悲伤 2024-09-22 02:04:20

我对客户网站使用的答案是从 AdSense 迁移到 DoubleClick for Publishers Small Businesses。这是另一个 Google 运行系统,即使您不使用它来管理广告活动,它也会退回到您的 AdSense 帐户来提供广告。

Google 为您提供了代码,但它使用“包罗万象”的代码插入方式,无论 HTTPS 还是 HTTP 都可以运行。

<script type='text/javascript'>
    (function() {
        var useSSL = 'https:' == document.location.protocol;
        var src = (useSSL ? 'https:' : 'http:') +
            '//www.googletagservices.com/tag/js/gpt.js';
        document.write('<scr' + 'ipt src="' + src + '"></scr' + 'ipt>');
   })();
</script>

来源:http://support.google.com/dfp_sb /bin/answer.py?hl=zh-CN&answer=143694

The answer I have utilised for a client's website is to move from AdSense to DoubleClick for Publishers Small Businesses. This is another Google run system and even if you don't use it to manage advertising campaigns, it falls back to your AdSense account to serve up adverts.

Google provides the code for you, but it uses a "catch-all" insertion of it's code that operates regardless of HTTPS or HTTP.

<script type='text/javascript'>
    (function() {
        var useSSL = 'https:' == document.location.protocol;
        var src = (useSSL ? 'https:' : 'http:') +
            '//www.googletagservices.com/tag/js/gpt.js';
        document.write('<scr' + 'ipt src="' + src + '"></scr' + 'ipt>');
   })();
</script>

Source: http://support.google.com/dfp_sb/bin/answer.py?hl=en&answer=143694

千寻… 2024-09-22 02:04:20

选项 3 不会做任何事情,#4 可能需要大量工作,#2.. AdSense 仍然是王道。

剩下选项 1——我认为最简单的选项。您使用任何框架吗?

编辑:另一种选择是继续通过 HTTP 提供服务并处理各种浏览器错误和警告。

当我写最初的回复时,我正在考虑使用 Open ID 之类的东西,但转念一想,我不确定这会对你有什么帮助。

Option 3 won't do anything, #4 could be a lot of work, #2.. AdSense is still king.

That leaves option 1 - simplest option in my opinion. Are you using any frameworks?

Edit: another option would be to just continue serving them over HTTP and dealing with the various browser errors and warnings.

When I wrote the original response I was thinking of using something like Open ID but on second thought I'm not sure that'll do anything for you.

苏别ゝ 2024-09-22 02:04:20

AdSense 现在支持 HTTPS。只需删除广告代码的“http:”部分即可。

AdSense now supports HTTPS. Just remove the "http:" portion of the ad code.

北笙凉宸 2024-09-22 02:04:20

只是穷人的解决方案:打开一个新的 HTTP 窗口,其中包含所有 AdSense 内容...

是的,它很糟糕,但用一点 JS 魔法来实现应该不会太困难。

问候。

Just the poor man's solution: Opening a new HTTP window with all the AdSense stuff...

Yes, it stinks, but it should not be too difficult to be implemented with a bit of JS magic.

Regards.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文