Internet Explorer has modified this page to help prevent cross-site scripting

Discussion in 'STH Suggestions and Updates' started by Terry Kennedy, Mar 11, 2018.

  1. Terry Kennedy

    Terry Kennedy Well-Known Member

    Joined:
    Jun 25, 2015
    Messages:
    955
    Likes Received:
    421
    I've been getting "Internet Explorer has modified this page to help prevent cross-site scripting" warnings on the bottoms of pages on this site, perhaps 20% of the time in this session. I think that there's some questionable advertising practices going on. You may want to ask your ad provider(s) about it before it gets out of control.

    Edited to add: Got it when submitting this reply, too. The advertising code seems heavily obfuscated, though I'm not sure it isn't always:
    Code:
    <!doctype html><html><head><script>var google_casm=[null,null,null,null,null,null,1];</script><style>body{margin: 0;padding: 0;}</style></head><body><script></script><iframe id="ad_iframe" name="ad_iframe" scrolling="no" src="about:blank"frameborder="0"width="728px" height="90px"style="border: 0px; vertical-align: bottom; width: 728px; height: 90px; position: absolute; left: 50%; margin-left: -364px; top: 0; margin-top: 0px;"></iframe><script>var doc = document.getElementById('ad_iframe').contentWindow.document;doc.open('text/html', 'replace');doc.write('\x3c!doctype html\x3e\x3chtml\x3e\x3chead\x3e\x3cscript\x3evar google_casm\x3d[null,null,null,null,null,null,1];\x3c/script\x3e\x3c/head\x3e\x3cbody leftMargin\x3d\x220\x22 topMargin\x3d\x220\x22 marginwidth\x3d\x220\x22 marginheight\x3d\x220\x22\x3e\x3cscript\x3evar viewReq \x3d new Array();function vu(u) {var i\x3dnew Image();i.src\x3du.replace(\x22\x26amp;\x22,\x22\x26\x22);viewReq.push(i);}\x3c/script\x3e\x3cscript\x3evu(\x22https://googleads.g.doubleclick.net/pagead/adview?ai\\x3dCw6BAraWlWtDrOI2c3AHZ4Z2oC5bw_rxN6uTGo4kBwI23ARABIABgyZ7rirSk2A-CARdjYS1wdWItNjg5MjI4MzQ0NDE1NjcwMMgBCagDAaoE8QFP0E0JeK3Vj8OwVGef6HyMw6Y-zvxrEde9ROXFXC1hUVoPI1kkcbabAP3evYqg2qWiRzyQXIbH7sg9jAjROzySEOP_VcXlffQE6ChE0xScQctSGQE6Pogs1iKAXworVzTZUtP0BrKw9Hv5EDxcH59KbMzr9RWyDA6bBdrRITGW5WtfF6yp-AC1nvZCrRUpJ_NUYwLPC9ktbv-w3E_l3eyYcsaLwc0uQFII5op83FNUcdU8-bKBllKkp-vrPgCou8byj0ZiN3l74eXRTZlkE2yIhEJwK0Icax6f-4fSQhf4VmoXvM8bpPsuigd9touq9FlFgAaolJDOjOWyz5EBoAYhqAemvhvYBwDSCAUIgGEQAQ\\x26sigh\\x3dZb_KSDOmlq8\x22)\x3c/script\x3e\x3cscript\x3evu(\x22https://pr.ybp.yahoo.com/bw/adx/imp/-AnabLKLrBAjmtf3Tpl4ilABDqJ3vbRkGbuQwC_HzyNr9PxvFrPXsyVviS2Ilm2vadXmoD2quSfT6qzNtExYuQg1c7zLbx8RPFvZyPNpxlayooIEOFyDgd13CCR0kw6mhedrmjbImbCpNnghAvSxcE43nhiIj4lpEljnv_HA7bDNT3fdxjJplv8hk3ChgqB77oDw07eGBMQy5wXcnNnlX10QT6vL_PgRm4B5KEa4t0oLwFcpGsbeJehpPRnB195uPBsGtICJi2ZiPRYOKfDneiSmMYGCo_GOl_3YeSeH3E7PVwja6hBMY3oBJDQg6hLL7QH6rnoLZS3zeLD1ZJQB-lNuCjSOI4eoEOr8NhmcQoogGMyVxbZQhP3MokdBL3Vq6EjxsKzMGjBZN_B0oNVop4vsznQ0jDszAs6ySZudkfiRQoEVAg71qRFE3_ur0vnGHjKLFwTmoU7fQppoTT-EfRbAmWdvvg5ptS_3qGnPkr-KZRWq2AsB6QYWRPxN99kw0FfElhkxxkULNR9Y6E1NTL8onFHVacmT1DXhCfkxIZB9ZYD1EJH9L7_lSFoUah-mLBfJ1To4bwG4WCvxH9ee3Rdio36U1huiTt9J4XFIAxA4ACyMz_feJxCf3PokoAUiiVbv0W_0EiVKnhZyQuVt8OCCoVUNPozdD0BKto6bOuaRV5I90HkW5rvws9jykN5kJ74adxyevtsQpgRweZ-jDz-kf3CYJHojUbyiH5SsJ4mV8mO9JGZNi0Y_2uf1JVVZ9hKj3FRSGaxCahoXYp0LU0-QvtpZo56rBjyVxYDDujoHZ75TJBGMWU3GaHudhjx9TfQwcRR7ovnCmjnuGl_0I1Yv7tUkbYEfsTHoG1voz4vocezPqB9Yp47W0JQTWipCcNTL5uuvO0R8-MmafKqKyd5bDKxYV7ynOJBh4AQVMlkGGFrtbsfiCwBszJF_it4z8Czg2QvzDkrTxV42slwjTQxGNaO8iGKfT5w_SQ1mtmUWMLAXtjnM6LpsdeTS75-AImVVZkYXMVEeCXhAaTFxYA/wp/WqWlrQAONdAKNw4NAAdw2VNGGjkm2ItqKMSk6Q\x22)\x3c/script\x3e\x3cscript type\x3d\x22text/javascript\x22 src\x3d\x22https://pr.ybp.yahoo.com/ab/secure/true/imp/S2v7VIauiF6hF7Ie56LpdMulpcr4Yw50j-MHcMrZm7Fk6WrU9fVs1bYFE4-5Z6-uvBT7xIyy6gkMRYPFp2U0GTkAbVPsARalHaA5H6h1et3NLvHBMsrQezwq-f49z_7IcnkfZekhvoN4e0qVPDbIEO-MRpNB88Imi_VUl23Hl6EE1HpldY6zsWoT8Kt8YsLDIM-pdfsJOah1Q3Dv7oRU3jleOFEvbkG6KzB2nqhFvClvQeOJSmYjEwcWbaeBAmAg8j_p5f3w5CrMSFUq8SMeyGWSQaB5awgVgiEcFbmvmBiNiT7XzJgMZ7Bhrm6lTRdiY9_Diaf4BF2zrzfZ6IASpVOm4s7l6pEqkdmvs_jF5AJn630vucScb4rIB8NqBC3UxfFcrCXhzKUAWySGUtPy25EnAvE-onF6XTacjJhlz4NVRDk9h8JfPvNGEBC2GzkvnzZC6f8neVzPy8XDIaKU1MQk2DHV9Af7qZsxt5xln1ERfKgtfTwKtIbmWqG8kbTDWlFvmtImMsDOP6LseiExUQ3y7kUv9TDA6QmdMZKI2sGWGTbHBwuHuU93pJ8ctErK6QuKYtw4RFN1HmZAgBU3-3bGBLlmGeW7vzjvbHWGQnSEjG1mKP1u9ePH2EI4Ku7p-ZJ8G1YRQFGJDyba1JyeUTv9ndIiQfJ1nTvGVGjXtvwJhx2Tv406DAGK0GUjPHqJw2r1JZEWlD6QyZjaBe0evSEgOgFx3CU7FuDlKpYBvUoYtnMPOdTwqsxxnS7CgRGmxCyz4MpqdWZ46FTs5BmRMeCHt8KpbfTSU2w-Hk25r7e3U12oa_u7ZtsUG_kX3na5MOCy2orYX3fu2JnS0AvkgqFv0uiJXLxtU95jTmZRU2tnBXjydwxNBeHGBEv4wCshtsUQUuRYpi09gXE0OVAX1KcdQqso-AfKRPcWrGDJVNWX8rPL04z8IcJ6_6HIR0E3Xag9KDEK_W2cb-4YoW2ot1nqnYS-WzvzZ7XnjjBD9qldezXLtrRo_h_AdM6zHP5y8-bxak8gcnDuFLFeo6mUmA/wp/WqWlrQAONdAKNw4NAAdw2VNGGjkm2ItqKMSk6Q/pclick/https://adclick.g.doubleclick.net/aclk?sa\x3dL\x26ai\x3dCw6BAraWlWtDrOI2c3AHZ4Z2oC5bw_rxN6uTGo4kBwI23ARABIABgyZ7rirSk2A-CARdjYS1wdWItNjg5MjI4MzQ0NDE1NjcwMMgBCagDAaoE8QFP0E0JeK3Vj8OwVGef6HyMw6Y-zvxrEde9ROXFXC1hUVoPI1kkcbabAP3evYqg2qWiRzyQXIbH7sg9jAjROzySEOP_VcXlffQE6ChE0xScQctSGQE6Pogs1iKAXworVzTZUtP0BrKw9Hv5EDxcH59KbMzr9RWyDA6bBdrRITGW5WtfF6yp-AC1nvZCrRUpJ_NUYwLPC9ktbv-w3E_l3eyYcsaLwc0uQFII5op83FNUcdU8-bKBllKkp-vrPgCou8byj0ZiN3l74eXRTZlkE2yIhEJwK0Icax6f-4fSQhf4VmoXvM8bpPsuigd9touq9FlFgAaolJDOjOWyz5EBoAYhqAemvhvYBwDSCAUIgGEQAQ\x26num\x3d1\x26sig\x3dAOD64_3YabP5LcC_FXf0PMyCPc-7Go2rBA\x26client\x3dca-pub-6892283444156700\x26adurl\x3d\x22\x3e\x3c/script\x3e\x3cscript src\x3d\x22https://tpc.googlesyndication.com/pagead/js/r20180307/r20110914/client/ext/m_window_focus_non_hydra.js\x22 async\x3e\x3c/script\x3e\x3cscript\x3efunction initWindowFocus() {window[\x27window_focus_for_click\x27] \x3dwfocusnhinit(\x22https://googleads.g.doubleclick.net/pagead/conversion/?ai\\x3dCw6BAraWlWtDrOI2c3AHZ4Z2oC5bw_rxN6uTGo4kBwI23ARABIABgyZ7rirSk2A-CARdjYS1wdWItNjg5MjI4MzQ0NDE1NjcwMMgBCagDAaoE8QFP0E0JeK3Vj8OwVGef6HyMw6Y-zvxrEde9ROXFXC1hUVoPI1kkcbabAP3evYqg2qWiRzyQXIbH7sg9jAjROzySEOP_VcXlffQE6ChE0xScQctSGQE6Pogs1iKAXworVzTZUtP0BrKw9Hv5EDxcH59KbMzr9RWyDA6bBdrRITGW5WtfF6yp-AC1nvZCrRUpJ_NUYwLPC9ktbv-w3E_l3eyYcsaLwc0uQFII5op83FNUcdU8-bKBllKkp-vrPgCou8byj0ZiN3l74eXRTZlkE2yIhEJwK0Icax6f-4fSQhf4VmoXvM8bpPsuigd9touq9FlFgAaolJDOjOWyz5EBoAYhqAemvhvYBwDSCAUIgGEQAQ\\x26sigh\\x3dCUXotfxXtxA\x22,\x22raWlWtiAOMSB3QHplImoCA\x22,\x22CJD2xJqh5dkCFQ0ONwod2XAHtQ\x22,true,false,false,0);}if (window.wfocusnhinit) {initWindowFocus();} else {window[\x27google_wf_async\x27] \x3d initWindowFocus;}\x3c/script\x3e\x3cscript src\x3d\x22https://tpc.googlesyndication.com/pagead/js/r20180307/r20110914/activeview/osd_listener.js\x22\x3e\x3c/script\x3e\x3cscript type\x3d\x22text/javascript\x22\x3eosdlfm(-1,\x27\x27,\x27B2Q5oraWlWtDrOI2c3AHZ4Z2oCwDq5MajiQEAABABOAHIAQmgBiHSCAUIgGEQAQ\x27,\x27\x27,1035606951,true,\x27zac\\x26ud\\x3d1\\x26la\\x3d0\\x26alp\\x3dai\\x26alh\\x3d2784397038\\x26\x27,3,\x27\x27,\x27//pagead2.googlesyndication.com/activeview?avi\\x3dB2Q5oraWlWtDrOI2c3AHZ4Z2oCwDq5MajiQEAABABOAHIAQmgBiHSCAUIgGEQAQ\x27,\x27\x27);\x3c/script\x3e\x3cscript src\x3d\x22https://tpc.googlesyndication.com/pagead/js/r20180307/r20110914/client/ext/m_qs_click_protection.js\x22\x3e\x3c/script\x3e\x3cscript\x3egoogqscp.init([[[[null,500,99,2,8,null,null,null,1]]],null,null,null,null,0,null,null,0]);\x3c/script\x3e\x3cscript\x3eif (window.top \x26\x26 window.top.postMessage) {window.top.postMessage(\x27{\x22googMsgType\x22:\x22adpnt\x22}\x27,\x27*\x27);}\x3c/script\x3e\x3cdiv style\x3d\x22display:none\x22 data-google-query-id\x3d\x22CJD2xJqh5dkCFQ0ONwod2XAHtQ\x22\x3e\x3c/div\x3e\x3c/body\x3e\x3c/html\x3e');doc.close();</script></body></html>
    Further edited to add: The above snippet, when pasted into a HTML file, still generates the cross-site scripting warning. So that's the actual code, not just some random HTML.
     
    #1
    Last edited: Mar 11, 2018
    Patrick likes this.
  2. Patrick

    Patrick Administrator
    Staff Member

    Joined:
    Dec 21, 2010
    Messages:
    11,113
    Likes Received:
    4,071
    I will look into it.

    Actually working on getting rid of Google AdSense altogether in the next two quarters.
     
    #2
  3. cesmith9999

    cesmith9999 Well-Known Member

    Joined:
    Mar 26, 2013
    Messages:
    1,010
    Likes Received:
    308
    That is funny since I see a lot of adds for AdSense on my phone these days

    Chris
     
    #3
  4. Patrick

    Patrick Administrator
    Staff Member

    Joined:
    Dec 21, 2010
    Messages:
    11,113
    Likes Received:
    4,071
    Yea, I need to put together a new state of STH post one of these days.

    The plan is to keep quantity about the same but move to an outside agency sold with clear rules of engagement, e.g. static banners.

    I have interviewed about a dozen agencies/ folks, and people say that STH given its current size should be making 15-20x more revenue, after the big agency cut, than it is with AdSense.

    I had thought that the difference was that we were losing 15-30% but that seems not to be the case.

    The other item I prefer is less of the annoying ads. I think STH is still among the less obtrusive options, but I have said "NO" to anything that looks like Anandtech/ Toms.
     
    #4
    Terry Kennedy, dawsonkm, K D and 2 others like this.

Share This Page