Google Adsense scripting technique ????

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Essentially , if cross browser scripting is a security breach , how
does Google implement their Adsense program by just having to paste
this javascript on ur webpage..after which they track everything back
from your domain to theirs.

<script type="text/javascript"><!--
google_ad_client = "pub-05567833523111";
google_ad_width = 728;
google_ad_height = 90;
google_ad_format = "728x90_as";
google_ad_type = "text_image";
google_ad_channel ="";
<script type="text/javascript"
src=" ">

Isn't it cross domain scripting , if nothing else....and how do u think
they accomplished this on different browsers..

Re: Google Adsense scripting technique ????

russzee wrote:

Quoted text here. Click to load it

It can be used for security breaches, it is not a security breack per se.

Quoted text here. Click to load it

It is essentially the same technique that is used by hackers for XSS
attacks. The difference is that a hacker (an untrusted party) finds a way
to insert JS code into the page without knowledge of the webmaster/document
author. The Google code on the other hand is inserted by the
webmaster/document author, after he analysed the code and considered it
harmless or simply trusts Google not to do any dirty things.

Benjamin Niemann
Email: pink at odahoda dot de
WWW: /

Site Timeline