MSN Tracking Javascript

[vedioad]

Our client has a flash-driven website, and they proivde API connection
which allows third-party tracking code to be initiated when events
occur in a Flash or DHTML based environement.

Client's HTML code includes a javascript file as
<script language="JavaScript" src="https://client.xxxx.com/
callback.js"></script>

on this callback JS file, the third party tracking script is
registered on 'conpage1' action, and ROI function will be called when
conpage1 action happens.

Dispatcher.register('conpage1', 'ROI');

function ROI()
{
var microsoft_adcenterconversion_domainid = xxxxx;
var microsoft_adcenterconversion_cp = 5050;

var head = document.getElementsByTagName('body')[0];

var objMsn = document.createElement('script');
objMsn.setAttribute('type','text/javascript')

objMsn.setAttribute('src','https://0.r.msn.com/scripts/
msn_adcenterconversion.js')
head.appendChild(objMsn)

var MsnImage= new Image();
MsnImage.src = "https://xxxxx.r.msn.com/?type=1&cp=1";
}


The code between ROI() function is customerized MSN Tracking code in
order to fit the flash site. However, the customized code will make
the browser frozen. If I test the site with Firefox with firebug
debugger enabled, I can see the browser keep waiting for r.msn.com...

Here is the default MSN Conversion Tracking code:

<SCRIPT>
microsoft_adcenterconversion_domainid = xxxxx;
microsoft_adcenterconversion_cp = 5050;
</script>
<SCRIPT SRC="https://0.r.msn.com/scripts/
microsoft_adcenterconversion.js"></SCRIPT>
<NOSCRIPT><IMG width=1 height=1 SRC="https://xxxxx.r.msn.com/?
type=1&cp=1"/></NOSCRIPT>


Did I do anything wrong?

Any suggestion is appreciated.

Cathy

 

[Oliver Wong]

Our client has a flash-driven website, and they proivde API connection
which allows third-party tracking code to be initiated when events
occur in a Flash or DHTML based environement.

Client's HTML code includes a javascript file as
<script language="JavaScript" src="https://client.xxxx.com/
callback.js"></script>
[...]

Did I do anything wrong?

Any suggestion is appreciated.

Try asking in a JavaScript newsgroup (e.g. comp.lang.javascript)
instead of a Java one. The two are different languages.

 

[Twisted]

Our client has a flash-driven website, and they proivde API connection
which allows third-party tracking code to be initiated when events
occur in a Flash or DHTML based environement.

Client's HTML code includes a javascript file as
<script language="JavaScript" src="https://client.xxxx.com/
callback.js"></script>
[...]

Did I do anything wrong?

Any suggestion is appreciated.

Try asking in a JavaScript newsgroup (e.g. comp.lang.javascript)
instead of a Java one. The two are different languages.

Better yet, try dipping your head in a vat of concentrated sulfuric
acid.
MSN is evil.
Javascript is evil.
Anything "which allows third-party tracking code to be initiated when
events" happen is evil.
Anything with "third-party tracking code" at all is evil, and probably
automatically riddled with security holes.
Anything with "third-party" anything at all sets my nose twitching --
caught a whiff of Hormel canned meat products; could be spam!
If I ever mysteriously start wanting my web browsing subjected to
"third-party tracking" I'll go download one of the fine products made
by 180 Solutions, Gator, Zango, and similar businesses, tyvm.

Funny thing, this Internet. People will just blithely show up asking
how to do this evil deed or that nasty little prank or some dirty
trick or another as readily as they'd normally ask how to change a
flat or something. And the devil of it is, I bet they frequently get
useful answers, too, or why do it and risk exposure of whatever
questionable thing it is they are doing?

Of course I also have to wonder why anyone in their right mind would
either allow third party code to run on their web site or knowingly
visit such a web site. The site is in even more security jeopardy than
its visitors. Aren't third-party garish ugly fat blinking 460x60
animated gifs awful enough anymore? Must they be allowed to actually
include code, which might do just about anything? In fact I've already
seen terrible, terrible things -- advertisers rigging their ads to
block the surfer's browser from loading any more of the page hosting
their ad until the entire 570K animated gif has loaded from the dialup-
connected 386 in the spammer's basement; advertisers rigging their ads
to try to stealthily infect the surfer's computer with spyware;
advertisers rigging their ads to scribble outside of the bounding box
of the "place ad here" piece of the host page's design and render the
page (and often the ad) illegible in the process; advertisers rigging
their ads to hijack the browser from the host page somehow, usually to
a bigger and more obnoxious ad; advertisers rigging their ads to OPEN
POPUPS...EVEN ON FIREFOX WITH POPUPS SUPPOSEDLY TURNED OFF...

Third party code should be flatly illegal and punishable by 50 years
in prison and a $50,000,000 fine, split between the spammer and
whatever greedy web site operator allowed them to run arbitrary code
on their site. 460x60 static images that only do anything if
someone is stupid or naive enough to click on them and that affect
nothing outside their 460x60 bounding regions ought to be enough for
any HONEST advertiser. And the advertisers that don't mind not being
able to pull dirty tricks on surfers ought to be enough for any HONEST
web site operator.

If I see ONE MORE "pseudo-popup" that looks like a new browser window
covering half the content of the page I'm viewing, but can't be
switched from to the original browser window or closed like a real
popup ... ARRRGH. Those are especially awful as they make the host
page unusable. You can't close them, because clicking the fake "X" on
the fake window will just be clicking on an ad graphic, which means
you'll be whisked away to some even more awful site that will then try
to sell you something. Then you'd hit Back to read the original page
you wanted to read, only to find it covered by the pseudo-popup of
course... All you can do is scroll the host page under the spam and
try to read it by using the regions above and below the spam --
impossible if the host page is shorter than about two screens high.
And there's no way to block these pseudo-popups that I know of.

This is the sort of awful crap that results when site owners allow
their advertisers completely free rein to trample all over their
precious page design and all over users' rights. Trying to make ads
impossible to ignore or avoid clicking doesn't result in more sales
you fucking morons -- it results in every site you plaster with your
spam becoming really unpopular instead! And letting that kind of crap
be done to your site by your advertisers results in your site becoming
the one million, five hundred seventy-three thousand, eight hundred
seventeenth hit in my Google search that "returned 1,573,817 results
in approximately 0.2 seconds".

 

[Owen Jacobson]

news:[email protected]...

Our client has a flash-driven website, and they proivde API connection
which allows third-party tracking code to be initiated when events
occur in a Flash or DHTML based environement.
Client's HTML code includes a javascript file as
<script language="JavaScript" src="https://client.xxxx.com/
callback.js"></script>

[...]

Did I do anything wrong?
Any suggestion is appreciated.

Try asking in a JavaScript newsgroup (e.g. comp.lang.javascript)
instead of a Java one. The two are different languages.

Better yet, try dipping your head in a vat of concentrated sulfuric
acid.
MSN is evil.
Javascript is evil.
Anything "which allows third-party tracking code to be initiated when
events" happen is evil.
Anything with "third-party tracking code" at all is evil, and probably
automatically riddled with security holes.
Anything with "third-party" anything at all sets my nose twitching --
caught a whiff of Hormel canned meat products; could be spam!
If I ever mysteriously start wanting my web browsing subjected to
"third-party tracking" I'll go download one of the fine products made
by 180 Solutions, Gator, Zango, and similar businesses, tyvm.

Funny thing, this Internet. People will just blithely show up asking
how to do this evil deed or that nasty little prank or some dirty
trick or another as readily as they'd normally ask how to change a
flat or something. And the devil of it is, I bet they frequently get
useful answers, too, or why do it and risk exposure of whatever
questionable thing it is they are doing?

Of course I also have to wonder why anyone in their right mind would
either allow third party code to run on their web site or knowingly
visit such a web site. The site is in even more security jeopardy than
its visitors. Aren't third-party garish ugly fat blinking 460x60
animated gifs awful enough anymore? Must they be allowed to actually
include code, which might do just about anything? In fact I've already
seen terrible, terrible things -- advertisers rigging their ads to
block the surfer's browser from loading any more of the page hosting
their ad until the entire 570K animated gif has loaded from the dialup-
connected 386 in the spammer's basement; advertisers rigging their ads
to try to stealthily infect the surfer's computer with spyware;
advertisers rigging their ads to scribble outside of the bounding box
of the "place ad here" piece of the host page's design and render the
page (and often the ad) illegible in the process; advertisers rigging
their ads to hijack the browser from the host page somehow, usually to
a bigger and more obnoxious ad; advertisers rigging their ads to OPEN
POPUPS...EVEN ON FIREFOX WITH POPUPS SUPPOSEDLY TURNED OFF...

Third party code should be flatly illegal and punishable by 50 years
in prison and a $50,000,000 fine, split between the spammer and
whatever greedy web site operator allowed them to run arbitrary code
on their site. 460x60 static images that only do anything if
someone is stupid or naive enough to click on them and that affect
nothing outside their 460x60 bounding regions ought to be enough for
any HONEST advertiser. And the advertisers that don't mind not being
able to pull dirty tricks on surfers ought to be enough for any HONEST
web site operator.

If I see ONE MORE "pseudo-popup" that looks like a new browser window
covering half the content of the page I'm viewing, but can't be
switched from to the original browser window or closed like a real
popup ... ARRRGH. Those are especially awful as they make the host
page unusable. You can't close them, because clicking the fake "X" on
the fake window will just be clicking on an ad graphic, which means
you'll be whisked away to some even more awful site that will then try
to sell you something. Then you'd hit Back to read the original page
you wanted to read, only to find it covered by the pseudo-popup of
course... All you can do is scroll the host page under the spam and
try to read it by using the regions above and below the spam --
impossible if the host page is shorter than about two screens high.
And there's no way to block these pseudo-popups that I know of.

This is the sort of awful crap that results when site owners allow
their advertisers completely free rein to trample all over their
precious page design and all over users' rights. Trying to make ads
impossible to ignore or avoid clicking doesn't result in more sales
you fucking morons -- it results in every site you plaster with your
spam becoming really unpopular instead! And letting that kind of crap
be done to your site by your advertisers results in your site becoming
the one million, five hundred seventy-three thousand, eight hundred
seventeenth hit in my Google search that "returned 1,573,817 results
in approximately 0.2 seconds".

Wow, you really have gone off your meds.

 

[Twisted]

Wow, you really have gone off your meds.

Yep. I'm fairly sure that if I'd had my eight o'clock AM dose on
schedule I'd have blown up on "our client has a flash-driven website"
before even reaching the thing about "third-party code" and remarked
upon the evils of putting "a flash-driven website" at a public URL
where innocent surfers might accidentally stumble upon it and
subsequently wish they'd stayed in bed, died, kept one last round in
that gun to use on themselves after emptying the other five into the
advancing zombie hordes, or whatever.

Unfortunately, the frigging store was out of instant -> no caffeine
for me this morning...

Now you've made me look again at the original post. It makes me
shudder. And the sheer banality of the monstrous acts' description
reminds me of things said during the Nuremberg trials. They could at
least have acknowledged the enormity of what they were plotting by
writing like this:

"Our client has a flash-driven website ... muhahahahaha! It is steeped
in evil sorcery which allows third-party tracking code to be initiated
when events occur in a candle and pentagram based environment. Our
practitioner of the black arts' HTML code includes a demon-summoning
incantation as <script language="Mordor" src="https://13.6.6.6/die/
foolish/mortals/W32.InfectWithTyphus.A.exe"> which will turn their
visitors' machines into fresh zombies for the great necromancer
Akhalhepshut's mighty undead armies and enable the takeover of the
world! While driving their users insane, not to mention the Flash
making them go blind, so they are unable to resist the might of their
foes when at last our plans come to fruition, muhahahahaha! Our
enemies will crumble beneath our unstoppable might and our deadly
skills with Dot-Net-fu! We will prevail, and bring horrible
mutilation, hard drive failures, IRQ conflicts, disease, famine, and
death to all who oppose us! All hail Akhalhepshut! Muhahahaha!
Ahahahahahaha!"

But instead, they make being evil sound so ... *dull* and
*ordinary*.