Mistri Mistri - 8 months ago 324
CSS Question

Blocked a frame with origin "https://googleads.g.doubleclick.net" from accessing a frame

I put ads on my webpage and they display fine, but I get this error spammed in the console on load of the page:

Blocked a frame with origin "https://googleads.g.doubleclick.net" from accessing a frame with origin "http://fakemail.site". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.

From searching around, I find that this is because AdSense has SSL while my site does not, and there's not really any way to fix this -- but I'm sure there is. Any help would be appreciated. Thanks!

Answer Source

This is due to the javascript same-origin policy(its a security policy). You would need to add CORS headers to enable cross origin requests, how you would do that depends on what server you are using.

You may also have to change your call to google-ads to be http instead of https (if google allows it) or better yet, omit the protocol like this //googleads.g.doubleclick.net this makes it default to match the protocol of the current page.

These errors are usually safe to ignore (the google's youtube API also throws a same origin error and operates normally)however I'm not familiar with the double-click ads one.

Heres some great reference for more info on CORS and Same-origin policy https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

PS. Make sure all extensions are disabled when testing, especially ad blockers - just noting it since its a common mistake.