tags:

views:

86

answers:

3
Q: 

Mystery: How does Google do cross-domain iframe communication?

Hi everyone,

When you host Googles web search element on a page, a div is created which incorporates an iframe which points to a Google adsense ads page. However, if there are no ads for the specific query, Google somehow changes the class on YOUR domain to render the div (and iframe) invisible.

They are NOT using postMessage, as it also works in IE7. They are also not using the fragment identifier method, as no hash appears in the url. So how do they do it?

To check what I'm saying just put the following into a regular html page:

<!-- Google Custom Search Element -->
<div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
 google.load('search', '1');
 google.setOnLoadCallback(function(){
new google.search.CustomSearchControl().draw('cse');
 }, true);
</script>

and then do a search for "cars" (or anything else that will definitely have ads) and then for "wzxv", which has no ads...

A: 

The script is included in your frame, so it can do to your page whatever it wants. Cross-domain restrictions only count for scripts in iframes referencing things in outer scripts from foreign domains. google.load('search', '1'); runs in your frame, owned by your domain, free of any restrictions.

MvanGeest  2010-06-15 21:59:13
As I wrote in my reply to Franci, the problem is that in order for it to hide the div, it needs to access the iframe webpage (which IS on a different domain!) to see that there are no ads. How does it do that?
Shraga  2010-06-15 22:33:24
Why does it? It can simply ask the Google server whether it will want to display ads in the iframe in the future, and not create the iframe at all.
MvanGeest  2010-06-16 15:58:00
A: 

The script fragment is executing in the DOM of your page, not in the ads IFrame. It creates the IFrame as a child element of the parent div in your HTML and sets its URL to load the ads, but since it's running as part of your page, it can also choose to hide the parent div instead.

Update: The script can easily run an Ajax query to the ad server and choose what to do based on the response. In fact, the script might be dumb enough to not even care about the response and just render it in the DOM and the ad server can just return another script that does the proper thing based on the result - hides the parent div or injects the ads iframe. Heck, the ad server can directly return the proper HTML to replace the whole parent div, if necessary. All the initial script needs to know and pass along with the Ajax query is the name of its parent div, which you pass to it as a parameter.

Franci Penov  2010-06-15 22:00:35
Franci,The problem is , that in order for it to hide the parent div, it needs to KNOW that there are no ads in the iframe! My question was, how does it know this...?
Shraga  2010-06-15 22:31:41
A: 

the answer is one word lenght: jsonp

stefano  2010-06-17 07:55:25

related questions

How can I get a history of the number of pages in Google's index for a particular site?
How can I get a history of a website's PageRank?
Integrating with Google Docs
Tool/framework for automated web app testing in Google Chrome browser?
Google Authentication API: How to get the user's gmail address
How to Crack Google?
How can I get Google Charts to display multiple colors in a scatter chart?
Best way to implement Google Custom Search on an aspx page
How to compile a java application which uses Google webdriver from comand line without ant
Biggest differences of Thrift vs Protocol Buffers?
Google maps style scrolling anyone?
How to make Flex RIA contents accessible to search engines like Google?
Blocking part of a website
Getting Good Google PageRank
How does google make make those awesome PDF reports in Analytics and when you print a Google Doc etc?
How do you implement a "Did you mean"?
Google using non-alphanumeric characters
how to get the googlebot to get the correct GEOIPed content!?
Using VLOOKUP in an array formula on Google Spreadsheets
The Google Calculator Glitch, could float vs. double be a possible reason?
Google Analytics Access with C#
Picasa Plugin
Java code for WGS84 to Google map position and back
Stand alone charts in GWT
Options for Google Maps over SSL