ruffle-rs / ruffle

A Flash Player emulator written in Rust
https://ruffle.rs
Other
15.68k stars 814 forks source link

Ruffle tries to access Google Ads slots #2754

Open perelowski opened 3 years ago

perelowski commented 3 years ago

Hello,

I noticed that when Ruffle is executed on a page with Google ads, it tries to access these ads' slots, that results in JS Console warnings. Maybe it's a waste of CPU cycles to access these slots?

Couldn't load Ruffle into IFRAME[https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6758345584634727&output=html&h=250&slotname=3352208742&adk=4176535108&adf=2422525935&pi=t.ma~as.3352208742&w=300&lmt=1611322755&psa=1&format=300x250&url=https%3A%2F%2Ffunkypotato.com%2Fcombat-instinct%2F&flash=32.0.0&wgl=1&adsid=NT&dt=1611322841744&bpp=2&bdt=1473&idt=301&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddfd202220d93bd6f-2201e46900b90087%3AT%3D1603193634%3ART%3D1603193634%3AS%3DALNI_MYd2egHqVGwxrg1apmDMSbqGmvA_w&prev_fmts=300x250&correlator=8343944273727&frm=20&pv=1&ga_vid=812733393.1583493929&ga_sid=1611322842&ga_hid=1509874826&ga_fc=0&u_tz=60&u_his=1&u_java=0&u_h=1050&u_w=1680&u_ah=960&u_aw=1680&u_cd=24&u_nplug=1&u_nmime=4&adx=849&ady=225&biw=1680&bih=487&scr_x=0&scr_y=298&eid=182982000%2C182982200%2C21068769&oid=3&pvsid=888789489336419&pem=890&rx=0&eae=0&fc=896&brdim=0%2C23%2C0%2C23%2C1680%2C23%2C1680%2C960%2C1680%2C487&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UWKYgTOkAr&p=https%3A//funkypotato.com&dtd=307]: SecurityError: Permission denied to access property "document" on cross-origin object

JamesAllgood commented 3 years ago

I had issues with Google AdSense registering triple the amount of clicks than normal.

This could maybe be why?!

Herschel commented 3 years ago

In general this is harmless, and we may want to ditch the warning message. We could possibly blacklist certain URLs from the frame polyfill (doubleclick.net).

@JamesAllgood Not sure how this would register as a click, particularly as the error means the frame is inaccessible, but maybe it's possible?

JamesAllgood commented 3 years ago

I don't know if it came about during an update but the Adsense issues (if its related) but it started 10th January so it could have been related to a build from then onwards maybe?

@Herschel if you could blacklist the doubleclick.net url that would then eliminate ruffle maybe doing anything with Adsense. Don't know how easy that is

ROBERT-MCDOWELL commented 2 years ago

have the same problem from the payment system Stripe whic I load a JS file from their website into an iframe but apparently they have a kind of mechanism that load the whole iframe parent too and complain when ruffle is there because of cross origin policy. I load ruffle from unpkg.com

n0samu commented 2 years ago

@ROBERT-MCDOWELL is this causing any problems for you besides warning messages in browser console?

ROBERT-MCDOWELL commented 2 years ago

yes, the JS engine stops and nothing can be used...

n0samu commented 2 years ago

yes, the JS engine stops and nothing can be used...

Sorry, I don't understand what that means. Can you explain in more detail and/or provide a link to your webpage with this issue?

ROBERT-MCDOWELL commented 2 years ago

arrrgh, it's accessible only with login pwd.... better I send them in PM, where?

n0samu commented 2 years ago

You can send me a message at nosamu#3385 on Discord, or I can provide an email address if you need it

ROBERT-MCDOWELL commented 2 years ago

@n0samu ok I checked again and apparently everything is working back, despite of the warning message

ruffle.js:1 Couldn't load Ruffle into IFRAME[https://js.stripe.com/v3/elements-inner-card-2bc4d5a45f3a668a8fe16fc888a2506a.html#betas[0]=acss_debit_beta_2&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][color]=%23000000&style[base][fontSmoothing]=antialiased&style[base][fontSize]=16px&style[base][fontWeight]=bold&style[base][::placeholder][color]=%23aab7c4&style[base][:-webkit-autofill][color]=%23aab7c4&style[invalid][color]=%23ff0000&style[invalid][iconColor]=%23fa755a&rtl=false&componentName=card&keyMode=test&apiKey=pk_test_0lQauM46r8DuDCwGGcQmbMgu&referrer=https%3A%2F%2Fsecure.boophone.com%2Fpayment_selection.lol&controllerId=__privateStripeController6671]: SecurityError: Blocked a frame with origin "https://secure.boophone.com" from accessing a cross-origin frame.

n0samu commented 2 years ago

Alright, sounds like everything is working as expected then. In the past, Ruffle had an option to disable polyfilling frames, which would get rid of this warning. But I guess it was too difficult to maintain so many polyfill options. And the warning is harmless so it can just be ignored. Ruffle is just warning you that it was unable to access a frame that you didn't want it to access, anyway.

ROBERT-MCDOWELL commented 2 years ago

as long as it does not hurt so let's forget it....