I was wondering why ad's still use the document.write approach to inserting the add into the page
<script language="javascript" type="text/javascript">
document.write("<script type='text/javascript' src='http://addomain/someadd.js'><\/sc" + "ript>");
</script>
Why is it that I can't just put
<script type='text/javascript' src='http://addomain/someadd.js'></script>
In place of the ad?
A traditional script tag will block the page while it is loading and executing. A script loaded with document.write will work asynchronously. That's why you see this on ads or analytics, as such scripts don't influence the page content directly.
I work with a web advertising company, and from what I've heard, certain browsers (don't know off hand which ones) will allow you to drop script tags into the page, but won't allow you to automatically execute their contents.
So, to pull this off, you need to break the script tag into pieces so the browser doesn't treat it as a script tag, but rather as any old HTML Data. Then, as the DOM is processed serially, the next thing it evaluates, after writing out the script tag is... hey, that script tag you just wrote out.
At this point the script tag is evaluated and executed.
Often these document.write injected scripts have dynamic strings attached to them to bust out of caching, or to send some info about the client to the ad server. I suspect your example started out as something like this
document.write("<script type='text/javascript' src='http://addomain/someadd.js?"+extrastuff+"'><\/sc" + "ript>");
but got tweaked over time, or was copied and modified by someone who didn't understand the extrastuff bit. But as you've written it there is no difference: the two ways you cite in your question are functionally the same.
I stand corrected, doc.write created scripts are blocking - worse than I though heh :) - but as an adblock avoider it's really weak, so I can only conclude it's an SOP mechanism for dynamically adding params to a script request overused.
Use the DOM insertion technique when avoiding script blocks kids.
This method avoids loading the external script if active scripting is disabled.
I don't know for certain, but they might use it so all the content on the website is loaded and shown to the user first, then the ads are loaded and shown.
To match this with regex and to remove is easy :
<script type='text/javascript' src='http://addomain/someadd.js'></script>
but the other is more complex and can be written in different formats.
I think this is the reason.
IMHO, that's not only pointless, but even incorrect. Angle brackets are not escaped, which'll render document technically invalid HTML (even though it'll work in all major browsers, because they try to recover from coders' errors). And in case one's serving his site with XHMTL pages as application/xml+xhtml, document.write() just won't work at all.
A way to make it somewhat less likely their add is blocked.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 仙女界的扛把子 的文章《Why use [removed]?》','https://www.manongdao.com/article-339799.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}