I put ads on my webpage and they display fine, but I get this error spammed in the console on load of the page:
Blocked a frame with origin "" from accessing a frame with origin "". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.
From searching around, I find that this is because AdSense has SSL while my site does not, and there's not really any way to fix this -- but I'm sure there is. Any help would be appreciated. Thanks!
I put ads on my webpage and they display fine, but I get this error spammed in the console on load of the page:
Blocked a frame with origin "https://googleads.g.doubleclick" from accessing a frame with origin "http://fakemail.site". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.
From searching around, I find that this is because AdSense has SSL while my site does not, and there's not really any way to fix this -- but I'm sure there is. Any help would be appreciated. Thanks!
Share Improve this question asked Nov 19, 2016 at 21:58 Jamsheed MistriJamsheed Mistri 4191 gold badge4 silver badges19 bronze badges 2- I have a sneaky suspicion that this is another way to encourage us to all go HTTPS. – Yzmir Ramirez Commented Feb 6, 2017 at 17:00
- 1 Haha yeah... the new Chrome version will be marking all HTTP sites as insecure... so that won't be fun. – Jamsheed Mistri Commented Feb 10, 2017 at 4:15
1 Answer
Reset to default 5This is due to the javascript same-origin policy(its a security policy). You would need to add CORS headers to enable cross origin requests, how you would do that depends on what server you are using.
You may also have to change your call to google-ads to be http instead of https (if google allows it) or better yet, omit the protocol like this //googleads.g.doubleclick this makes it default to match the protocol of the current page.
These errors are usually safe to ignore (the google's youtube API also throws a same origin error and operates normally)however I'm not familiar with the double-click ads one.
Heres some great reference for more info on CORS and Same-origin policy https://developer.mozilla/en-US/docs/Web/HTTP/Access_control_CORS https://developer.mozilla/en-US/docs/Web/Security/Same-origin_policy
PS. Make sure all extensions are disabled when testing, especially ad blockers - just noting it since its a mon mistake.