MichaelErmer/servead.js

## servead.js
var d = document,
    // ID of the TAG (also used in the src)
    t = 'demo',
    // get our ad tag as dom element
    // currentScript works for every browser but IE
    // in IE we try to get our tag by id
    p = d.currentScript || d.getElementById(t);

// FALLBACK for IE, if no id was set on the tag or tag is "used"
if (!p || p.hasAttribute("data-placed")) {
    var ds = d.getElementsByTagName("script");
    for (var i = ds.length; i > 0; --i) {
        var s = ds[i];
        if (s
         && s.src
         && s.src.match(t)
         && !s.hasAttribute("data-placed")
        ) {
            p = s;
            break;
        }
    };
}
// Create Iframe
var i = d.createElement("iframe");
// Mark Tag as "used"
p.setAttribute("data-placed", t);
// Insert Iframe after tag
p.parentNode.insertBefore(i, p.nextSibling);

var ad = 'some weird html code with a<script>alert("that is executed");</sc'+'ript>';
var frameHTML = '<!doctype html><html><head><title></title></head><body style="margin:0;padding:0">' + ad + '</body></html>';
if (navigator.userAgent.indexOf("MSIE") == -1 && navigator.userAgent.indexOf("Opera") == -1) {
    i.contentDocument.write(frameHTML);
    i.contentDocument.close();
} else {
    if (document.domain != location.hostname) {
        i.src = "javascript:var d=document.open();d.domain='" + document.domain + "';void(0);";
    }
    i.contentWindow.contents = frameHTML;
    i.src = 'javascript:window["contents"]'
}
	var d = document,
	// ID of the TAG (also used in the src)
	t = 'demo',
	// get our ad tag as dom element
	// currentScript works for every browser but IE
	// in IE we try to get our tag by id
	p = d.currentScript \|\| d.getElementById(t);

	// FALLBACK for IE, if no id was set on the tag or tag is "used"
	if (!p \|\| p.hasAttribute("data-placed")) {
	var ds = d.getElementsByTagName("script");
	for (var i = ds.length; i > 0; --i) {
	var s = ds[i];
	if (s
	&& s.src
	&& s.src.match(t)
	&& !s.hasAttribute("data-placed")
	) {
	p = s;
	break;
	}
	};
	}
	// Create Iframe
	var i = d.createElement("iframe");
	// Mark Tag as "used"
	p.setAttribute("data-placed", t);
	// Insert Iframe after tag
	p.parentNode.insertBefore(i, p.nextSibling);

	var ad = 'some weird html code with a<script>alert("that is executed");</sc'+'ript>';
	var frameHTML = '<!doctype html><html><head><title></title></head><body style="margin:0;padding:0">' + ad + '</body></html>';
	if (navigator.userAgent.indexOf("MSIE") == -1 && navigator.userAgent.indexOf("Opera") == -1) {
	i.contentDocument.write(frameHTML);
	i.contentDocument.close();
	} else {
	if (document.domain != location.hostname) {
	i.src = "javascript:var d=document.open();d.domain='" + document.domain + "';void(0);";
	}
	i.contentWindow.contents = frameHTML;
	i.src = 'javascript:window["contents"]'
	}