Strange Javascript In My Output

I am having weird JavaScript code being “injected” into my web pages. Example:

window.NREUM||(NREUM={}),__nr_require=function(n,e,t){function r(t){if(!e[t]){var o=e[t]={exports:{}};n[t][0].call(o.exports,function(e){var o=n[t][1][e];return r(o?o:e)},o,o.exports)}return e[t].exports}if("function"==typeof __nr_require)return __nr_require;for(var o=0;o<t.length;o++)r(t[o]);return r}({QJf3ax:[function(n,e){function t(n){function e(e,t,a){n&&n(e,t,a),a||(a={});for(var u=c(e),f=u.length,s=i(a,o,r),p=0;f>p;p++)u[p].apply(s,t);return s}function a(n,e){f[n]=c(n).concat(e)}function c(n){return f[n]||[]}function u(){return t(e)}var f={};return{on:a,emit:e,create:u,listeners:c,_events:f}}function r(){return{}}var o="nr@context",i=n("gos");e.exports=t()},{gos:"7eSDFh"}],ee:[function(n,e){e.exports=n("QJf3ax")},{}],3:[function(n,e){function t(n){return function(){r(n,[(new Date).getTime()].concat(i(arguments)))}}var r=n("handle"),o=n(1),i=n(2);"undefined"==typeof window.newrelic&&(newrelic=window.NREUM);var a=["setPageViewName","addPageAction","setCustomAttribute","finished","addToTrace","inlineHit","noticeError"];o(a,function(n,e){window.NREUM[e]=t("api-"+e)}),e.exports=window.NREUM},{1:12,2:13,handle:"D5DuLP"}],gos:[function(n,e){e.exports=n("7eSDFh")},{}],"7eSDFh":[function(n,e){function t(n,e,t){if(,e))return n[e];var o=t();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(n,e,{value:o,writable:!0,enumerable:!1}),o}catch(i){}return n[e]=o,o}var r=Object.prototype.hasOwnProperty;e.exports=t},{}],D5DuLP:[function(n,e){function t(n,e,t){return r.listeners(n).length?r.emit(n,e,t):(o[n]||(o[n]=[]),void o[n].push(e))}var r=n("ee").create(),o={};e.exports=t,,r.q=o},{ee:"QJf3ax"}],handle:[function(n,e){e.exports=n("D5DuLP")},{}],XL7HBI:[function(n,e){function t(n){var e=typeof n;return!n||"object"!==e&&"function"!==e?-1:n===window?0:i(n,o,function(){return r++})}var r=1,o="nr@id",i=n("gos");e.exports=t},{gos:"7eSDFh"}],id:[function(n,e){e.exports=n("XL7HBI")},{}],loader:[function(n,e){e.exports=n("G9z0Bl")},{}],G9z0Bl:[function(n,e){function t(){var;if(n&&n.licenseKey&&n.applicationID&&f&&f.body){c(l,function(e,t){e in n||(n[e]=t)}),h.proto="https"===d.split(":")[0]||n.sslForHttp?"https://":"http://",a("mark",["onload",i()]);var e=f.createElement("script");e.src=h.proto+n.agent,f.body.appendChild(e)}}function r(){"complete"===f.readyState&&o()}function o(){a("mark",["domContent",i()])}function i(){return(new Date).getTime()}var a=n("handle"),c=n(1),u=(n(2),window),f=u.document,s="addEventListener",p="attachEvent",d=(""+location).split("?")[0],l={beacon:"",errorBeacon:"",agent:""},h=e.exports={offset:i(),origin:d,features:{}};f[s]?(f[s]("DOMContentLoaded",o,!1),u[s]("load",t,!1)):(f[p]("onreadystatechange",r),u[p]("onload",t)),a("mark",["firstbyte",i()])},{1:12,2:3,handle:"D5DuLP"}],12:[function(n,e){function t(n,e){var t=[],o="",i=0;for(o in n),o)&&(t[i]=e(o,n[o]),i+=1);return t}var r=Object.prototype.hasOwnProperty;e.exports=t},{}],13:[function(n,e){function t(n,e,t){e||(e=0),"undefined"==typeof t&&(t=n?n.length:0);for(var r=-1,o=t-e||0,i=Array(0>o?0:o);++r<o;)i[r]=n[e+r];return i}e.exports=t},{}]},{},["G9z0Bl"]);

I managed to track it down to my new relic tracking, but was wondering how to disable it from my pages? Anyassistance would be greatly appreciated.



1 Like

@Aleeious Aleecious,

This is a script for New Relic Browser monitoring. It is necessary for getting Browser data. If you would like to uninstall Browser monitoring, you can follow the instructions here:

You can find out more about the scripts involved in Browser monitoring here:

@yschultz I am having the same issue. The problem is that this output is visible to the end user which is not acceptable. This shows up on a few pages of our production website (but not all pages):

; window.NREUM||(NREUM={});{"beacon":"","licenseKey":"235011xxxxx","applicationID":"754xxxxx","transactionName":"ZANRMRFSWxZZAEMMCV1JZhcKHFkKXwxCEUhbEl4J","queueTime":0,"applicationTime":35,"atts":"SERSR1lISBg=","errorBeacon":"","agent":"\/nr-686.min.js"}

I disabled browser instrumentation for the time being, but I’d really like to be able to collect these metrics. Any idea how to “hide” this code from the user?

For anyone needing to know, you can disable browser metrics by editing /etc/php.d/newrelic.ini (path depends on your environment and what app/platform you’re monitoring) and setting this:

newrelic.browser_monitoring.auto_instrument = false
1 Like

Hi @jason_ashby - since we’re monitoring activity in the browser, we use Javascript to do this. It’s analogous to something like Google Analytics. GA tracking code and any other JavaScript that you use in your site is visible to the end user. Like other tracking code, New Relic’s is minified to reduce load time impact. The JavaScript that you excerpted is a config block containing information about where to send data, with identifying information obfuscated.

Can you give us some idea of what your concerns are? Perhaps we can then find a way to address any concerns you have.

Hi @alexis -

I know that the end user can see javascript by examining page source, but the issue is that the js snippet I posted is being displayed directly onto my webpage. That piece of code is spit out as plain text right under the user login box on my site.

Well with that said, I can’t seem to reproduce this after reenabling brower metrics. I’ll come back with a screen shot next time it happens so its clear what I’m trying to explain.

I suspect I’m missing a closing php tag in my code, so most likely something on my end causing the js code to not be interpreted and instead spit out as text on the page.


Hey @jason_ashby - thanks for clarifying! We definitely don’t expect to see that in the HTML but “invisibly” in the page source. It sounds like you’ve resolved the issue for now, but we’re happy to help if it recurs.

1 Like

I am not sure about this. However it seems that this happened because of </body> tag hard coded in a JavaScript string. Please check your view-source whether you have something like that.
My solution is to var str = "</b"+"ody>"; instead of var str = "</body>";
Have not tested this yet.

1 Like

Hi @Muditha_Ediriweera - thanks for posting about your experience and your solution! Have you had a chance to test yet? Please let us know if you need help!

Hi Lisa,

Thank you for getting back. Yes the solution tested in the production server and work fine.

I have small suggestions as well.

It would be great if your development team can capture the last tag of the page to render the tracking code. Otherwise when ever there is a </body> tag in the middle of the content (even in a comment) it tries to set the script and break whole page.

That makes sense to me, @Muditha_Ediriweera - I will go ahead and submit a feature request for that modification!

This worked for me too. Thanks.

1 Like

Glad that solution is proving successful for so many! @jackmcpickle :blush: