Where did I hardcode this? Header?

I am trying to get rid of some old JS for Facebook Messenger and for the life of me I can’t figure out where this is code is located. Appears to be in the header right before my logo but since I did this many years ago I can’t remember where I added it.


</script> <script type="d1d378bc895fa93d5bd4b0d7-text/javascript">(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = 'https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js#xfbml=1&version=v2.12&autoLogAppEvents=1';
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>  <script type="application/ld+json">
    "@context": "http://schema.org",
    "@type": "Organization",

Can be multiple situations:

  • Within an add-on and is living in database, ex: Custom Code
  • Into the files, and you can check in files with a simple search into an IDE editor, if you have easy access to your store files
  • Can be added from external sources like Google Tag Manager
1 Like

*I originally thought I did this in my custom code add-on but it’s not there.
*I don’t think I changed a file, then uploaded it as normally I would just change the code online if possible. Even so, I’m not sure what file I would be looking for (I usually use Notepad++ for finding lines of code like this).
*Not seeing where this is possible in Google Tag Manager (and this doesn’t seem familiar).

Found some old add-ons that weren’t being used but unistalled them just to be safe. Cleared the cache within the store and within Cloudflare. I have searched for hours before making this post since it’s driving me nuts on where it could be.

Can you please share in PM your website url and I can check also from external

That would be great!

Possible to be in old files from add-on Social Buttons, can you please check into


Please also check layout pages properties (Design → Layouts)

Well I feel kind of dumb but figured it out. I was at the point I was going through every possible file one by one when I got to /my_changes/hooks/index/scripts.post.tpl when I found the code. I was thinking I already deleted from there but I guess not. So went to delete it from there (again) and was still getting the script showing in the code. Then I realized I was seeing a CSRF Attack warning when trying to save the file so it wasn’t saving. Finally got is saved with that being blank so all is good now. Geez…many hours wasted for something so simple. Thanks for the help!

1 Like