The Traditional Way

Traditional methods rely on pre-scanning in a sandbox environment, or checking blocklists to try and catch bad actors before allowing code to run in a real environment.

Doesn't negatively affect malvertiser ROI.

Can't catch new or novel attacks.

Integration requires more effort and maintenance.

Bottom line: You spend your time chasing redirects, fielding complaints from unhappy users, and malvertisers keep outsmarting your barriers.