
Mozilla working on in-page popup blocker for Firefox - rexbee
https://www.androidpolice.com/2018/03/12/mozilla-working-page-popup-blocker-firefox/
======
culot
Maybe some webmaster education to teach people that popping up a dialog
begging for Facebook follows or email addresses is generally considered a
hardcore dick move? Seriously, who decides to employ those dialogs? A
newsletter signup is best embedded in the page itself, as is any social follow
ads. To shove them in my face is always rude, and usually means not only am I
not going to sign up for your newsletter, but I'm to close out of your page
altogether. You lose, go home [and fix your jerky web design].

~~~
oblio
> Maybe some webmaster education to teach people that popping up a dialog
> begging for Facebook follows or email addresses is generally considered a
> hardcore dick move?

That doesn't work. Before Bayesian filtering and Gmail, 90% of my mail was
spam. The people who did it knew that it was wrong, they just didn't care. $$$
> almost anything.

~~~
petee
Imho the difference is that spam emails are a captive audience; keep sending
them, eventually you get a hit. And you can send new ones to the same person
repeatedly.

But irritating popups will ensure many will never come back - you've forever
lost your opportunity to even attempt to sell me something. Seems so illogical

~~~
oblio
You're assuming that regular people care that much about them. When you have
users with an Internet Explorer not that far from this one:
[https://i.stack.imgur.com/82hWm.jpg](https://i.stack.imgur.com/82hWm.jpg), do
you really think that several popups phase the regular users? :)

~~~
iratewizard
Internet explorer with a million toolbars seems to have been replaced with the
much cleaner tablet-as-a-Facebook-machine and a million freemium apps.

~~~
vorpalhex
"Steve needs your help in farmville!"

------
hotwire
I just have a bookmarklet to kill all "fixed" position divs.

I'm clicking it more and more these days - even those damn fixed navs that
take up a stupid percentage of the screen give me the shits.

If clicking the bookmarklet doesn't get rid of your stupid modal newsletter
sign up or annoying sticky nav, I'm just closing the tab.

Here's the bookmarklet btw:

javascript:(function()%7B(function () %7Bvar i%2C elements %3D
document.querySelectorAll('body *')%3Bfor (i %3D 0%3B i < elements.length%3B
i%2B%2B) %7Bif (getComputedStyle(elements%5Bi%5D).position %3D%3D%3D 'fixed')
%7Belements%5Bi%5D.parentNode.removeChild(elements%5Bi%5D)%3B%7D%7D%7D)()%7D)()

~~~
yourduskquibble
You may also be interested in my filterlist[1] project for uBlock Origin which
attempts to do this via CSS style overrides for many, many sites.

[1]
[https://github.com/yourduskquibbles/webannoyances](https://github.com/yourduskquibbles/webannoyances)

~~~
hotwire
holy shit dude.

if this is as awesome as it looks, i'm actually excited.

thank you.

~~~
yourduskquibble
No problem, I hope it works out for you! Feel free to spread the word to
others as well as provide sites that are causing issues for you so I can add
fixes to the list.

~~~
option_greek
Probably olark and other chat bot crap can be added too. They are mostly used
these days for pushy sales people to hook casual browsers.

------
nashashmi
It is sad that one of the most powerful CSS features ha been abused to the
point where it is now going to be blocked in finicky ways. Modal boxes are
quite useful in apps. And they are great for notifications.

But they are annoying when they block everything and prevent you from doing
anything further. (I'm looking at you WaPo). I used the clearly extension to
bypass things like this. And if that did not work I would go into Dev tools
and delete things.

I guess a machine learning approach might be a good approach. But would it
learn from all of the benign use cases when people are only reporting negative
stuff?

~~~
WorldMaker
Modal boxes are generally a bad user experience in every case. I'm not going
to advocate for blocking them entirely, but certainly I think web developers
are over-using them in general (beyond just the intentionally annoying ones
Mozilla is hoping to block), and its funny because desktop developers have
mostly _finally_ stopped using modals on Windows and Linux. (macOS feels
quirky and outdated here now by somewhat recently doubling down on modals for
things that don't need to be and probably aren't modal.)

Even for things like confirmations: a user might likely still want to see (and
maybe interact with) the thing they are confirming. For instance, if
confirming to delete an object, it's still helpful to be able to scroll to see
the entirety of the object to double/triple check that it is indeed the object
you plan to delete. A overlaying modal always interrupts the user's focus and
often gets in the way of otherwise useful information or actions before
confirming.

~~~
sly010
> A overlaying modal always interrupts the user's focus and often gets in the
> way of otherwise useful information or actions before confirming.

But an overlaying action-bar with a "confirm" button that otherwise allows you
to scroll before you delete would be a great middleground.

But how can a browser tell the difference?

~~~
WorldMaker
In this specific case of what Mozilla is trying to achieve, they are
researching the topic and looking for help. Mozilla doesn't sound like they
want to ban all overlays, just the obnoxious ones.

When I think "action bars", I tend to think of banners that expand into a
flexbox row or rows of my choosing and I don't overlay anything. If it is
meant to hide a part of the UI, it's better to hide or replace that UI
explicitly rather than cover it up graphically in an overlay.

Another reason to explicitly hide/replace UI instead of covering it
graphically is because that doesn't stop someone from interacting with that
covered UI, it just makes it more irritating to do so. I'm not just talking
about Dev Tools and similar "cheat" options, but not every user is necessarily
interacting with your site or application with sight/graphically. An overlay
doesn't stop a screen reader, for instance. (A lot of the modal popups that
Mozilla is hoping to block are entirely ignored by a browser's "Reader Mode",
which is sometimes my first attempt when I see one.)

------
cddotdotslash
I'm torn on this. On one hand, yes, these modals are some of the most annoying
parts of the web and are really ruining the experience on lots of pages. But
on the other hand, why should Mozilla (or any browser) get to start fiddling
with the content of web pages? If Comcast announced they were doing this, HN
would be up in arms about how they were modifying traffic. I'm aware of the
browser vs service provider difference, but the end result is the same.
Suppose Google decided that it doesn't like websites with bad color schemes so
it's going to have Chrome automatically update some websites to use their
material design style? Suppose Microsoft decides that websites with small font
aren't friendly enough to people with vision problems so they start upsizing
all font below size ten in IE? The point is - the browser should render what
it's given. If the user wants to modify that, use a plugin.

~~~
jdmichal
There's a reason that the more generic name for a browser is _user agent_.
That is, they are agents serving at the behest of the user, not the server.

> Suppose Microsoft decides that websites with small font aren't friendly
> enough to people with vision problems so they start upsizing all font below
> size ten in IE?

This is somewhat humorous for me, because one of the first things I do to my
Firefox installs is lock the font and set a minimum font size that I can read.
The most broken sites by far are internal ones at my company, where no one has
given a damn about usability or ADA. Most public sites handle it just fine.

~~~
kps
Ironically, the MDN (Mozilla Developer Network) description of minimum
contrast¹ fails the test it describes: in §1.4.3, the link is #3F87A6 on
#F4F7F8 (3.7:1) at 16px. (And the unicorn vomit in MDN's code samples is even
worse, sometimes below 3:1.)

¹ [https://developer.mozilla.org/en-
US/docs/Web/Accessibility/U...](https://developer.mozilla.org/en-
US/docs/Web/Accessibility/Understanding_WCAG/Perceivable#Guideline_1.4_Make_it_easier_for_users_to_see_and_hear_content_including_separating_foreground_from_background)

~~~
steveklabnik
MDN no longer stands for "Mozilla Developer Network", it's now "MDN: Web Docs"
[https://blog.mozilla.org/opendesign/future-mdn-focus-web-
doc...](https://blog.mozilla.org/opendesign/future-mdn-focus-web-docs/)

------
franga2000
The most annoying ones for me are the ones that trigger when your cursor
leaves the tab. TheHackerNews.com (unrelated to HN) does this constantly.
Would it be too drastic to just disallow mousemove events? I see no good use
for them outside of needless analytics and bugging users when they try to
leave your site.

~~~
LukeShu
Especially if a button isn't pressed. Allow mousemove between mousedown and
mouseup.

~~~
cpeterso
But what about web games that want to track your mouse cursor? Maybe the
browser could restrict mousemove events to handlers on page elements that the
user has clicked on? But then web developers would probably add an event
handler on the page itself and receive all mousemove events again.

------
Vinnl
Firefox extension: [https://addons.mozilla.org/en-US/firefox/addon/in-page-
pop-u...](https://addons.mozilla.org/en-US/firefox/addon/in-page-pop-up-
reporter/)

Chrome extension: [https://chrome.google.com/webstore/detail/in-page-pop-up-
rep...](https://chrome.google.com/webstore/detail/in-page-pop-up-
reporter/dkpphegmeomaffjanagefmejpeebfcmh)

(both for _reporting_ such pop-ups - the blocking hasn't been implemented
yet.)

------
zaarn
>Mozilla wants to make Firefox automatically detect and dismiss the popups.

That would be quite amazing, some newspaper outlets have that annoying inpage
popup that nags me on disabling adblocker.

And if you dismiss it, it shows up every 5 seconds. And that's not even
exaggerated. It was legit 5 seconds.

~~~
tannhaeuser
I hope they're careful with that. Modals could contain legally required
waivers such as for upcoming GDPR etc.

Edit: what endymi0n said in another subthread

~~~
Cthulhu_
I think those legally required waivers shouldn't be displayed as a modal but
as a landing page of sorts - a modal implies that underneath, the page itself,
including ads and trackers etc are already loaded. A proper cookie warning
thing should not be able to set any cookies or whatsoever before the user has
agreed to it. Of course, a properly designed website will grant access to its
content regardless of the user accepting or rejecting the cookie thing.

Second, if a user installs a plugin that automatically hides or rejects cookie
warnings / gdpr stuff, that's their own fault then.

------
solarkraft
I have had this extension installed for about a day and already reported
numerous in page pop ups. Not only does it feel good to help a blocking
effort, it's also a good vent for the anger caused by these things.

There will be a few fairly simple ways to block these - probably some
libraries or pieces of code reused by almost all websites employing these UX-
crimes. As mentioned before, maybe the solution is to just block mousemove
events.

------
anfilt
How about just make a time machine and stop the Netscape from creating JS. I
think it was a mistake adding a client side language to the web standards.

~~~
gsnedders
Then we'd have the web relying on VBScript. If you stop Microsoft from doing
that, well… the market was still changing quickly enough some other browser
might've done it and got traction.

~~~
megaman22
Microsoft would have eventually yanked VBScript, and we'd be coding in C# for
the browser now...

~~~
Cthulhu_
You know, I think that wouldn't even be such a bad idea. It's got types and
it's reasonably static, meaning it can be optimized a lot more than JS can -
in fact, Dart was created in part because its more Java / C#-like structure
could be run in a much more optimized fashion than Javascript could. And it
was invented (iirc) by the guy who made V8, so if anyone knows anything about
the limitations of JS's run speed, it was him.

------
reacweb
I think we need blacklists. When I access a URL, the browser should check if
it is present in the blacklist. If present, compare the reason of the
blacklist (for example adblock avoidance system) and check the associated
action specified by the user (for example, block the site or ask for a
confirmation). Users would be able to choose the blacklist he prefers and to
report missing sites.

~~~
billysielu
I want them filtered out of Google search results. Sick of going to them by
accident.

~~~
realusername
I would do that for Google Groups, the UI is so shitty I would like to ban it
automatically from all search results.

~~~
escardin
Have you tried the Personal Blocklist extension?
[https://chrome.google.com/webstore/detail/personal-
blocklist...](https://chrome.google.com/webstore/detail/personal-blocklist-by-
goo/nolijncfnkgaikbjbdaogikpmpbdcdef)

------
endymi0n
I‘m really curious how this will play along with GDPR, which will pretty much
absolutely need forced modals in order to to legally capture tracking consent.
It could also create interesting legal constellations: How do you prove you
asked for user consent when your client side code was blocked or modified?

~~~
a_humean
I don't think GDPR is going to be easily dismissed with modals asking for
permissions like cookie notifications were. Someone correct me if I'm wrong,
but if the user doesn't give consent (whether explicitly, or via a browser
blocking a modal) then unless that information was critical to the application
function then you __have __to provide the service anyway without downgrading
the functionality.

Its all explicit opt-in/implicit opt-out instead of implicit opt-in/explicit
opt-out. There are no consequences for the user if they opt-out, and it is
extra-territorial in its enforcement meaning it impacts any businesses in any
region handling European citizen data. GDPR seems to mean business from a
regulatory standpoint.

~~~
kevsim
This is correct except for the cases where a company can show "legitimate
interest" in which case it is in fact an opt-out rather than an opt-in [1].

And yeah, I agree - they mean business

[1] [https://www.gdpreu.org/the-regulation/key-
concepts/legitimat...](https://www.gdpreu.org/the-regulation/key-
concepts/legitimate-interest/)

------
yAnonymous
Shitty sites like Reddit hide the scrollbar until you manually click the
button that makes the popup disappear, so automatically hiding the popups is
going to break them.

I like it.

------
austincheney
Is this about actual popups, new windows with their own browser chrome, or
about modals? The graphics in the article reflect modals.

If Mozilla really wanted to block actual popups could do so directly by
directly removing the userland functionality spawns a new browser window.

~~~
endless1234
Actual popups not spawned from user interaction have been blocked for like the
past 10 years though

~~~
austincheney
When I worked at Travelocity we would find ways to prove this wrong as
necessary to create those hated popunders. Expedia still uses these.

------
atesti
I wish the browser could present a huge screen (2000px high or bigger) to the
webpage and render it. After that I would love to scroll this viewport without
the page even knowing about it.

This would resolve all problems with position fixed and also block the page
from showing real modals once scrolling starts.

------
AndrewStephens
Float-overs and ridiculous full-width bars are some of the most annoying
"innovations" that have appeared in recent years. But I don't see why browsers
have to do anything - the publishers clearly like the way their pages work and
consider it worthwhile.

Blocking things like this is different from blocking third-party advertising
in my mind. I should be able to stop my browser from contacting a third-party
site.

If the author of a page wants to see a float-over then so be it. I can choose
to close the tab and not come back.

------
wybiral
Detecting popups like this automatically seems like it will be more of a cat &
mouse game with developers trying to find ways around it and then a bunch of
legitimate use cases being blocked out.

And Firefox still hasn't fixed their issues with native popups: [http://fan-
pages.herokuapp.com](http://fan-pages.herokuapp.com) (WARNING: if you use FF
it may crash your browser)

~~~
shawndellysse
It would have been helpful to give a warning that simply going to that site
would crash my browser.

~~~
wybiral
Sorry, I didn't think it was that effective anymore. Updated.

btw Chrome seems to have some kind of protection against that dialog DoS. From
what I've been told Firefox actually downloads the content in the background
before you ever approve the dialogs (which is probably great if someone isn't
popping an infinite number of them).

------
IshKebab
How is this possible? Real popups windows were mostly blocked by only allowing
them in user event handlers (sketchy sites like bittorrent trackers can still
create popup windows because you have to click on the site at some point).

But an in-page popup window can be created in loads of different ways. I can't
see a general heuristic you could apply to detect them.

~~~
Cthulhu_
That's why (if you read the article) there's a browser add-on now which allows
you to report pop-ups, so that the creator can use that input as a blacklist.
Popular sites' popups should be easily blocked that way. Crowdsourcing the
patterns, so to speak.

------
option_greek
Worst offenders are iZooto guys peddling their crappy web notifications fixed
position dialog all over the Indian news sites. Solves no purpose other than
steal good amount of space on the screen. Waiting for either their junk
product to die or Mozilla to release this blocker soon.

------
dullgiulio
Makes me think of what you often hear that browsers are the new operating
systems. They definitely are, even in the worst vices: here we go, we also
need the antivirus now.

I think it is about time we rethink the whole web to the foundations. In the
meantime we can install Lynx.

------
JohnTHaller
This will be great coupled with Firefox's ability to turn off "get spam right
in your browser" (aka site notification) prompts.

------
sly010
Hopefully it will allow user triggered overlays.

------
spiderfarmer
It's sad that this is needed.

------
Feniks
On a side note my ublock origin went into overdrive on androidpolice. How many
trackers does a man need FFS?!

~~~
imglorp
I count 38 uBlocks and 13 Badgers. Yay.

~~~
adtac
I count 2 from uBlock. But then again, I have JavaScript disabled on all
domains by default; I just whitelist the ones I care about.

Life is infinitely better now.

