This won’t entirely stop sites which are properly trying to request the permission in the worst case, and the navbar icon is unobtrusive enough that if it gets spammed it’s no big deal.
Actually I think it makes sense to persistently show the notification icon in the navbar once the permission has been granted (same with mic, audio, and anything else) providing a quick glance at any privs that have been granted and an obvious way to revoke them.
The icons would then need granted and non-granted states, and perhaps even three states;
- Black : requested but not authorized
- Black with green check : granted
- Grey with red x: requested and denied
Agreed. If it's in direct response to a user action (a sync response to a click or a tap on an element smaller than 300x300px, for example), I think it's perhaps more legitimate to have a more visible indication, like a strip across the top. (I'd want the element size constrained to avoid issues with sites adding `onClick` handlers to the `<body>` element or similar.)
> Actually I think it makes sense to persistently show the notification icon in the navbar once the permission has been granted (same with mic, audio, and anything else) providing a quick glance at any privs that have been granted and an obvious way to revoke them.
I believe Firefox already does this. It also shows you privileges which you've explicitly denied -- for example, if you disallow location access, you'll see a slashed compass next to the (i) button in the Awesomebar.
We're talking about spammyness of a UI element because access requests are misaligned with user desire.
All you're saying is the site will pop up a request for access whenever I do anything, ok, how is that different to what we have no?
It's not going to be the norm, it's just going to be a few bad actors.
Doesn't mean we put up with spam everywhere else.
Mozilla has been promising to work on it and started a data collection program that I contributed to, but there are no news to share and the data doesn't seem to be publicly accessible. What a disappointment.
Thank you for contributing!
Do you have information about the progress of the project? How about a new extension that makes you click to remove the pop-up? The data collected that way could almost directly go into a neural network.
Do you happen to know whether there are extensions to automatically answer GDPR pop-ups (indeed while blocking in page pop-ups these should probably receive special treatment)?
So we use an ad-blocker to block a popup, which only appears because a browser vendor decided to hide a popup.
This is absurd.
Since then, there’s a lot of in-page popups asking the same, exactly as described above. No adblocker seems to be effective against them, and writing custom rules for sites I visit once isn’t sensible use of time...
But where should we put these non-popups? Perhaps we could have a dedicated bar for notifications, rss, and other services that a website offers, as well as any other relevant information. That way, we won't be clogging up the address bar. I'd happily sacrifice vertical 30px for that.
A "status bar", if you will.
I disagree. There should be no UI for these. A site should essentially say "click here to enable XXX" as part of the page. Anything else is essentially a pop-up. I don't want buttons or controls in my browser to be controlled by a web site. BTW that includes the back button - why browsers ever allowed sites to take control from the user is beyond me.
Then the site will just make their own annoying popup asking to enable notifications. By giving UI control to the browser, the browser vendor can decide how forceful it should be.
> why browsers ever allowed sites to take control from the user is beyond me.
These two statements don't fit together in my mind. Can you try to reconcile them so I can understand better what you're trying to say?
Because users wanted sites to be able to control that?
Guilty. I've started taking requests for permission to send push notifications as a strong signal that I've accidentally clicked on clickbait.
It seems that we've gone through a strange curve, early internet (up to the early 00's I'd say) was a pretty shady place with scams and malware around every corner if you weren't careful, then we had a decade of relatively smooth sailing as things settled a bit and the players who actually provided good service managed to take over (e.g. Amazon) but now these big players have a monopoly and they are getting greedy and start becoming actively user-hostile again.
I wonder what the next step will be.
Also, you can send ads using notifications and earn money.
That 19% of people are not monolithic. Probably some people understand what is going on, other people just realize it just another distraction, it is like having a homeless person try to sell you a macbook in San Francisco. A quality of life thing.
I think the use case for legit notifications is very small, thus the UI should be an opt-in, rather than an intrusive pop-up.
I never understood why browser makers gave it such a prominent UI, and of course in this attention seeking market it was bound to be abused. The new UI that Firefox is suggesting in the article is good, this should have been like this from the first day. I hope other browser vendors quickly follow.
I also have it enabled for a website that sends out notifications when they go live for their podcast, the google play music site has them enabled for me to show song titles and album art when the song changes, and Circle-CI has them turned on for when builds pass/fail, but for some reason that one only works when I have the tab open...
That being said, i'm more than happy with this new UI! It's easy enough to find that sites can implement directions for users to go enable it if they want, and it's not in everyone's face for every news site that spams asking for it.
Hopefully, with this browser change, they will.
It's a pretty fascinating feature set. You can attach images, update the content of an existing notification, attach buttons to perform custom actions, choose to make it silent or not... I think there is more utility than most implementations in the wild would suggest. One fascinating aspect of it for me is that you can do very time limited things (e.g. send election results) - users might be reluctant to download an entire app just for one evening of updates, but being able to send notification through the browser sidesteps that entirely (and more broadly, it puts a useful tool in the hands of people who can't afford native development).
That said, I agree that it's total madness that the default UI allows you to ask for permission on page load. We always had the prompt behind a button on the page and it worked great, so I think Mozilla have the right idea here.
It's actually really irritating the number of random websites that immediately popup an obtrusive notification prompt - I can only guess that they are hoping people accidentally click on the wrong button, and don't know how to disable it...
I know that's not what you're asking for, but it's something to build upon.
I'm building a tool that uses browser notifications to ping when something new is created. It only asks for permission, when a user clicks the button which is clearly labeled to "setup browser notifications". It also sends only 1! notification until the browser tab is opened again, to not spam.
The most annoying are news/blog sites. Who the hell actually clicks Allow? Like 1%? 2%?
That also includes people that just randomly accept any notification their computer gives them. This is older people who don't understand the specific permissions they are granting.
There was one time I was clicking on a navigation element right as a popup for notifications popped up and i accidently clicked it. I immediately went in and reverse the permission to block access, but I am sure there are use cases of accidental acceptance as well.
So considering all of that. My guess is that real intentional adoption is below 1%.
So, the browser vendors worked around this by making it prominent. I think the interface was actually pretty reasonable for these legitimate use cases.
Unfortunately, reasonable tools that capture traffic will always be abused.
A better idea is just to highlight the program in the task bar, as Windows XP did. In this case you can view the messages when it is convenient for you.
I agree the “Never” option could be more visible for some prompts, like notification.
For other things, like location data, where temporal access actually makes sense, I think making the “Never”-option less susceptible to accidental/blind clicking is a good idea.
Of course then they'll start showing weird UI pop ups to enable stuff, but if websites ever do that I will close them as I do with sites that tell me to disable adblock, the last few times I ever got malware on my system was due to ads, I am NEVER turning off adblock. This was many years ago, now I only download FLOSS just to keep it that way.
I've always loved digging into the settings when I get a new web browser, IDE, or whatever. I know a lot of people don't bother configuring their software, but it just makes me shudder to imagine living with whatever defaults the vendor sets.
Making it opt-in would still allow valid use cases for notifications, while not annoying users as it has become for sites that are just hoping ou would break down and accept.
I also hate that the only "negative" option is "not now". Why is there not a "never allow" option?
THAT reason is that simply people do not want to be notified. They value their attention in these times of constantly being bombarded by attention seeking prompts, ads and notifications, that if asked, people surely chose not not being bombarded more.
Some people might want push from news pages, but 97%+ don’t, so it makes no sense to request it immediately.
They probably even lose subscribers. Someone who read some content and liked it, decided that they want push may have already opted out because they didn’t know the site yet.
Second, Mozilla seems to use telemetry data responsibly and well. Turning off notification prompts by default can’t possibly be done unless you have the data on acceptance rate on different types of prompts. If you’re making such decisions based on your intuition you’d likely get it wrong.
I ask the folks on HN who constantly criticise the collection of such telemetry, what did I lose as a user when Firefox collected this anonymised data? More importantly, how would you have made a decision here without the data? Intuition? (I’d request that no one reply with platitudes like “with enough data nothing is anonymous” and “you’re making a nothing-to-hide argument”)
Case in point - jump lists were removed from start menu.
That said- why treat regular users unfairly by not optimizing for their use cases too?
I think you're off by an order of magnitude there. It's at least 100 sites that misuse it for every legitimate one.
I haven't seen any prompts since I changed that. Although I don't use this feature at all.
Also, one doesn't need telemetry to notice how notifications are abused on the web. You can just start a browser, visit top 1000 popular sites and count how many of them show the popup.
Also, it seems like everyone tries to abuse notifications. For example, Youtube app shows a notification when the channel you are subscribed to releases a new video. Is it so urgent, that you need to distract the user? They could show this information when the user opens the app.
Unfortunately that would make the telemetry non-representative. That said, it is opt-in when possible, if you consider "using Nightly" as opt-in (it's clearly explained before and after installing Nightly).
> You can just start a browser, visit top 1000 popular sites and count how many of them show the popup.
That doesn't tell you anything about what behaviour led up to a permission request that got granted vs the 97% that got ignored. Furthermore, it wouldn't have told them that the notification request is denied far more often by users than the webcam/mic request.
> Also, it seems like everyone tries to abuse notifications. For example, Youtube app shows a notification when the channel you are subscribed to releases a new video. Is it so urgent, that you need to distract the user? They could show this information when the user opens the app.
It would be nice to have data on when users revoke permissions again as well, indeed.
If you're talking about telemetry collection in general, and not specifically Firefox, then nevermind.
I don't find telemetry bad in any way, provided that it is non-identifying telemetry, so I don't mind that it's on by default. There should always be an option to turn it off for those that want to.
Many, many more applications collect telemetry than people suspect, and for every application you know of that collects it, there are a dozen that collect it without telling you.
You are right about notifications being over used. We've all gotten notification fatigue, now, because every website thinks it's own notifications are super important. I want notifications when major news events happen, when my wife texts me, and for nothing else. I do not, and will not ever, care to be notified the instant a website has new content.
It's actually just three clicks, and you can do so from the page itself. No need to go into settings.
Click the Lock icon left of the omnibar. On pages that request notification permissions (eg. reddit), you'll see a toggle for it. Along with any other permissions requested.
> they are actually.
The previous comment said that if it's not based on telemetry, then the intuition based decision is wrong. I am suggesting that if that's the case then we have to use telemetry before implementing everything. We should never have any feature without telemetry confirming it first.
You don't need telemetry to find out that notifications get abused like that.
You need telemetry to find out how users react to abusive notifications? Wow. I know that A/B testing is in vogue, but can’t they just use some common sense?
People despise abusive notification prompts.
People despise abusive location prompts.
People despised abusive popups to the point that every browser blocks them and websites started emulating popups via CSS to keep abusing their users (hi Medium!).
You need telemetry to find out how users
react to abusive notifications?
So no, it's not obvious to me everyone dislikes notification requests, even if I have them all blocked myself.
If you let curmudgeon developers like me dictate products' features sets based on intuition, there'd be no HTML e-mail, no third-party cookies, no WebGL, no emojis, no WebUSB.... :)
Common sense doesn't work here because everyone has a different perception of when these prompts become abusive or unwanted. Mozilla uses the data collected to determine how they can establish a rule to distinguish between abusive prompts and non-abusive prompts.
How users react to them is a good indicator if the prompt was abusive or not, most people will decline abusive prompts and accept good ones.
A simple "wait until first DOM interaction" will likely be not sufficient since a simple click on a text would then create the prompt. With more data you can determine a better rule.
That people despise these prompts is fairly obvious and exactly why Mozilla is collecting the data; they want to help people by establishing a good common ground rule for these notifications to be automatically blocked.
The decision seems very clearly based on the collected data.
That’s a huge assumption. I’m going with a smaller assumption that Mozilla wouldn’t publicly lie for no obvious gain.
You can get started here - https://github.com/Microsoft/vscode-extension-telemetry and https://github.com/Microsoft/vscode
I have no reason to look at Mozilla's source because their stated policy already admits they collect information that could be considered sensitive, under certain circumstances:
> Category 3 “Web activity data”: Information about user web browsing that could be considered sensitive. Examples include users’ specific web browsing history; general information about their web browsing history (such as TLDs or categories of webpages visited over time); and potentially certain types of interaction data about specific webpages visited.
> Pre-Release: May be eligible for default on data collection, provided there is an opt-out.
> Release: Default off. On a case-by-case basis collections may be eligible to be "default on" if mitigations are identified. Mitigations may include UX changes that make users aware of additional risk, technical mechanisms that remove the risk, or a risk assessment done of a case-by-case basis that determines the risk is limited.
So here we have mozilla admitting that their default-on telemetry in pre-release copies of Firefox may include browsing history. This is information that COULD be used improperly. That's not to say Mozilla is, but confirmation that they aren't would require independent audits of the organization and their security practices. Simply reviewing their press releases is not enough to conclude that they haven't misused sensitive information.
(Frankly I don't give a damn about VSCode, at all.)
So is its telemetry data: https://telemetry.mozilla.org/
At least make it a narrow bar across the top/bottom that doesn't obscure web site content and can be easily ignored. Perhaps better would be to make it a button like there is a button to favorite/bookmark a site. A dialog isn't even near the top of the list of good designs.
- Why are dialogs still a thing?
- Why is stealing focus still a thing?
Browser makers, operating system manufacturers: Stop it. Dialogs are hot garbage, and users ALONE should have control over input focus. If you need the user's attention flash/animate.
If you cannot make a thing without a dialog, focus lock, or focus theft then maybe the thing you were trying to make was inherently a bad idea.
Windows is terrible at this. I was running the Visual Studio Installer in the background and it stole key-input focus dozens of times, often going to black dialog boxes that immediately closed leaving focus on nothing.
This is a huge problem for Windows and Mac.
For example go to Reddit or Facebook, start entering text, the notification permission dialog will appear, steal focus, and now your key-presses go into a black hole.
The whole concept of focus-theft is an anti-pattern. Interestingly one mobile operating systems originally designed out but has slowly been creeping back in.
I removed it from my panel just so I'd stop waiting for these if I misclicked it.
And push notifications definitely fall into the "this is something you might wish to do to enhance page functionality" category rather than "this is something the browser needs you to action" category associated with dialog boxes.
Currently on legitimate and decently built sites I get a custom JS modal popup that asks me to accept the location request before they even request location access. They do this because otherwise their location request gets dismissed by users out of habbit and then people don't know how to reenable it.
It's shit UX.
Notifications and always on location access should be a bell icon in the url bar. Think YouTube notifications.
On top of that, there should be a "use location" html element that sets it's value to the current location when clicked. It would also be nice if that threw up a warning when proxy settings are detected.
That said, the bell icon not being intuitive doesnt stop YouTube.
Likewise, channels switched to "like, comment, subscribe, and don't forget to hit the bell." Literally overnight.
I just see this concern as a non issue.
Such people just click yes yes yes to these popups without reading them (thinking theyre EU cookie, T&C, privacy prompts, etc). Its a prime vector for malwartisements these days.
The "virus" in question was chrome notifications for spam/porn/malware probably from malvertisements embedeed in some websites. It took me several minutes to locate and disable them. You would think that chrome on android would give an option to disable an offending notification from the notification bar but no, you have to go digging in the chrome settings and scan through the permission list to find the offenders.
While i certainly think it is a useful api needed for the free web(i still prefer websites over apps which are essentially websites with undeleteable hypercookies), Mozilla and Google need to do a better job protecting the literally billions of people who are less literate (either in tech or english) from the cesspool that is online media.
Only about 1/4 of my phone screen was left displaying the content - which wasn't even enough space to see the post's title on my plus sized phone.
I closed the tab, because who has time for that?
I can never tell if websites don't know how many people get turned away by how awful their websites are, or if they know but figure its a good deal. (Maybe medium figures an X% drop in blog engagement is worth it if a few readers join their mailing list).
In the meantime I'd like it if all browsers added an option to automatically block all website notification requests. Firefox does this, and its great.
We're kind of at that stage with the web now. There's no perfume (yet) but there are auto-play videos. (Thank you Mozilla for fixing these.)
Having been told to implement aggressive exit-intent overlays on sites: I'm pretty sure it's the latter. A substantial amount of people don't bounce if you throw an annoying "do you really not want to know this secret?" overlay at them with an option saying something like "OK YES I WANT TO KNOW". I hate sites that do it, but for most sites, it's not tech-adept power users that make up the audience.
EDIT: Oh, right, inside the ublock options.
What is your version of uBlock Origin? That tab was renamed "Filter lists" a long, long time ago.
No. I don't want to ask you a question. You're a robot in the uncanny valley of English, and you're annoying me.
Thank goodness for the Kill Sticky bookmarklet. I could not surf without it nowadays.
With the notifications a 3rd party script is used to display a Yes/No prompt for notifications and only when you click yes on that prompt it triggers the browser's yes/no prompt. This allows the site to show you the notification request on each session while if they used the browser's native prompt they could only show it once.
Now I have noticed apps are showing in-app prompts that say "We need your location in order to quickly find rides near you. Do you want to allow location access now?". This then prompts the actual iOS permission prompt to show up if you accept.
Do a majority of sites do this? I have never seen it, but have seen the browser notification prompt several times
If users are interested enough in your content, they will find a way to opt-in for notifications like email; an opt-in for notifications button or even RSS. Why would website owners assume that users want to get notifications only after 5 seconds of visiting a random site?
It really is a shame to see how terribly these permission requests have been abused, especially by news sites. I see this is a push for engagement by management, and not sufficient pushback from developers against this dark pattern.
This is not a difficult feature to implement well, and we should know how to do it properly after years of mobile permission request design.
This should be the same for nearly everything, like:
- playing video/audio automatically
- location access
- direct GPU access
To make this suck less, the website should be able to request multiple permissions at once, with each permission able to be granted individually and websites able to put a short reason why each is being requested. Those permissions should show up in an easy to use menu for each site, like the TLS info button. Perhaps that same menu is the only way to enable/disable, so no popups, and all permissions are disabled by default.
It doesn't ask for the permission until you start a game or send a private message, though. I think the original version of the spec required an interaction before the permission prompt when I implemented it – I'm surprised the restriction was removed.
Pop-up is a bad way, the above proposal for (admittedly some more clutter) buttons in address bar is better.
I always avoided (or at least I try not) to provide any telemetry data, but in the case of Firefox, if these are the kind of improvements we may have, maybe I will opt-in for anon telemetry.
Is the voting-with-your-wallet era moving into voting-with-your-telemetry era?
Or at least, I mind these a lot less in theory, since it feels like they're rarely implemented this way. It's a golden opportunity for app developers to explain why they want to send you notifications, what benefit you'll get from it, and how often you should expect to be notified, and recipe sites are using it to trick you into effectively signing up for a mailing list.
However, it does execute code samples on the page.
That page has a code sample for requesting permissions.
As an aside I've often wondered why cookie permissions couldn't be moved to a similar model? It would create a much more consistent experience instead of the popup insanity we currently have across Europe...
On a related note, seems like desktop notifications would be a great venue for remote code exploits. Have there been any yet?
Example: Instead of calling a JS API to show a prompt for push notifications, you'd embed an [input type="push-permission"] element in your page. This element would render as a special button that grants you the permission once the user clicks on it.
However, embedding it into a context where the user would actually want to click it, is your responsibility.
It would still be possible to spam the user with "self-made" overlay popups, but this is already possible today. The button would also need protection against clickjacking, which, I think, can be done by restricting how it can be styled or layered.
If it were good:
1. Users would be very aware of the request or attempted use for any permission.
2. Users would be able to easily ignore that request without the permission prompt interrupting them.
It seems that browser vendors are struggling with a fairly simple UX problem.
- they distract attention
- they obstruct content below
- they disappear quickly
Also this allows the site to monitor whether user's computer is on or off even if all the tabs with the site are closed.
In Windows XP the way for an app to ask for user's attention was to highlight app's button on the taskbar (it also could flash several times which I never liked). While this is a little bit distracting too, it is still much better than Android-style notifications. With Windows XP, you can switch to the app when you have time.
Browser push notifications were designed with interests of developers in mind, not with interests of users.
A better solution might be to highlight the tab that needs user's attention and highlight browser's button on the taskbar.
On the other side, Android-style, annoying notifications might be easier to notice and understand for users who don't understand computers well.
I think Firefox devs should also consider switching from Android-style distracting notifications to time-tested solution from Windows XP. I don't think the ideas from the article will work.
For example, they suggest to show an icon in the address bar but there are already too much icons and users might not notice it. And if you allow to show permission popup only after click, then sites will show it after you click anything.
1. Go to Preferences, Privacy & Security
2. Scroll to Permissions > Notifications, click Settings...
3. At the bottom of the dialog window, check Block new requests asking to allow notifications
The permissions already granted will still work.
Finally! Some numbers from a respectable source showing that most pop-us are bad for user engagement.
And there's a button in settings where you can disable permission prompts for notifications globally.
Explain how it isn't true. I described a behavior with Firefox that's problematic and caused by 'automatic private browsing', which is what you get when you set 'never remember history'. When this is done it does not track state separately as you say.
Also, for more fun and unexpected behavior with that mode: https://bugzilla.mozilla.org/show_bug.cgi?id=513421
I think for commonly requested permissions that are not commonly accepted, they should just use a smaller, more discreet icon for notifying the user; one that doesn't hang down over the chrome and block/cover up the site. That way, it can be easily ignored.
It should be more obvious than the one they're using in that solution. Maybe something equivalent to an icon next to the refresh button or something. The text icon they had in #1 was probably /too/ easy to ignore.
Simple example: On one site I used to just type in my zip code (easy but explicit transfer of information) and it immediately zoomed a map to my specified area. Then one day they changed it to magical location tracking; now, before I can even enter the stupid zip code (still an option and all I ever want), I get a “STOP! Share location!?!?” kind of interaction first. I have to find it, close it, then enter a zip. I had the zip code in my head and would be able to type it in a second with no delay but instead, I am distracted. Or maybe I was copying and pasting. Everything about immediate form access was efficient.
All prompts have this problem. The potential for a prompt out of the blue makes direct actions slower, and any other case where a prompt might appear is going to be an undesirable interruption telling you about things you didn’t want happening anyway. User agents should be saying No to unreasonable requests for me, like a good manager.
 Of course I got into a shouting match on Twitter about it some time back: https://twitter.com/dmitriid/status/920293887746433024 and https://twitter.com/dmitriid/status/920373234104700931
Chrome already does this right with language translation: “do you want to translate this website?” “No”/“Never translate this site”/“Never translate French”
Do that with notifications And well never need to see that prompt again.
I realize I can categorically block all notification permissions, but there are some sites where I want to allow them.
IE, the only way to display the permission prompt is to put a button on the page, and then the permission prompt is only shown when the user clicks the button.
I disabled them and never see them anymore.
Safari's implementation could also be improved. The modal forces you to chose without the ability to cancel, and saves the website into your preferences, even if you just want to immediately close the tab.
I actually can't believe the browser vendors made basically the same mistake as the obnoxious JS "alert()"
How about communication apps? Or reminder apps?
As a web dev, I'm scared of having to learn the new dev tools (I'm gonna use the same primary browser for web dev as for everyday, realistically). Do you use the dev tools, did you find it easy to switch there?