Web Site "Lock-In"

Danborg writes "There's a great article over at ZDNet about annoying web sites that lock surfers inside a web site once they arrive. This practice, started by porno site operators, appears to have gone mainstream. Formerly respectable corporate sites like Home Depot now lock you in, disabling the use of the "Back" button. Fortunately, Top9.Com has generated a list of the offending sites. Is it a legitimate marketing technique? Or a highly annoying example of poor web site design?" I run into this dozens of times a day while reading story submissions. It never ceases to amaze me (but then again, old versions of Slashdot did the same thing, so who am I to judge?)

Javascript

[Eponymous,+Showered]

Since all this whack-a-mole stuff is javascript-based, it would cool to have a feature to disable javascript by URL/domain. In fact didn't I hear that Mozilla may have that feature?

Re:Javascript

[Eponymous,+Showered]

Actually, it doesn't appear that Home Deopt "locks you in" with the standard whack-a-mole javascript crap. It appears to have several redirects, but I can hold my back button down (Netscape) and get back to familiar territory - /.

Re:Javascript

[Jaborandy]

You may be dismayed to learn that this is a feature of Internet Explorer. With Security Zones, you can set any url or domain to be in a particular zone, and have javascript either on or off in that zone. I use this method to tame cookies. My "trusted" zone is set to be much like medium-high security, except I get to approve all cookie dropping. Other zones do not even prompt me, they are just denied. When I see a legitimate use for a cookie, I "trust" that site to prompt me. The configurability of this system lets you do a lot to make your system more secure than the default.

--Sandy

Re:Javascript

[Eponymous,+Showered]

Folks, none of the sites on Top9 were Javascript whack-a-mole stuff like the header of this article implies. They're all just pages that use a 0 second redirect. I've even had to do this on sites I've built - not for the effect of locking people in, but to jump database instances in the case of the Oracle Application Server (web server). Now, these other sites may have an ulterior motive, but a 0 second refresh is much lesss onerous, IMO, than javascript popup hell.

Re:Javascript

[Golias]

Most browsers have a history pull-down, too. I've always found that the quickest way to get past those instant re-directs.

9 times out of 10, this is just bad software design. "Never ascribe to malevolence..." ah, hell. You know how the quote goes.

If they were operating like the shady Java sites, then the back button would kindly open 12 windows of ads for you, to boost hit counts.

Re:Javascript

[chaobell]

Here sir we come to reason #19382 why I usually keep Javascript turned off, period. Javascript in and of itself isn't a Bad Thing, it's just that a) few people know how to use it in a non-annoying/non-browser-choking manner, and b)of the ones that DO know how to use it right, very few choose to do so and when you get right down to it, just what do all those flashing lights and mouseover geegaws and scrolling status bars add to a site, anyway? Let alone fifteen new popup windows touting other pr0n si^H^H^H^H^H^Hassociated products?

Re:Javascript

[schmidt]

Since there is about a zillion porn sites out there it probably won't help a lot to disable Javascript by domain (unless an updated list of domains can be obtained automatically from somewhere).

Instead I would suggest a button on the navigation toolbar (e.g. instead of the Shop@Netscape button :-) that could temporarily disable/enable Javascript in case one should be "locked in". The function is already present in most browsers, but it is just hidden deep down in the preferences-editor.

Re:Javascript

[RadioTV]

How about just being able to turn off some Javascript commands. I don't mind mouse-over and text on the status bar, but I would like to be able to stop the new windows.

Re:Javascript

That would actually be useful if you could have as many "zones" (security policies) as you want, but IE allows exactly four--one is the default, another is "local intranet" (a sure sign the authors don't know what the word "network" means), leaving you with only two distinct policies you can assign to an arbitrary URL. And it's still missing obvious per-zone policy options like "allow fetching and rendering these Content-Types" and "send Referer: header" and "send User-Agent: header" and "ignore these often-abused HTML elements".

Re:Javascript

[Eponymous,+Showered]

Indeed, I'd love to turn it off, but what about the sites that, for example, use it to redirect you based on a choice in a dropdown list. It's an abomination of UI design, but when a site like oracle.com does it, I'm stuck with leaving it on. Can't wait to disable by domain (on various platforms).

Re:Javascript

[BorgDrone]

I would like it off too, but I often visit 2 fora which run The Ultimate Bulletin Board. and 80% of the HTML code is generated on the client side by javascript. (how's that for a bad design).
If javascript is turned off , the forum looks like a big mess.

---

Re:Javascript

[Cramer]

First off, Top9 is smoking weed if they think a lazy redirect is "capturing" a browser. They have obviously never gone to a porno website and seen what "capture" really is. (Note: disable everything before going on a porno walk-about.)

Personally, I find all the lame-ass javascript and meta-refresh redirects a serious pain in the ass. It's ranked just below setting the expiration tags on pages to before you download the page. And a recent addition (landing at number three) is the "neat trick" some assholes put in their page(s) to resize the browser to the size of your screen. (This little "feature" has forced me to make fvwm an absolute nazi.)

Re:Javascript

[ToiletDuk]

What's even worse than that are the sites that use JavaScript to completely disable right-clicks within the browser window, under the guise of preventing people from "copying copyrighted graphics and text".

Nevermind that you can still do a printscreen to grab graphics, or view the source to grab text. Not to mention the fact that it completely removes all user-friendly enhancements from the browser. No right click to launch in a new window, or copy a URL, or anything useful like that.

• _____
• 
  ToiletDuk (58% Slashdot Pure)

Re:Javascript

[DHartung]

In fact, Microsoft offers a freebie add-on called IE5 PowerTweaks. Among other things, the handful of tools includes menu items (on the Tools menu) called "Add to Restricted Zone" and "Add to Trusted Zone". This lets you manage your cookie-and-javascript-enabled sites without messing around in the "Security" dialog box for five minutes.
----

Re:Javascript

[mitheral]

The following code in junkbuster/proxomitron will remove the right mouse click disable "feature"

Name = "Allow Right Click"
Active = TRUE
Bounds = "<script*</script>"
Limit = 256
Match = "*document.onmousedown=*"

Something I find very handy as lots of sites have picked this annoy habit up. I notice because I have no standard tool bar showing on IE; I use right mouse clicks to move back/forward

Re:Javascript

[mitheral]

Lots of command allow/disallow can be done with a proxy. I use Proximitron which is a GUI ontop of junkbuster. Anyone who can write a regexp can disable any commands they like.

Re:Javascript

[Idolatre]

This is one of the most annoying things I've seen on the web. When I click an URL and see I'm not interested, I want to be able to go back to where I was before. There must be a better way to do this (jump database instance).

Re:Javascript

[gwalla]

I'm on UBB-based boards all of the time, and I've never had a problem with this. There are some things that disabling JavaScipt makes more annoying (like having to retype my password every time I post something), but it's still usable.

---
Zardoz has spoken!

Re:Javascript

[jkovach]

Somebody mentioned Proxomitron - you can get it at http://proxomitron.tripod.com but you have to use Windoze.

Re:Javascript

[Miguelito]

Personally I think those guys at top9 are just morons. I tried everyone of the "red padlock" sites (on the top9 lock in list) that are supposed to completely lock you in... and got out of every one by simply holding the back button down to get a history list.

Re:Javascript

[Duckie01]

The following code in junkbuster/proxomitron will remove the right mouse click disable "feature"

That's very cool. Thank you.

Re:Javascript

[David+P]

But it's still useful nonetheless, no?

---------------

Re:Javascript

[ncc74656]

Actually, it doesn't appear that Home Deopt "locks you in" with the standard whack-a-mole javascript crap. It appears to have several redirects, but I can hold my back button down (Netscape) and get back to familiar territory - /.

Top9 mentioned UPN as an offender. I tried it...while casual clicking of the back button will more than likely keep you on UPN's site, if you hold down Backspace (IE), you'll break loose. You'll probably end up going back through dozens of previously-viewed pages when you do this, though. (It'd be like putting your car up on blocks in your garage, firewalling the throttle with the tranny in Reverse, and kicking the blocks out from under the car, at which time you'd crash through the garage door and probably slam into the garage across the street. :-) )

_/_
/ v \
(IIGS( Scott Alfter (remove Voyager's hull # to send mail)
\_^_/

Re:Javascript

[troeg]

Always "open in a new window" when visiting these sites!

Re:Javascript

[toriver]

There must be a better way to do this (jump database instance).

There is, it's called HTTP redirect (status 301, 302, 304 etc.) and has worked since HTTP 1.0 was introduced.

But using it requires a minimum of technical knowledge, which web-DUH-signers aren't equipped with. :-)

Re:Javascript

[toriver]

use it to redirect you based on a choice in a dropdown list.

Pester the webmasters to tell the authors to add a small "submit"-button/image next to it. java.sun.com (ironically) used to have the same problem, but they learned the errors of their ways, and now feature small "go" images to click.

Re:Javascript

[mog]

Don't use IE! Use netscape/mozilla, it has no such "features". I use netscape/linux for all my browsing, works very well.

Re:Javascript

[Grimoire]

Ever visit a site that uses the ever so illustrious Actuate reporting software? Almost the entire page is generated via JavaScript.

Re:Javascript

[CBAS]

"graphics and text" ... syuuuure, you mean warez right? ;-)
anyway, just hold the right mousebutton down and hit the spacebar when the popup, euh, pops up.
The release the right button and voilà, the menu.

Also you might want to try that funky button (or shift+F10) between the right winkey and control. (just press TAB or F6 a few times if the page is framed)

Anyone else got some handy shortkeys?

Re:Javascript

[mitheral]

Sorry All I was confused. Junkbuster is not related to Proxomitron; it must have been one of the other packages I looked at. Proxomitron allows your to do on the fly find and replace of text in web pages; usually tags but you can do anything. Unfortuately Proxomitron is only availiable for Windows 9X/NT and is closed source.

As to where you would put the code: it goes into which ever filter set you wish it to appear in. Usually your default.cfg. Add it under Web Page filters.

I also have some other custom filters to do things like speed up the auto download on Tucows; show table borders and block specific personally offensive images at some sites. Email me if you'd like to take a look at my default.cfg.

Wouldn't matter much on slashdot

[treke]

Since slashdot comes up as my home page there isn't anywhere to go back to :)
treke

lock-in unofficial workaround

[banky]

(Unix/Mac) Click and hold the back button until the list of previously visited urls appears. Select one.
(IE/Win32)RIght click to select previously visited URLS.

If you don't know this, its time to give up and become a Luddite.

Seriously, though, I was so glad when Mozilla added this, as I almost can't live without it, to deal with "lock-in".

Re:lock-in unofficial workaround

[pe1rxq]

(IE/Win32)RIght click to select previously visited URLS.

Shouldn't this be:
(IE/Win32)keep pushing back, you don't deserver better? :)

Jeroen

Re:lock-in unofficial workaround

[phossie]

...or why i always open links in a new window. want out? close the window, stop the code. almost as irritating as slideshow-style sites with identically named pages.

it takes a certain mindset to 'lock' in users to a site, not to mention two minutes that could be spent more productively. i've seen some bad design on the web, but this really is one of the worst examples. what's the point? is that supposed to make it easy to dynamically update the site if you're an idiot operator?

Re:lock-in unofficial workaround

[consumer]

Mozilla didn't add this. It's been in the standard Netscape Navigator for years.

Re:lock-in unofficial workaround

[pezking]

using netscape, I usually use the keyboard shortcuts to navigate like alt-left or alt-right to move around in the history. To get out of trap sites, you can usually just hit alt-left a bunch of times in a row quickly to get back before the trap page is able to refresh on you. You just have to be careful not to overshoot your goal.

Re:lock-in unofficial workaround

[hackerzrus]

Um, there is also the "go" menu at the top of Navigator...

--

Re:lock-in unofficial workaround

[styopa]

You could use the alt-left alt-right, so long as you aren't working with Solaris 7 or greater, or you haven't set those as hot keys. The CDE included in Solaris 7 and 8 have alt-left and alt-right hot-keyed to move to the next desktop.

Re:lock-in unofficial workaround

[Valdrax]

This has not been in standard Navigator. You can turn on/off Javascript globally, but not on a permanent per-site basis. If you try out Mozilla, you can see this feature already in use for cookies. Set your browser to ask first about whether to accept a cookie, and you'll get a prompt about whether or not to accept a cookie from a site. There will be a checkbox about whether or not to remember this decision for the future. This determines the behavior for all cookies from that server for the future.

This means you can always accept cookies from Slashdot or your favorite web retailer, but never accept cookies from DoubleClick or the advertising monster of the day. Having the ability to do this with Javascript too would be wonderful. There are a number of add banners that use Java and Javascript that screw with my browser that I'd love to be able to say good-bye to forever.

Re:lock-in unofficial workaround

[consumer]

Javascript? Cookies? What are you talking about? This thread is about the back button, and the feature that lets you hold it down to get a pulldown list of previous URLs. This feature is in Navigator 4.

Re:lock-in unofficial workaround

[ddstreet]

Using 'Go' in netscape or (I think) 'history' or something in IE is equivalent.

Re:lock-in unofficial workaround

[Valdrax]

Whooooops... Wrong thread.

Re:lock-in unofficial workaround

[pezking]

I believe that in this case, shift-alt-left and shift-alt-right work, but I might be wrong.

Home Depot = Oh my.

[sulli]

Well, when I clicked on Home Depot, it got stuck in an endless loop of redirecting to itself - I think it was trying to do a single redirect, making itself the "last visited" site, but just kept going and going and going. Maybe they're trying to inflate their Media Metrix scores, I dunno.

It's a good thing this doesn't happen in the bricks and mortar world -- oh wait, I forgot, Home Depots are cropping up everywhere!

sulli

Locking in

[Todd+Knarr]

Well, I wouldn't prevent them from trying. But then, their tricks only disable the Back button, not the history list, so I just pull that down and leave the site and never come back. Rule #1 these guys need to learn: make it difficult for the customer to do what he wants, even if that's to leave, and you will lose that customer and 10 others. Marketing 101.

Re:Locking in

[thaigan]

Wal-Mart makes it difficult to find what you're looking for, pay for what you're looking for, and find you're way out, but everyone keeps coming back for the price.

Re:Locking in

[VaporX]

I can always find what I'm looking for, pay for what I've found, and find my way out of WalMart. Maybe WalMart is just too advanced for you. Start simpler, maybe try 7-11. There's only 4 or 5 aisles and the cash register is always visible.

Re:Locking in

[b0sst0ne]

Just freaking "right click" and click "back". Problem solved.

Re:Locking in

[troeg]

Ha! Funny and true!

Re:Locking in

[NoMaster]

I remember reading many years ago that this is a central tenet of shopping centre design - you can't escape the need to go into a shopping centre from time to time, so once you're in there they make it slightly difficult to get back to your car. The whole effect of this is to make you spend as much time as possible inside on each trip, spending money like a good little consumer...

Remember, they don't exist to be nice to you - they exist to make money. From you...

Just Poor Foresight

[Whyte+Wolf]

After all, who's going to continue to frequent a sight that continually spawns browser windows after you've exited. What's irritating in porn sights, might very well sink a business as it drives customers (especially non-technical end users) away.

Hell, I've had several of these types of sites cause fatal errors in my browser and crash it. Not a smar idea if you want me to buy your products or services (or whatever)

The heart of the problem, IMHO, though is that far too many business look to the corporate website as a gimick and not a true marketing tool. I've had this fight myself--and after I left my last position, the company butchered the website I'd spent 3 months coding.

Ah well, as with all things, the proof is in the pudding (not to mention the HTML)

Re:Just Poor Foresight

[Tester]

Netscape.com has been doing it for years... And I dont think that's what explains their downfall...

Tester
mozilla shall rule....

Re:Just Poor Foresight

[zeck]

I don't think the continual spawning of windows is the issue here (although it certainly is annoying). Home Depot's site just redirects you immediately to their main page, so that when you click the "back" button, it takes you to the page that redirects you and you end up looking at the Home Depot main page again.

Re:Just Poor Foresight

[felis_panthera]

As proof of his statement about Marketing thinking the web is just a gimick. I'm the guy who took over his position at this High Tech company. After he left the website sat dormant. I have the necesary skills (if not the experience) to maintain the site. They didn't notice. When we hired a new marketing person, straight out of college she is, they got her to start working on the website. She has never done a website before. They finally got one of the cobol programmers to work on it with the marketroid designing the site.

This is just a single example in a host of sites where marketing does not realize the full potential of a web based marketing tool. Ahh well, at least Whyte Wolf has the satisfaction of knowing he was right, and all the marketroid, Bill Gates wannabe's in our office were wrong. Aren't I right Whyte Wolf??

Re:Just Poor Foresight

[eddy+the+lip]

The heart of the problem, IMHO, though is that far too many business look to the corporate website as a gimick and not a true marketing tool.

Only too true. Almost every one of our clients (generally corporate robber baron types) have at least asked about how they can keep people from leaving their site. Fortunately, the worst I've had to deal with so far is the directive to make sure there were no links to other sites. Stupid, sure, but at least it's only hurting themselves.

There are some very simple rules about web site design:

• never piss off the user
• pointing to the outside world increases your value, thereby increasing visits
• make your site downgrade gracefully.
• don't rely on cute client-side tricks

I mean, really, is that so hard? Oddly enough (or depressingly enough), the one we have must trouble explaining to clients is the first.

Re:Just Poor Foresight

[Whyte+Wolf]

There are some very simple rules about web site design:

• never piss off the user
• pointing to the outside world increases your value, thereby increasing visits
• make your site downgrade gracefully.
• don't rely on cute client-side tricks

I mean, really, is that so hard? Oddly enough (or depressingly enough), the one we have must trouble explaining to clients is the first.

Which brings to mind a very simple question:

What ever happened to the belief that the customer was always right?

Apparently in the IT industry (and those who turn to us to help them with things like websites) customer service is a thing of the past.

Thank God for the move towards Open Source--in that paradigm at least, service is important.

"Reboot the browser"?

[NME]

Don't forget to powercycle the mail client.

-nme!

Where's the porn button?!

[TheDullBlade]

I remember hearing some (MS I think) browser developer saying how they wanted to make a main-bar button that would toggle javascript, so you can stop a flood of popups fairly easily.

It got dubbed the "porn button" and was, unfortunately, never included.

Re:Where's the porn button?!

[bruns]

There is a good program for Windows (shudder) that can help with those annoying popups.

NoAds
http://www.FirasE.com

Very handy, and free too!

Re:Where's the porn button?!

[jafuser]

One of the "Powertools" for MSIE includes a feature which adds two items to your "Tools" menu: "Add to Trusted Zone" and "Add to Restricted Zone". These items, when clicked, will automatically add the domain of the site you are currently viewing to the specified security zone. This should work just as effectively as the button you mention, since you can instantly add a site to the restritcted zone. Actually this would be better than a "toggle" button, because it will remember the site in the future.

Re:Where's the porn button?!

[drinkypoo]

This sucks. If the site requires javascript to run, and you add it to restricted, you can't just remove it (IE, un-curse it) without blessing it. This is not a solution.

Re:Where's the porn button?!

[DHartung]

One of the "Powertools" for MSIE includes a feature which adds two items to your "Tools" menu: "Add to Trusted Zone" and "Add to Restricted Zone". These items, when clicked, will automatically add the domain of the site you are currently viewing to the specified security zone. This should work just as effectively as the button you mention, since you can instantly add a site to the restritcted zone. Actually this would be better than a "toggle" button, because it will remember the site in the future.

It's called IE5 PowerTweaks. If you turn off Active Scripts for the Internet Zone, you can then go to a site and decide if you trust it to run Javascript or leave a cookie and pull down your menu. Boom! Instant Javascript.
----

Re:Where's the porn button?!

[Salant]

I started using proxomitron to filter out doubleclick and other such services. It also comes with handy filters to stop pop-ups, locked sites, and alsorts of other handy stuff give it a try.

Re:Where's the porn button?!

[bataras]

doesn't support linux so I can't use it.

Re:Where's the porn button?!

[piku]

Yeah but the only reason everyone things Windows sucks is because it crashes. What happens when they make a mainstream Windows that isn't based off of DOS and doesn't crash? Are you all going to come back to Windows?


Or will you all just bitch and moan and say "its not free" and "its not open source" and "we have stupid biases" and "its cool not to like windows"?

Re:Where's the porn button?!

[Forward+The+Light+Br]

prob is, thats not the only reason it sucks

windows _and_ NT suck because:
the metaphor provided to interact with basic OS internals is only a programmatic API. This means that one cannot interact in any meaningful way with the OS w/o programming, and w/o using MS Dev, as any other IDE does not have the APIs precoded, and there is no decent documentation for using those APIs (compare the win32 books to Adv Prog in the Unix Env by Stevens)

The lack of a metaphor like the Unix file representation also means that there is no consistancy to the interaction w/ the OS. Elegance is the only way to describe the ease with which one can interact with core OS internals in a Unix Environment. To be able to `cat /proc/net/tcp` and get not just a text readout of the network activity of the computer, but the actual kernel's understanding of that activity, is amazing. To be able to `echo 1 > /proc/net/foo/bar` to enable some feature of the networking stack, is pure ease. (yes these are Linuxisms, so sue me)

Does the open-source nature of Linux mean I read kernel source. Well actually I do from time to time, but leave that aside. Say I don't. I still get the benefit of documentation provided by people who have _who are not the programmers involved_. People always understand their own code too much to document it well.

Why like windows NT? Because its not based on Unix, a 20+ year old technology? You are right, its not. Its based on _VMS_ the precursor to Unix, a 30+ year old technology, but unlike UNIX, one that was retired (for good reason).

Apps and ISV support are not a reason to prefer an OS. Perhaps one to use it, but not prefer it.

-RS
We are all in the gutter, but some of us are looking at the stars --Oscar Wilde

Re:Where's the porn button?!

[Forward+The+Light+Br]

hmmm

just tried browsing at +2, and realized, this comment makes no sense unless you read at at least +0. Oh well

it is a response to someone bitching about Linux advocates, challenging that since apparently the only reason to dislike windows is its crashability, when the NT core is used in the mainstream version of Windows, will we all go back.

Not all of us came from there, and if one did (as I did), well...

sometimes there is no going back, obviously for more reasons than I listed, others include

security
remote useability
CLI power (vs NT CLI weakness)

and more
We are all in the gutter, but some of us are looking at the stars --Oscar Wilde

Now that would be a damn good idea.

[sulli]

Disable Java, JS, VBS, cookies, etc. by domain. If Mozilla does this, I'm switching tomorrow.

sulli

One browser that doesn't have this problem

[bruns]

Lynx doesn't appear to be affected by this crap - all the more reason to use it. :-)

Re:One browser that doesn't have this problem

[Frymaster]

add iCab to your list...

Re:One browser that doesn't have this problem

[schmidt]

My coffee mug doesn't appear to be affected either - all the more reason to use it ... or what :-?

Re: One browser that doesn't have this problem

[knuth]

Lynx could have this problem at a script-driven site.

More often, one sees either the brain-dead browser-detection scripts that won't let you in, or the endless redirects (no example URL I know offhand, but Micros~1's site often does this) which exceed the maximum number allowed.

Re:One browser that doesn't have this problem

[Arker]

To answer the question of the poster, this is an excellent example of very poor web design IMHOP.

You mention lynx, Opera is another browser that allows you to avoid this crap rather easily - you can turn off javascript and redirects and automatic document creation etc... it's not perfect but it's close. I normally use opera with the crap turned off in windows, and I'm quite happy with it. Since the linux port is still alpha (I've got it, it shows promise, but it's not ready for use yet) I'm using netscape at the moment, and it has a workaround too, others have mentioned already, using the history list. Bottom line though, a site like that turns me right off, and I'm very unlikely to go back.

ask.com is even worse!

[itemp]

When you use ask.com and click on a search result, it brings up the requested page within a frame, keeping you locked into the ask.com site! YUK!

Re:ask.com is even worse!

[siam]

I found that if you right-click and select "open frame in new window", you'll get the site in it's own window. My wholesaler's web site uses locked-in frames also, Aarrrggg.

Poor practice to be sure.

[Effendi13]

Now that I know that, I'll never visit the Home Depot site, nor do I visit porn sites (anymore). Banners are probably the least annoying forced information method, and even these have been proven nearly iniffective. Let me insert in here that I dispise the thinking process behind marketing people and think they probably go to the same place lawyers do when they die. -Effendi

Re:Poor practice to be sure.

[tcomeau]

...I'll never visit the Home Depot site...

Better yet, make one last trip to the Orange Box site, pick the "Contact Us" tab, and send them a little bit of feedback about the zero-second redirect. Be sure to include that you won't be coming back until they quit running their site like a porn site.

tc>

Re:Poor practice to be sure.

[tcomeau]

So I did this, and got a remarkably lucid, if unsatisfactory, response from the Orange Box Web Team.

They understand the problem. The current "solution" was the result of internationalization and the desire to have a degree of customization. They (now) understand that it's annoying, which makes me think I'm not the only one to complain. They say they are looking for a better solution. (If they were running Apache, I could give them the right solution. They're using Netscape Enterprise Server on HP-UX, so I can't help them. If anybody knows how to do the old-to-new-redirection(extern) type behavior with NES, please drop them a line.)

Gee, give 'em feedback and they at least listen. Amazing. Maybe there's hope?

Now if I could get them to stock a decent grade of molding....

tc>

of course they do...

[boinger]

What better way to garner revenue from your banner advertisers? Bothering the few users who realize that this is annoying (read: geeks) is worth the droves of mindless users that obviously don't really think that much about their experience, anyway. They'll come back even if it's irritating.

And what are we going to do, anyway? Not use homedepot.com to find the closest store when we move into town? Doubt it.

What's the problem again?

[MeanGene]

I can hit Alt-W faster than any server can serve me one more javascript-laden window.

No "back" button? Whom are you kidding? What is Alt-Left then?

And Alt-O shall send you anywhere you wish....

backspace

[chowda]

doesnt the backspace button work even when the browser button is disabled?

Redirecting forms

[11223]

Part of the problem is web-sites that use a 0-second refresh. For instance, go to this microsoft site and then try to hit the back button - it won't let you out! So Microsoft.com should also be on that list.

The reason? People are too lazy to return a 302 Moved (like Google does for the I'm Feeling Lucky button) and instead use a meta refresh. Well, it's wrong!

Browser writers (and Mozilla team): Could you let the back button disable the meta-refresh if you accidentaly back onto a meta-refresh page?

Re:Redirecting forms

[Seumas]

A lot of sites use meta-refresh to guide users from an index.html to an index.cgi page, as most of their site is not static -- including the main page.

The browser already offers an answer to this. Hold down the Back button on the browser and select the page just before the index.html page you visited. Problem solved.
---
seumas.com

Re:Redirecting forms

[0xdeadbeef]

This might be because of a bug in IIS 4.0. You can't set a cookie and send a Location: header at the same time, because the web server will eat the Set-Cookie.

I called Micro~1 about this one, and the bastards tried to charge me for their workaround, which was to rename all the CGIs to have nph- in front of them (which stands for no-parsed-header). They knew about the bug beforehand, yet did not publish anything about it until the day after I called! I suspect they let bugs reports sit until someone calls their support line, just so they can make money off them. Now that's innovation!

Re:Redirecting forms

[John+Allsup]

That can, and SHOULD, be fixed at the server. The server configuration determines the default page, together with whether it is run as a CGI script.
John

Re:Redirecting forms

[Seumas]

Not everyone runs their own box and has access to their Apache config files, though. Of course, they can always modify their own .htaccess files (well, most hosts tend to allow that at least), but a surprising number of webmasters have no clue that they can create/edit/modify it.
---
seumas.com

Re:Redirecting forms

[jcs]

hold down the back button and you'll get the drop down list of the sites you've been to. the second one down should be the site you were at before you hit the page with the meta-refresh.

Re:Redirecting forms

[KnightStalker]

Wouldn't that make them more of a webapprentice, then, or maybe a webwannabe... too lazy to read the damn instructions. There are two ways to redirect browsers without breaking the back button...

Return a 302 Moved header, easily done in PHP or Perl by printing a Location: header

Use the Javascript function window.replace() instead of window.location() -- this is just as easy as the meta refresh

Re:Redirecting forms

[KnightStalker]

Duh. Make that Location.replace()... and note that it's only available in Javascript 1.1

Use window.location.replace('newlocal.html');

[cvd6262]

What urks me is that there are a lot of newer web designers who don't know how to correctly use javascript to forward the user to a new location. If they just say: window.location = 'newpage.html'; then when the user hits 'back' it will rerun the script and transfer them again.

The correct way is: window.location.replace('newpage.html');. This replace the old page with the new in the browsers history.

Re:Use window.location.replace('newlocal.html');

[dolanh]

This is a clever fix, but remember location.replace() is a JS 1.1 function, not 1.0, explaining why a lot of people might not know about it, or be afraid to use it (no IE3 compatability).

Re:Use window.location.replace('newlocal.html');

[LiamQ]

The correct way is: window.location.replace('newpage.html');. This replace the old page with the new in the browsers history.

The correct way is to send a 301 or 302 HTTP response. This works seamlessly in all browsers regardless of JavaScript support, which means that even the lowly search engine can find and index newpage.html.

HTTP is your friend.

Joke time..

[Bowie+J.+Poag]

Ever been inside a Home Depot? Its pretty much the same story.. You cant find your way out there either. :)



Bowie J. Poag

Re:Joke time..

[drix]

Seriously! It's the closest thing to a casino I know of - no doors or easily accessible exits, no clocks or windows to tell time, open 24 hours a day to entice you.

--

Re:Joke time..

[Pfhreakaz0id]

The scary thing is, after you buy a home and start hacking your house, you don't care about the problem because you don't WANT to leave Home Depot. It's like asking a six-year-old to leave Toys R Us.

I was in there today on my lunch hour getting advice on my plumbing project ... I was like "man, I really wanna look at these copper-to-PVC transitions some more, but I gotta go back to work and code..."
---

Re:Joke time..

[jkovach]

This is why they used the slogan "The toy store for grown-ups" or "The toy store for big kids" (I can't remember exactly which one) in one of their Christmas advertising campaigns.

Re:Joke time..

[Zan+Thrax]

Home Depot's got nothing on Ikea. HD's got aisles, all neat and orderly, so if you want to leave, you can easily trek towards the quarter-mile distant doorway. Last time I went to an Ikea though, it was like this long series of connected rooms, each with its own category of products. There didn't seem to be any way to get through other than going room-by-room, and after I found the stuff I was looking for, I wasn't even sure which end of the path would be closer...

Re:Joke time..

[Zan+Thrax]

Well, maybe I didn't get far enough through to find a shortcut... Like I said, I couldn't tell how far in I was. (They don't have the rooms in a nice linear order so you can try to guesstimate either.)

The cause...

[glitch_]

Beware, some might consider this a troll
In some sites, like HomeDepot.com, the reasons for the 'lock-in' seem valid. i.e. setting cookies, checking cookies, so on and so forth. But most designers/developers feel that you came to their site for a specific reason and that you will be willing to put up with being redirected to a few different pages so they can give you a better "web browsing experience"
Now, just because I say this doesn't mean that I believe it or promote it. So flame me all you want..

Re:The cause...

[g051051]

It's just bad design. It doesn't appear intentional in the 2 cases frm Top9 that I checked: Home Depot and GurlPages. The "lock in" seems to come from the myriad redirects that occur as their systems check your session status and route you around. It's not fair to say this is a deliberate technique (at least for these 2).

Lock is despicable

[Chairboy]

"Poor web design"? That's like calling a burglar someone guilty of "poor money collection strategy".

Websitest that lock you in are more annoying then spam, and a pox on the face of computing.

The problem is, of course, due to marketers. It's true, these websites are obviously designed by a committee of marketers who spend days sitting around tables (or, these days, golf courses) trying to 'brainstorm' or 'strategize' ways of 'grabbing eyeballs'.

For a marketer, heaven is having a consumer strapped into a chair with his eyes held open ala A Clockwork Orange and being forced to watch commercials. In TV, they use everything from loudness to humor to try and grab those eyeballs.

So imagine, if you will, what happens when these people get access to an interactive medium like the Internet. There isn't a volume knob on websites, and most commercial humor requires reading abillities and patience, something hard to rely on in this 5 second attentionspan culture, so instead they do the equivalent of tying you into the chair and forcing you to 'experience' their website.

It's only a matter of time before this practice is identified as the embodiment of impoliteness it is, so it should disapear sooner or later.

Unfortunately, that means that the wheels will start turning, more of these marketing folks will start flapping their membranous wings again, and the next generation in captive consumers will get to experience their next excreted nugget of marketing 'saavy'.

Re:Lock is despicable

[zeck]

"Poor web design"? That's like calling a burglar someone guilty of "poor money collection strategy".

But in many cases it really is just poor website design. It isn't such an outlandish idea to use a meta refresh tag to reroute your browser to another page; in many cases they just fail to see that it makes browsing tremendously inconvenient.

Re:Lock is despicable

[jafac]

It's closer to the technical equivalent of a roadside billboard transmitting a command to your car's control system to immediately stop, so you can read the entire ad before whizzing by at 60mph.

Definately rude.

if it ain't broke, then fix it 'till it is!

Re:Lock is despicable

[DunLurkin]

If done on purpose, it's absolutely slimey. MSIE5 has a pretty good workaround built-in though - just right click on the back button and select a site from the drop-down list.

Re:Lock is despicable

[Frank+T.+Lofaro+Jr.]

Hey don't give anyone any ideas. :)

Seriously, that would make a great analogy for the DVD people forcing people to watch their ads... Keep that in mind...

Lazy developers and dumb HTTP

[tacticalsyntax]

Most of this comes from developers who mean well; they want to put real application-like stuff on the Web, but they have to work around the miserable way that HTTP handles state. So the lazy, slapdash, way of solving the problem is to open a new browser window with all the back button controls removed, or to use redirects and stuff that makes the back button act unpredictably.

I think it's time we took another look at HTTP. With the rise of Web-enabled commerce and tools, we need to find some way of handling session persistence and state.

Or we could just lambaste all the lazy developers here on /.

+---+

Re:Lazy developers and dumb HTTP

[artdodge]

they have to work around the miserable way that HTTP handles state.

Not the problem at all. You can handle state in at least two ways in HTTP (there are others, but some of them are patented :-P), neither of which necessitate the shoddy practices seen on theses sites.

• Cookies (example: yahoo)
• Use proper redirection (302 Found or similar) to a URL embedding a session ID (example: amazon) instead of the claptrap HTTP-equiv refresh crap these sites use.

What kind of statefulness do you have in mind that Cookies don't deliver? (BTW: you might want to look at the most recent IETF drafts; Set-Cookie2 et al are much more mature than Netscape's hack.)

Re:Lazy developers and dumb HTTP

[DonkPunch]

Or we could quit trying to use an inherently stateless protocol to do interactive state-oriented network applications.

Seriously, there are a lot of of applications that benefit from a distributed model, but people get caught up in, "Let's make it web-based!" for no good reason (other than buzzword compliance).

More than one development team has wasted time tearing it's collective hair out trying to manage state issues and design an interactive browser-based GUI. The same amount of time could have been used creating a standalone interface and simply connecting directly to a server with sockets. The end result would have probably performed better, too.

Project managers need to write this 100 times: "Network applications don't have to be browser-based."

Re:Lazy developers and dumb HTTP

[troeg]

Sure, lets use several applications to get information instead of one!

Why we are at it, lets require a different network connection for that information!,p> Why stop there, how about a different computer as well!

Re:Lazy developers and dumb HTTP

[lpontiac]

What else ya gonna do. . .use Java???

No, use wxWindows.

Re:Lazy developers and dumb HTTP

[tacticalsyntax]

No, use C#

:-)

+---+

Poor Site Design

[Kinetic+Kit]

In my experience as a web developer, this locking in usually results from poor site design and bad network administration. An older site of mine used a javascript redirect from the file that the DNS was pointing to into a subfolder where all the applications were. It got annoying because, like the article states, every time a visitor tried to hit back, it hit the main page again and got redirected again. I eventually just pulled all my files into a single directory to stop that annoyance. It was not a purposeful marketing tool, just an errant combo of site design and DNS.

That's not a bug, that's a feature!

[theseum]

The ask.com frames thing is actually pretty handy, I think. There is a button to get rid of the frames, and a button to go back to your question. It is really convenient for checking out multiple sites, instead of having to press the "back" button over and over again.

Damn these sites (or, my mouse has spoiled me)

[jblackman]

I've got one of those Intellimouse Explorers (the huge silver ones with the superfluous tail light and like three extra buttons; well, what the hell, here's a link) and sites that won't let you back out are an incredible annoyance. See, two of the buttons on there serve as Forward/Back (respectively) while browsing the web, and after about 20 minutes of using them, I was hooked. You wouldn't believe how simple (and remarkably intuitive) to navigate with your thumb. Now if I could just find a good use for those buttons in Half-Life...

I mean, sure, it's easy enough to hold down the back button and select the page before the offending site, but that would require moving my cursor over six or so linear inches of desktop space. Isn't that just a little bit unreasonable? No? Ah well.

-jay

Re:Damn these sites (or, my mouse has spoiled me)

[GigaGoogle]

I cross-referenced your post. Hope this helps!

I've got one of those Intellimouse Explorers (the huge silver ones with the superfluous tail light and like three extra buttons; well, what the hell, here's a http://www.microsoft.com/Mouse/explorer.htm link) and sites that won't let you back out are an incredible annoyance. See, two of the buttons on there serve as Forward/Back (respectively) while browsing the web, and after about 20 minutes of using them, I was hooked. You wouldn't believe how simple (and remarkably intuitive) to navigate with your thumb. Now if I could just find a good use for those buttons in Half-Life... I mean, sure, it's easy enough to hold down the back button and select the page before the offending site, but that would require moving my cursor over six or so linear inches of desktop space. Isn't that just a little bit unreasonable? No? Ah well.

Some of these lock-ins may be unintentional

[Kiwi]

Something to keep in mind is that sometimes these lock-ins are unintentional. For example, people may, to make web site updating easier, place all of the web documents in a sub directory, and have the front page be a redirecton to the actual front page of their web site.

Clumsy designs may have multiple redirects, the same way clumsy UNIX sysadmins may sometimes have a chain of symbolic links eventually pointing to a file.

The real solution is the reponsibility of the web browser designers--pages that have refresh meta tags should not be part of the browser's history, unless user-enabled.

I am not going to get in to the javascript games, since I, for security reasons, have Javascript siabled on my browser. Don't get me started on pages that need Javascript enabled to be browsed.

- Sam

Re:Some of these lock-ins may be unintentional

[Cy+Guy]

The real solution is the reponsibility of the web browser designers--pages that have refresh meta tags should not be part of the browser's history, unless user-enabled.

The GO family of sites appear to be implement this properly. Try www.disney.com for example.

Re:Some of these lock-ins may be unintentional

[Kiwi]

The reason why www.disney.com is not in your history after the redirect is because they perform what is known as a 302 redirect instead of a refresh meta tag.

A 302 redirect is faster and more efficient than a refresh meta tag, but has the disadvantage that it can't be part of an HTML document. [1]

Many web designers preview their web page by vieing it as file:/// links on their own personal computer before uploading the web page. When this kind of preview is performed, the only redirection that works is a META tag refresh. In addition, a META tag refresh does not need special cgi, php, or other scripting to work.

While, in the ideal world, all redirects would be 302 redirects that do not currupt the browser history, there are a number of reasons this will not happen any time soon.

- Sam

[1] It can be part of an HTML document if php3 is enabled.

Re:Some of these lock-ins may be unintentional

How can I siable javascript on my machine?

Re:Some of these lock-ins may be unintentional

[John+Allsup]

Correction.

Web sites that have refresh meta tags with a 0-second refresh, or one that refreshes to a different page should not appear in the history.

A non-zero timeout, pointing to the same place should appear in the history precisely once, for each distinct time it is visited, subject to the rules above (i.e. ping-pong refreshes shouldn't appear etc. etc. etc.)

The poster appeared to forget the legitimate use of the meta-refresh tag :-)
John

Re:Some of these lock-ins may be unintentional

I am not going to get in to the javascript games, since I, for security reasons, have Javascript siabled on my browser. Don't get me started on pages that need Javascript enabled to be browsed.

To quote our head web-design guy: "You can't run an e-commerce site without javascript".

Of course, these are the guys who have over the past couple of days caused us more downtime than we've had over the previous couple of years without them...

Re:Some of these lock-ins may be unintentional

[Anders+H�ckersten]

Something to keep in mind is that sometimes these lock-ins are unintentional.

Even if it's unintentional, it's still wrong. Under the law, it's still a crime to kill someone, even if it's unintentional. Doing something wrong because you don't know better is never an excuse.

agreed...

[DrLoveMD]

i have to agree completely. most companies view anything to do with websites as a buzzword and nothing more. i think it is just poor design skills on their part. if the content isn't good enough to get me to stay, do you really have to resort to MAKING me stay? come on... either make the site more interesting or let me leave in peace.

No fear of getting locked in to the lockin list...

[ethereal]

...since top9's list crashes Netscape 4.61 on HP-UX. If this sounds familiar, it should - I probably complain about it weekly. I know I give Netscape the finger daily as it always crashes once or twice while reading the morning's news. CNet seems to do it in fairly regularly, slashdot only crashes it rarely. Some component of page complexity?

OK, I'm done bitching now, mod away.

Many of these sites are not trying to lock you in

[PylonHead]

On many of these sites, the back buttons don't work because they are redirecting you to another page in their site when you first arrive.

Why? So they can offer different content depending on what browser you are using, and what plug-ins you have installed. If you have the flash plug in, they'll redirect you to a flash splash page... If you're using an older browser, they'll redirect you to a frames free page, etc.

You might find this behavior annoying, but it's hardly sinister. People in this thread have already pointed out that it's easy to overcome the limitation. It's kinda funny that slashdot is making a big deal about it.

Crap technology, too

[tacticalsyntax]

Oh yeah, I forgot to mention that a lot of this comes from the shitty technology behind these sites. Like BroadVision at Home Depot. To do supah-1337 1-t0-1 marketing you have to use their fat-as-hell URLs and redirect the user all over the place. So another reason to ditch HTTP: URLs are foolish things to use as objects.

+---+

Netscape "Go" menu

[slickwillie]

He really can't get back without shutting down his browser?

Netscape has a nifty little "Go" pulldown menu right at the top. Just select a site prior to the offending one and click. Does Internet Exploder also have this feature? I wouldn't know, never used it.

Mozilla Hackers Save Us

[mbrod]

An excellent feature to add to Mozilla would be the ability to have any website you go to bounced off a database of sites that do this. Then you can get prompted if you want to enter them or not. Or even better would be a way to pre-detect a site that was going to do this.

I think these sites are about the most annoying thing there is on the web. If something like this was in place I wouldn't have to deal with them anymore.

is this really a marketing idea?

[Jafa]

I took a peek at homedepot.com and I'm unsure if it's a marketing move or just not great web programming. It looks like when you first arrive it does some kooky redirects while it sets up your session. So it could be that it wasn't a marketing suit standing over a programmer and saying to 'make it stay' but more of a programmer staying up late finishing off something in the easybutcheesy way.

Besides, the whole marketing angle on locking doesn't make any sense. Just close the dumb window and get over it. Or pull down the back button. sheesh.

I'm guessing that if several people sent a NICE letter the the webmaster then this could be fixed.

Jason

Re:is this really a marketing idea?

[Octopus]

It looks like www.homedepot.com is just the victim of bad redirects. The main index page is an .htm which redirects to a translation (EN) page which in turn redirects to a dynamically generated JSP page with a query passed to it. This stuff could be accomplished in one root dynamic page, but it looks like their web dev people just kind of hacked it out. Don't think there's a conspiracy here, just bad design.

Opera users have it easy.

[pen]

Just click the Back button, and it will work. If the page redirected you, it won't do it again if you used the Back button to get to it. Simple, no?

--

This works...

[Wubby]

Using the keyboard shortcut for Back (which is ALT+left-arrow on my Netscape) will get you back...

I had to hit it VERY fast and A LOT of times, but it finally worked...

This isn't poor design, its a dexterity exercise provided free of charge. We should thank them for there thoughtfulness!

Totally different issues...

[artdodge]

This practice, started by porno site operators

Ballocks. The problem here isn't web sites trying to "lock you in" - it's crappy web designers showing poor engineering skills and lack of knowledge of their tools. Specifically, lots of these sites (homedepot is a prime example) use the nefarious META http-equiv="refresh" kludge instead of sending proper 302/303/etc redirection responses. They're using an HTML-level mechanism to perform an HTTP-level function. Nothing more, nothing less.

If they wanted to lock you in, I would wager they could actually disable the Back button with JavaScript (I think some on-line banks do this so they can keep you from going "back" to a page providing info that you just invalidated by performing some transaction).

I hate META http-equiv.

Re:Totally different issues...

[Quikah]

Yes, I have seen several sites that will essentially take over your browser. They remove the entire button toolbar so you don't even have a back button to try. Have to use the right click menu and shortcuts to navigate.

These redirects are pretty weak, all you have to do is press back really fast, essentially hitting back before the redirect page redirects you. It is really easy to do, but then again maybe I just play too much minesweeper. *click* *click* *click*.... :)

Re:Totally different issues...

[kruhftwerk]

Is there information on how to perform these operations (302/303/etc) from the site? I've always used http-equiv as I was never sure how to get the web server to send different responses. Does this require a cgi script to send the response, or can it be done from the header of a page?

Re:Totally different issues...

[CaptainSuperBoy]

I have to say, if META http-equiv is really such a bad thing to do then why do so many HTML guides teach you how to do it? Yes it's a kludge but a lot of web developers simply don't have full access to the machine they're developing on - using proper redirection isn't an option for people who don't have access to the Apache config file or whatever IIS uses.

--

Re:Totally different issues...

[dolanh]

I'm pretty sure in JavaScript 1.2 you can disable the contextual menu as well if you want to be really evil.

Re:Totally different issues...

[paulschreiber]

If these programmers weren't a bunch of lazy morons, they'd have learnt:

PHP: Header("Location: $url");
Python: print "Location: %s" % url
Perl: print "Location: $url\n\n";
et cetera

sheesh.

Paul

Re:Totally different issues...

[Mike1024]

Hey!

> I'm pretty sure in JavaScript 1.2 you can
> disable the contextual menu as well if
> you want to be really evil.

Sure you can! well, not quite disable, but you can make an info-box display if people right click, not a contect menu. This (http://www.sub-host.com/underground/iwa/indexa.ht ml) warez site does it, trying to make it hard for people to steal links, I expect.

Here is the code. I don't know how well the /. HTML parse thingies will cope with it:

var mymessage = "no need to right click \njust use getright and regularly click on the links";
function rtclickcheck(keyp){
if (navigator.appName == "Netscape" && keyp.which == 3) {
alert(mymessage);
return false;
}
if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) {
alert(mymessage);
return false;
}
}
document.onmousedown = rtclickcheck
//-->

I think that's the bit that does it. I don't know... I don't *do* JavaScript.

Just my $0.02

Michael Tandy

Re:Totally different issues...

[dolanh]

That would be the bit that does it - senses browser and keyclick event. If you wanted it to just do nothing you would take out the "alert(mymessage)"; from the function.

(I *do* JavaScript :)

Re:Home Depot = theBorg

[mrfiddlehead]

If you have anything to do with home depot (aka TheBorg, over in rec.woodworking) then you have only yourself to blame.

For a good, slightly off-topic, read check out the rec.woodworking Anti-FAQ. These woodworkers are pretty funny guys.

annoying

[styopa]

I believe that lock-in is poor web design and reflects badly on the companies marketing department. If the site is not interesting or useable enough for customers to want to stay, the site should not resort to annoying tricks like lock-in or spawing of windows if the browser is redirected to another site or closed.

Anyone who has had any experience at marketing would know that this may cause some customers to stay an buy, but it will mainly annoy most of them and cause them to not want to return. Bad experiences with web-sites are like bad experiences at stores, if you have one you are less likely to return. The use of these tricks shows immature marketing.

Re:annoying

[orabidoo]

... and in raw mod_perl handlers:

$r->header_out(Location => $url);
return REDIRECT;

A Mozilla solution?

[ajs]

Perhaps the right solution is to have Mozilla not fall for it. For example, one way that I know of that people do this is to have /index.html be a blank page with a META REFRESH or REDIRECT tag pointing to the real homepage. Why not have Mozilla detect the combination of "back" and META REFRESH or REDIRECT and simply not obey the tag?

The other solution would be to take pages out of the history list when they contain a META REDIRECT REFRESH. That would also cause the back button to work as expected, perhap arguably more like expected.

Do either of these solutions break any reasonable practices?

Re:A Mozilla solution?

[Gogo+Dodo]

What I would really like to see is a browser with different modes for Web programmers. Something where you can turn off various features so you can see how different browsers behave for a given HTML code. For example, have a checkbox that turns on/off HTML 4 tags. Some things I'd like to turn on and off:

• HTML version selection with both strict and uhhh... not-so-strict conformance
• JavaScript with version selection
• Frames
• CSS with version selection
• an MSIE vN.0 compatible mode
• a Netscape vN.0 compatible mode
• Screen size restrictions so I can see the pinhole that 640x480 user looks through
• Lynx mode :-)

A little bit overkill, but turning off individual tags might not be too bad either.

Re:A Mozilla solution?

[HiThere]

Screen size restrictions so I can keep pages from grabbing the entire screen -- an annoying practice that is FAR too common. Nobody should be able to maximize the window without the user accepting the choice! Ditto for either hiding or disabling the close button. If I could close the window (and kill running javascripts) then I wouldn't worry so much about not being able to go back.

Netscape 3 workaround

[hawk]

>Shouldn't this be: (IE/Win32)keep pushing back,
>you don't deserver better? :)

I initially was moderating this as funny, then I realized that this was already implemented in Netscape 3, and is part of the reason I still use it.

In the Mac & Unix versions, alt- moves you through the history--alt-2 goes to the prior page, alt-9 goes back 8 pages, etc. And if you've only gone back, alt-1 takes you as far as you go.

For some reason, this wasn't in the darkside version, and has been removed from later versions of netscape.

[the other reason is the window-by-window setting of autoload images, rather than as a universial preference]

hawk

*SAFE* refresh...

[Conesus]

Yes, it's possible. And compatible with ALL browsers. There are ultimately 3 ways to refresh to another page [as these sites have been doing, therefore 'locking' you in]

<SCRIPT language="JavaScript1.1">
<!--
location.replace("http://www.new.site/page.html");
//-->
</SCRIPT>

<META http-equiv="Refresh" content="0; URL=http://www.new.site/destination.html">

This page has moved to a <A href="http://www.new.site/page.html">new location</A>.

Using all three on the same page can help all browsers. The script works in major browsers, refresh is the older one, with which a quick back click can get past, and the message is perfect for lynx type browser [even tho refresh works in lynx]

Re:*SAFE* refresh...

[drwiii]

Don't forget that you can also bounce clients somewhere else with a HTTP Location header. It makes forwarding people to different pages quick, clean, and easy.

I can't live without my Proxomitron

[whuppy]

I just wanted to throw in a quick testimonial for The Proxomitron. It's my favorite proxy filter. It protects me from all sorts of wacky hi-jinks that web sites try to pull.
--

Very uprofessional

[91degrees]

Redirection makes it look like the web site used a cheap domain name service provider - you know the type - they just redirect to http://www.yoursubdomain.yourisp.com. And its bloody stupid too. If you press back, then the chances are you aren't going to become interested, and are less likelyto click on that link from the referring page if you visit that again.

Let Darwin take care of them.

Even MORE annoying

[Lord+Kano]

Is when porno sites use the above lock in technique in conjunction with java scripts to cause a window explosion.

The link will look like "http://www.randompornsite.com/movies/excellent.mp g" but when you click on it, instead of the mpg, you get 12 windows flying open all over the screen.

LK

Re:Even MORE annoying

[Valdrax]

This is even more annoying when you didn't mean to click on a porn site, and now all your browser auto-completion at work results in the URL of one of the 50 or so sites that were accessed in the process of trying to close all the windows down.

...not that I'm saying this kind of thing happens when goofing off and looking for MP3s. <grin>

Damn... missed it.

[ODiV]

When was Slashdot a porn site? Looks like I joined too late.

Oh well.

Solution

[loglan]

I just open a new window with each link that leads to a different site. This tends to keep the pages segregated. No back button required, just close the window of the offending site.

Lynx: I don't get the "best experience possible"

[Tony.Tang]

Access homedepot with lynx, and you get this message:

You are receiving this message because you need to upgrade your browser, or need to enable your browsers JavaScript. Without JavaScript, you will be unable to view portions of homedepot.com.

Because we want you to have the best experience possible, please upgrade to Netscape Communicator 4.0 or higher, or Microsoft Internet Explorer 4.0 or higher, or follow your browsers instructions to enable JavaScript. We look forward to seeing you often at homedepot.com!

Continue

I guess getting locked into the site is part of the "best possible experience"... hehe.

--

Slahdot has a back button?

[giberti]

I guess when you have slashdot posted as your home page you wouldn't have anywhere to go back too...

All joking aside, it really detracts from the surfing experience, if you are looking for something, sometimes you have to search in the search engine to find what you are looking for. Click and visit something not realizing its not what you want, but hey, someone deleted my history! Now you have to start the whole process over again.

I think in the long run, people will choose not to surf these sites (if they even notice the history has been cleared) simply on principle.

pr0n research

[iamriley]

makes you wonder where the companies' web desingers are spending their time...

How to fix this...

[$yseth]

The obvious question (for fools like myself) to ask now, is "How do i fix this on my website?" if i have a legitimate reason for my first page to redirect to another, like the server i use does not pass SSI unless .shtml extentions are used (i NEED this coz i'm jus a silly student easilly attracted to tacky things like CGI on personal pages).

So if i have index.html javascripting to the next page appropriate to the browser how can i change the javascript to eliminate this? can i?....

Easy solution

[techmuse]

In either Netscape or IE, hit control-left (in Windows) or alt-left (in Linux) or command-left (In MacOS) twice in rapid succession. That will force the browser to jump back two pages, past the offending (offensive) page.

Re:Easy solution

[SupahVee]

Too bad Home Depot (the main listed offender) has THREE referring pages to not let you out of. I always liked HomeBase more anyways.

BroadVision sucks

[steveminutillo]

Part of their problem is they're using the fundamentally brain damaged monstrosity known as "BROADVISION". The other part is that they're idiots. They didn't do that on purpose, you know, they just don't know any better.

http://peterme.com/bvsucks

Silver Lining

[Superb0wl]

The one good thing about locking-in, new-window-spawning, javascript-using sites is they create a fun game when you're bored and have a T1. have two people (we did this in the dorms) both click 3 links deep into a pr0n site and then try to click back out to your start page. This can be incredibly tough, and monopolize hours of time. for the handicapped, use a dial up.


-Superb0wl

Workaround for "Lock-In" sites:

[kralc]

Press Ctrl+O and type in a different site...

My solution is liberal use of the "middle button"

[GregGardner]

I don't know about other Netscape for Unix users, but I constantly click on URLs with the middle button, which opens up a new browser window. Probably the majority of clicks I make, espcially from one website to another, are middle button clicks that open a new browser window. Of course this results in me having like 10 Netscape windows all the time, but I never have any of those windows "stuck" in a site because I just close the window when I am done looking at it.

Similar: Break out of Frames

[Anm]

One thing that has recently annoyed me is the sites that add javascript to break out of any containing frames. This is another symptom of "must control the client/browser".

Admittedly, there are a few cases where such code makes sense, such as secure web sites; mixing secure and non-secure is a bad idea. But beyond the generally bad UI problems, how do people feel about this type of control?

The real-world equivalent

[jayhawk88]

Me: Hello, I'm looking for RedHat Linux for Commodore64, do you have that in stock?
Salesperson: No, but we do have the all-new WindowsYou 2000 v5.0 for Watches! Why don't you let me show that to you?
Me: Umm, no thanks, I think I'll just go look elsewhere.....Umm, excuse me again...
Salesperson: Yes? What is it?
Me: Umm, this door appears to be locked.
Salesperson: Oh, is that so? How odd. Perhaps you'd like to check out the latest release MacOS AquaTealMarine for CoffeePots, now with even more backgrounds!
Me: No, I'd like to leave the store. This door that I justed entered through is now locked.
Salesperson: Well, if you feel you really have to leave, you can climb that ladder into the rafters, walk across that I-beam to the far side of the store, and shimmy down the drainage pipe. But then you'd be missing our sale on OS/4 Impulse for Dishwashers...

I think it's clear that trapping sites are my biggest internet pet-peeve today. This is another reason why all marketing people should never be exposed to any new technology. Ever.

Re:The real-world equivalent

[pigpogm]

There's only one thing marketing people should be exposed to. Dangerous levels of radiation.

"If anyone here tonight is in advertising or marketing... Kill yourself. No, seriously. If you are, do. You're fucked and you're fucking us. Kill yourself. It's the only way to save your soul." -Bill Hicks

Re:The real-world equivalent

[Zan+Thrax]

I don't know. Unexpectedly open windows in their high-rise offices seems like a good thing to expose them too as well...

Re:The real-world equivalent

[Syberghost]

Salesperson: Well, if you feel you really have to leave, you can climb that ladder into the rafters, walk across that I-beam to the far side of the store, and shimmy down the drainage pipe. But then you'd be missing our sale on OS/4 Impulse for Dishwashers...

What one does in that situation in the real world, if the exit door is sufficiently difficult to reach, is demand a manager and then begin one's next sentence with "open this fucking door now or..."

That can be acheived quite nicely in the Internet world with an email, although I recommend leaving out the profanity since email is so easily deleted.

(Whereas, to delete you in person requires ejecting you from the building, which is what you wanted to acheive anyway.)

--

And you thought this was bad?

[Rob+Kaper]

Wait until you've found a few sites which catch your right mouse button click with some Javascript to make sure you cannot use it for browser functions anymore.

Unfortunately for IE users some functions such as "Open in new window" are _only_ available from the RMB popup. I'm glad all major browsers on Un*x use the third mouse button for this.

Re:And you thought this was bad?

[kralc]

I believe you can use the keyboard-based right click (the key next to the dreaded Win key) to circumvent those protection schemes...

Another trick you can use, but with a smaller success rate: Hold down your left mouse button for a few seconds, then click the right mouse button. I've found that this works on a few of those offending sites.

Re:And you thought this was bad?

[CodeMunch]

Hold SHIFT

left click on link

Release SHIFT

Continue surfing on work time <G>

--Clay

Re:And you thought this was bad?

[Imperator]

In Win32/IE, shift-click to open a link in a new window.

In any case, IE users should be familiar with the security zones scheme. Not great, but better than nothing. Any site evil enough to try braindead marketeering schemes like that can be put in the Restricted zone, which you can configure to turn off all scripting.

Re:And you thought this was bad?

[seligman]

Wait until you've found a few sites which catch your right mouse button click with some Javascript

Put the following (all one line) into a link. Put that link on your Links toolbar, and click it when you run across those pages, most of the time it'll disable the screwy right-click js code. (Warning, I'm no JS expert, there are probably better ways/less painful ways to do this, but this works for me)

--

javascript:document.onmousedown="";document.onmous eup=""; window.onmousedown="";void(window.onmouseup="");

--

Problem solved.

Re:And you thought this was bad?

[Old+Wolf]

That doesn't matter tho, cos IE doesn't fall for these crappy lockup things that this article is about . I only use IE, and I browse a lot (including a lot of pr0n sites). The worst I ever get is sites that open new windows when you close them --- but then you just have to be fast and close the new window. Problem solved.

The worst I've ever seen is an endless sequence of JavaScript alert() windows. In this case, you have to kill the browser (luckily this is easy, and you just load it up again).

What about HTTP POST

[The+Dev]

A similarly disturbing problem is when http POST
requests expire from your browsers cache. Hitting the back button gives you the "page expired, repost form data" box.

Never use POST unless you need to (like not showing sensitive info in the location bar and web log).

Re:What about HTTP POST

[MrJay]

Well, GET has a 255 character limit for the URL. POST is the only way to send data to a web server longer than this limit.

Re:What about HTTP POST

[Imperator]

POST is not evil. GET with huge form data (files, /. comments, etc.) is. I think what you're trying to say is that using POST when GET would suffice (e.g. navigation) is evil.

locked out

[scharkalvin]

Some sites only appear to lock out the back button. What they actually do is open up a new window. If the Back button is grayed out then just close the window! I'd actually like to know what the special html code is to cause a link to be displayed in a new window, but some sites do have this. For sites that actually lock the back button I have just used the history list (IE) or just display the sites I've gone to with the go button or the goto window (NS) and get the hell out of there. Some of this may be intended, in other cases just sloppy coding.

Apples and oranges

[Brian+Kendig]

As several comments have already pointed out, the 'trap' that sites like Home Depot's put you in is (most likely) not intentional. It's simply the result of a zero-second refresh page to redirect you to another page, and the easiest way around that is to bypass the page by holding down your 'Back' button or by using the 'Go' menu in your browser.

The real problem, of course, are the porn and scam sites which actively and aggressively prevent you from leaving their web pages. They use JavaScript to sense when you leave their page or close your browser window, and then they bring up another window on their web site -- or, worse, several other porn and scam sites.

The porn site 'http://www.gamefaq.com/' (not to be confused with 'www.gamefaqS.com') used to do this, and it was a great example of how dangerous the web can be for kids: mistype a URL, and not only might you have pictures of women having sex with donkeys dumped onto your screen, but you might not be able to get them off your screen without quitting completely out of your browser, either. Fortunately, 'gamefaqs' bought the 'gamefaq' domain name to stop this from happening (if you can call extortion 'fortunate'), but it still happens with countless other web sites...

Re:Apples and oranges

[Darchmare]

That's downright unethical. The last thing I want when I'm looking for porn is for some stupid video game site to pop up. :>

(yes, i'm kidding)

- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)

innovations in porn marketing

[jjoyce]

I give credit to the porn guys who decided to make their banner ads resemble the standard Windows widgets. Totally devious and shrewd.

--

Re:innovations in porn marketing

[generic-man]

That's where not using Windows comes in handy. Only once have I seen a fake-widget ad that looked like Motif or anything *nixy... and that was on Slashdot. On rare occasion I'll see ads that look like bastardized versions of the Win32 or MacOS widgets, which leads me to wonder what kind of people they were trying to fool.

Re: Personal web sites that are too kewl

[Superb0wl]

change it so it's not a meta refresh of 0. give it like 4 seconds or so. Or, the better way to do it would be configure apache to make your default page index.shtml instead of index.html. Or SSI parse every page (um...nevermind. bad idea).

What I do, is write a gateway page on index.html, then let the user choose where do go to get to my site. Whether they want the:

• frames page
• no frames page
• flash page
• flash + frames page
• javascript + frames page
• javascript + flash + frames page
• javascript + flash + frames + 1024x768 res + SSI + microsoft ASP + XML + live streaming video + RISC optomized assemly code + AOL compatable page

...you get the picture...


-Superb0wl

It's not just commercial sites....

[Guy+Harris]

This site, for a certain well-known free-software desktop project, has the same problem - Another Damn Refresh.

Lawsuit!!

[technos]

Being a very proud and pompous American, with at least a passing knowledge of the legal system gleaned from innumerable hours watching 'Judge Judy' and 'Judge Mills Lane' when I should be working, I am always on the lookout for a sure-fire frivilous lawsuit so that I, like many other lazy Americans, can get paid for nothing.

Well, here's how we sue the sites on the lock-in list. We get a couple hundred elderly, entry-level Windows users together in a room full of computers. We hook them all up to the Internet over a single ISDN channel. Set the default start page on each PC to www.lawsuit-target.com, and disable the cache. After writing a small script to respawn IE every time it is closed, we set the lusers loose on the 'net.

By now you're asking "Hey, technos! Annoying a room full of senile lusers is fun, but how do we make it into a good frivilous lawsuit?"

Well thanks for asking! I have noted, from my extensive experience as a tech, that the newer and more clueless the luser, the more often and serious they do something bad to the PC. Since we haven't given them any thing else to touch but IE and the contents of the Start Bar (conveniently stripped to just IE) they will eventually power cycle the machine. Some will do it repeatedly.

Here's another tech tidbit: Power cycling a Microsoft machine is BAD. For the purposes of this frivilous lawsuit, it completly corrupts the hard drive and requires several hours of expensive service to correct!

"But technos, any judge on earth will throw that out! The judge will call you and your lawyers a bunch of money grubbing slimes, and toss you out."

No! That's why we've picked on the elderly as our lusers-du-jour! Judges never rule against them! Why not? Because the elderly vote, and the judges are elected officials. Get enough old people in on the class action suit, and the judge will cave to keep his job!

The ever misgued marketing minions

[Pac]

From my experience, there will be a point dring development where the question about whether to display off-site links or not will arise. At this point, IF the client is somewhat reasonable he/she will agree that the Web is an open ended environment, that NOT giving all information a customer needs to decide on a deal is unproductive.

If, and this is frequently the case, you are meeting with an EMMM (see title), specially if the said EMMM consider itself a computer/internet power-user, things tend to degenerate fairly quick.

"No outside links" is just the starting point. They will then suggest tricks like this one (disable back-buttons) and go ahead to things like opening the page full-screen without address, menu or status bars (nearly hijacking the user's computer).

Sometimes it is possible to prevent this kind of crap, specially if you are dealing with a group. If, on the other hand, the EMMM is the sole or main responsible for the site, you usually end up being forced to develop a site with lots of user-enemy features.

No different from "Go" menu -- but also there's...

[devphil]

...the very simple work-around of hitting ^N to pop up a new browser window. Drag the link into the new window, or drag the little green-yellow thing by the location bar into the new window, and boom, there you go.

Or just right-click on a link and select "open in new window," etc, etc.

When you're done browsing, kill the window. The original one remains where you left it.

I haven't had to worry about "lock-in" for years. I don't see what the problem is.

Yes, it's fair

[gizmoNaut]

But it's also extremely annoying. If the companies running those sites want to feel the wrath of customers (and some of us out here in net-land can be very loud and annoying), then they should feel free to play their little games.

Workaround...

[nutty]

To get around the problem, you simply have to click and hold the back button, and select a site that is prior to the troublemaker. This works fine, at least for the microsoft.com example.

As for sites that get rid of the navigation bar, theres always the Cmd-(left arrow) (in MacOS/Netscape, i can fathom its something simililar on other platforms.).

If theres both, well, then you have a problem.

Also, if you really need to access the sites that were behind the back blocker, try checking the history..

Any-who...Sites that get rid of the navigation bar and such really tick me off. Just an added $0.02

/nutt

Re:Many of these sites are not trying to lock you

[pod]

But they're going about it the wrong way. Instead of doing it the proper way and having the main page be a server redirect of a very lightweight script (php/asp style) issuing a 302, they have an actual html page with a javascript-constructed refresh meta tag. Combined with a 0 second refresh gets you a useless redirecting page in your back button history that you can't get out of.

Re:Many of these sites are not trying to lock you

[fleener]

Auto-redirecting users based on browser specs breaks a fundamental and frequently used (if not the most frequently used) function of the web browser... the BACK button.

It is more appropriate to give the user the choice of using a Flash or non-Flash site. I have Flash installed, but nine times out of ten I'll opt for the non-Flash version because use of Flash tends to be gratuitious and run counter to my purpose for visiting the site. Nothing pisses me off more than being forced into a Flash interface when I know there's an HTML alternative.

And what if I'm trying to add a link to your site from my site? If you auto-redirect me you are likely to force me (whether I'm aware of it or not) into picking up a link that fits my browser specs, but not necessarily the specs of my web site visitors.

Re:twobrowser2 that doesn't have this problem

[acomj]

IE 5.0 for mac doesn't seem to have any problems backing out of anything.

I don't like microsoft, but this is the best browser I've ever used. (and I've used many,.... Lynx, mosaic, netscape, opera, mozilla....)

WebWasher!

A good way to get around this for some users is a great windows program I heard about in a comment attatched to a story about DoubleClick WebBugs a while back. It's called WebWasher, and along with filtering out banner ads, you can (very easily) set it up to filter popup windows, scripts run when a page loads or closes, modify how much an animated image is shown or remove it entirely, prevent pages from modifying the browser status bar (one of my pet peeves), filter images, applets, and plugins based on their dimensions, and create your own url filters (though I don't think you can disable the built-in ones). For the pages that direct you back to themselves when you try to close them, the on-close script filter works great.

Huh?

[ktakki]

Okay, they list Amtrak as an offender. It just so happens that I need to look up a schedule, so I check it out.

This is what it says on the timetable:

Please press the back button on your browser.

Not quite the "back-button disabled" site top9 makes them out to be. And yet I couldn't view top9's site because I didn't have the right flavor of plug-in.

Who are these guys?

k.
--
"In spite of everything, I still believe that people
are really good at heart." - Anne Frank

If they called it the porn button...

[TheDullBlade]

...do you really think people will want to use something equivalent that keeps a record of where it was used?

Re:If they called it the porn button...

[jafuser]

Hmm.. good point.. Although it can still be useful for the three non-porn sites on the 'net :)

Mozilla, Please let *ME* control my browser

[TheShrike]

Quite a while back, I wrote these rants.

• Jed's Netscape Rant
• Jed's JavaScript Rant

Ok, a little shameless self-promotion, and some of it is out-of-date, but still, I've been complaining about this stuff for years.

I want to be able to protect various browser components from manipulation. Simple. Don't let any web author change the function of the [BACK], [HOME], and [EXIT] buttons!

I once got trapped in a site which had used the JavaScript On_Close event to open a new browser window when I exited Netscape. Oh, and please keep my status line displaying real status messages (and latch them, please), instead of ridiculous messages from somebody's scrollit applet, or mouseover spam.

Oh, one more thing, a javascript.allow and javascript.deny type of management for which sites get it on and off.

TIA, Mozilla.

Home Depot's Offical Response

[geek2b]

Thank you for contacting homedepot.com! Our Internet team recently received a copy of the e-mail you submitted through our Web site. We would like to thank you for contacting us at homedepot.com and sincerely apologize for any inconvenience you may have experienced while using our Web site. Rest assured, we do not want to limit your access to the Internet from our site. Because the actual Web address for our home page is quite long and complicated (you can see it in the address field of your browser once you are on the page), we have simplified our Web address to www.homedepot.com to make it easier for our customers to remember and access. When you enter our address in your browser, we convert the simple Web address to the real Web page address. For that reason, the "back" button may not work in some browsers. Our technical experts are working to find a way to eliminate this process.

Re:Home Depot's Offical Response

Funny. It works fine for Amazon.com. They have a "complicated" home page URL and have managed to do it without trapping refreshes for as long as I can remember.

Re:Home Depot's Offical Response

[griffjon]

if that's authentic, they're smokin' some major crack, and need to fire their entire web design team. making a file called index.html and putting it in the root directory just is NOT difficult.

Worse, they're running (according to netcraft) Netscape-Enterprise/3.6 SP3 on HP-UX, so there is NO excuse. a symbolic link to the 'real' page they're concerned about named index.html in the publuc_html directory will work just fine. yeesh.

Re:Home Depot's Offical Response

[MrJay]

Well, hitting the URL http://www.homedepot.com/ redirects you to the page index1.html. This page uses Javascript (uggh) to determine whether the user (ironically) has Javascript enabled in their browser:

//Proceed only if the browser supports JavaScript.
..

if ( browserSupp )
window.location = "/" + siteName + "/HDUS/EN_US/pg_start.jsp";
else
window.location = "noscript.html";

In pg_start.jsp, I can only speculate that a new session is created (the next URL has a session ID field) and various startup routines are executed.

When you arrive at the homepage, the URL contains something similar to this:

pg_diy.jsp?BV_SessionID=@@@@1850957283.0963009276@ @@@&BV_EngineID=cal ieli dldjbemfcfkmcficgkj.0">

Given this information, I can make the following statements:

• They are using Broadvision. Anyone who's used this horrible piece of proprietery crap knows how uncomfortable and cumbersome it is to work with.
• They are heavy on the Javascript. IIRC, Broadvision sends various Javascript functions to accomplish mostly what can be done without Javascript. An expert web designer can build a complex site without a heavy and almost necessary reliance on Javascript.
• HTTP and HTML should both be extinct. Perhaps this is why Home Depot opted for the expensive Broadvision. I bet they also paid through the nose for a BV tech to be on site. Yipee!!

In all seriousness, this sort of thing can be avoided with a proper design. And the sheer difficulty of the whole process is nil.

Re:Home Depot's Offical Response

[bobby22]

Maybe can't do the same because Amazon.com patented it!

Bob is hot

Re:Home Depot's Offical Response

[Keith_Beef]

This page uses Javascript (uggh) to determine whether the user (ironically) has Javascript enabled

It's not ironic at all!

Imagine you only speak English (albeit an approximate Americanized English), and you're on holiday somewhere where the natives speak some other language. You're hungry, or thirsty, or need directions, whatever... What are you going to do? Stop somebody, and ask "excuse me, do you speak English?"

You address the person in a language you understand, hoping to get a response.

If you get a positive response, you initiate a dialogue.

If you get a negative response, you fall back to plan B (usually give up, or speak louder and more slowly... it's common knowledge that all foreigners speak English to some degree, but most of them are hard of hearing).

Using JavaScript to determine if the browser can understand JavaScript is an analogous case.

Re:Home Depot's Offical Response

[NexusJedi]

Except that, if the JS code MrJay is accurate, they used JS to do the test, then they tried to use JS to do the redirection to the non JavaScript page . If a browser doesn't support JS, it's not going to understand the window.location="url" command. So there's some irony in that, if only in their ignorance of how to do a proper redirect.

The proper way to do el redirecto would be to direct the viewer to the non-JS page and have some JS code that executed at the top of it that just redirected them. That way, if the browser didn't support JS, it would not execute the code, leaving the user there, and if the browser did support JS, it would execute the window.location="url" (or window.location.replace("url") to be nice to histories) unconditionally and they'd be on their merry little way.

Well, that's how I'd do it, anyway.

NexusJedi
--------------------------------------------
How do you catch an original rabbit?
Unique up on it.
How do you catch a domestic rabbit?
The tame way.

That's great if you know the trick...

[The+Queen]

...most folks aren't savvy enough to figure that out. And as a web designer, I have to fight the battle between the fun gimicky stuff my clients want and the things that won't look like front doors/spammer tricks to the search engine bots.
My $0.02? This type of thing bites a big peen. I don't revisit sites that push this junk, and try to dissuade my clients from using it.

The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk

Re:That's great if you know the trick...

[Seumas]

I completely agree. The thing is that there is a very thick line between "hey, I'm redirecting you to hotnakedteens.com!" and "hey, I'm gonna redirect you from somesite.com/index.html to somesite.com/index.cgi, okay?".

Pop-ups, however, suck regardless. I don't care if your site uses a pop-up for an advertisement, questionnaire, poll/survey, to give me background information -- whatever. I just don't want pop-ups unless I specifically click on something to cause that pop-up. For example, visiting your website and having a pop-up displayed immediately to tell me I should use your new cheap phone service, is stupid. But using a pop-up to display a definition of words, when I click those specific words, is comletely fine (and sometimes helpful) with me.
---
seumas.com

Becoming a Luddite

[dzurn]

I wanted to become a Luddite, but couldn't find the on-line registration form.

Re:Becoming a Luddite

[DuBois]

LOL!

Something like Groucho Marx's, "I wouldn't become a member of any group who would have me."

Re:Becoming a Luddite

[Darchmare]

Try amish-online.com ...


- Jeff A. Campbell
- VelociNews (http://www.velocinews.com)

Re:Becoming a Luddite

[Fruit]

That site has buttons.

Such people/companies should be punished.

[DigitalDragon]

This is one of the most annoying features. Could there be some law issued against that? Somebody's got to do something about that.

Re:easy to beat

[Phoenix]

Granted this is easy to beat for those of us who actually take the time to learn how our software does what it does. Alas on the other hand there are far too many people whom just learn the limited functions of software that they use and ignore the rest. Many people I work with don't know about things like history lists or holding down the back button to get the last 15 sites. Three people I know don't even know that that the location box is for typing in URL's manually, they always go to where they have to go either from thier home pages from thier ISP's or by bookmarks that they created.

I think that these are the kind of people that these sites are trying to entrap and detain. It's a pretty sleazy trick that preys on the ignorance of functionaly computer illiterate.

It's one of the many tricks that they pull on the kind of people who can't even spell URL

Phoenix
"The universe is a gun, and they're pointing it at me"

Re:Lynx: I don't get the "best experience possible

[Van+Halen]

Actually I got the same message with NS 4.72 on IRIX with JavaScript on (Java off). Seems Home Depot's web designers don't know what they're doing, eh?

If M$ can do it...

[Coward+Anonymous]

Hotmail started "logging off" users directly to msn.com shortly after it was bought by M$. They are not very polite about it either. There are at least two redirection attempts, one as a redirect meta tag. Another is in Javascript which, if I remember correctly, will continue trying to redirect the browser until it succeeds.
If M$ can do it without a comment from anyone, why shouldn't everyone else do it?

IKEA has been doing that for ages.

[morzel]

Same thing happens IRL in a number of stores, with IKEA being a prime example:
Once you get in, you can't possibly get out unless you walk through the *whole* store, through every possible department - preferrably with hordes of people blocking your way.

It's a tested idea, and it works wonders (in Ikea, anyway) for the sheople walking through.
Quite miraculous how I always seem to end up buying more stuff than I actually came for. :-)

Okay... I'll do the stupid things first, then you shy people follow.

slick blocking

[grue23]

I saw a fairly slick way to lock a user into a site on teckchek (www.teckcheck.com), which gives technical tests over the web. When you go into a test, it uses javascript to pop up another browser window with no buttons that fills up your entire screen. It rebinds the keys people can use to swap out of it, so until you finish or exit out of the test you are unable to close the window.

Continually refreshing ads...

[Van+Halen]

Actually what I hate more than this "lock-in" stuff (minor annoyance, easily worked around) are sites that have continually refreshing ads in a separate frame. First, the "hold down Back button and select page from history" solution won't work (the first location in the list will get you completely out of the frameset, not necessarily what you wanted). And because of this, you're stuck hitting Back 50 times while the ad frame cycles back before the "real" frame goes back to the previous page. You may be able to work around this by opening the real frame in a new window, but not if the braindead web designers give you no navigation tags in the real frame, forcing you to use a third, navigation frame. It's just poor website design and it pisses me off sometimes. ;-)

So many times at sites like this I've wished the Stop button would also stop the timer for meta refresh tags (and I think it should - everything should stop: loading, animations, refresh timers, javascript timers, etc). This small feature would be a godsend for such situations.

Re:No fear of getting locked in to the lockin list

[ethereal]

It just seems like that sometimes &lt grin &gt

Open a new browse window on the url...

[Jerry]

problem solved. When I want to return to the
previous site I just close the current window.

Re:Oranges and Apples...

[ameoba]

What's even more annoying is when you try going to a respectable porn site, such as www.hotbox.com and you make a little typo, and end up at some trashy search engine site. (like this one)

Such sites hate me

[Greyfox]

I usually browse with Java and Javascript disabled for just this reason. I've also got into the habit of middle clicking to launch a new browser window, as a lot of sites do screw with the back button in one way or another, and an alt-w to close a site and return to the previous site tends to be a lot faster than hitting the back button.

I also have my cookie file set read-only with just a slashdot cookie in there. I've yet to find anyone else worthy of being allowed a permanent cookie (And the only reason I allow the Slashdot cookie is so that I NEVER get presented with anything by John Katz.)

If a site is too obtrusive or bitches about my set up, I just don't visit it. It's that easy.

Is it Lock-in or are people just stupid

[twistedfuck]

Many people complain of being locked into a site because the back button doesn't work. The MOST common reason for this, is when a site opens a new window that completely hides the original, and the user doesn't realize its a new window. A new window doesn't have the same history as the original and you can't go back beyond the first page shown in the new window.

Re:Is it Lock-in or are people just stupid

[Quid]

Let me guess, you've never seen a porn site. :-)
----Quid

Mice with tail lights...(OT)

[Psi-kick+Guy]

I've got one of those Intellimouse Explorers (the huge silver ones with the superfluous tail light and like three extra buttons;

I've seen these things at computer stores - one question I have is this: If it has a tail light, does it also make a beeping noise when it moves backwards?

Re:Many of these sites are not trying to lock you

[Psi-kick+Guy]

It is more appropriate to give the user the choice of using a Flash or non-Flash site.

Wrong.

The proper way to do it is not to offer any content via flash that isn't available to those who don't have the plug-in.

It's called flash for a reason: because flash is diametrically opposed to substance.

substance == content. When someone visits a website, they're there to get information - a web designer's main goal is to make the content as easy to get as possible - everything that impedes this is poor web design. (this includes things such as a page saying 'click here to view our site with flash'.)

The correct way is to provide the content in a viewable manner, and use flash/javascript/whatever as extras for people who have it - if they don't have it, they shouldn't notice (but obviously the site won't look as nice.)

I've done this by accident...

[wmaheriv]

I found out the hard way that this is usually the result of poorly-written and poorly-rendered JavaScript.
Whilst first learning the language, I created a re-director page the detected browser types. Since I made the mistake of placing it on a separate page, users could not get out.
I found that Netscape was also far more susceptible to the problem as I attempted to tweak my code.
Perhaps someone could post the source to a workable re-direct solution, and e-mail it to the webmasters of the offending sites?
I'd hate to think that such an annoying effect was entirely accidental and/or caused by ignorance, and that we didn't say anything about it to ^them^ before we started complaining...

~wmaheriv

What is the big deal?!

[yomahz]

I went to the sites on the list that there was "no way" to get back to the previous site and I had almost no problem getting back in either Netscape or IE.

Both browsers have an option in the back button to skip several pages back.

- In IE, it's the little down arrow next to the button.

- In Netscape, you just hold down the button for a few seconds.

Is it annoying, YES but is it really that big of a deal?
--

A mind is a terrible thing to taste.

Unlawful Business Practice

[__aapbgd5977]

As of July 18, this is an unlawful business practice, according to Arizona Statute 13-2316. The newly enacted statute, available online as House Bill 2428 is quoted in relevant part below (new language in ALLCAPS).

(Note: The summaries say that this is a "Class 6 Felony". This is incorrect.)

13-2316. Computer tampering; venue; forfeiture; classification

A. A person WHO ACTS WITHOUT AUTHORITY OR WHO EXCEEDS AUTHORIZATION OF USE commits computer TAMPERING BY:

...

6. PREVENTING A COMPUTER USER FROM EXITING A SITE, COMPUTER SYSTEM OR NETWORK-CONNECTED LOCATION IN ORDER TO COMPEL THE USER'S COMPUTER TO CONTINUE COMMUNICATING WITH, CONNECTING TO OR DISPLAYING THE CONTENT OF THE SERVICE, SITE OR SYSTEM.

...

D. A VIOLATION OF SUBSECTION A, PARAGRAPH 6 OF THIS SECTION CONSTITUTES AN UNLAWFUL PRACTICE UNDER SECTION 44-1522 AND IS IN ADDITION TO ALL OTHER CAUSES OF ACTION, REMEDIES AND PENALTIES THAT ARE AVAILABLE TO THIS STATE. THE ATTORNEY GENERAL MAY INVESTIGATE AND TAKE APPROPRIATE ACTION PURSUANT TO TITLE 44, CHAPTER 10, ARTICLE 7.

Section 44-1522 is currently in effect, and reads in relevant part:

44-1522. Unlawful practices; intended interpretation of provisions

A. The act, use, or employment by any person of any deception, deceptive act or practice, fraud, false pretense, false promise, misrepresentation, or concealment, suppression or omission of any material fact with intent that others rely upon such concealment, suppression or omission, in connection with the sale or advertisement of any merchandise whether or not any person has in fact been misled, deceived, or damaged thereby, is declared to be an unlawful practice.

Yes, I work for the Arizona Attorney General, but I am not a spokesman for them. I am a lawyer, but this is not legal advice. Please consult your own attorney before taking any actions based upon information in this posting.
==
"This is the nineties. You don't just go around punching people. You have to say something cool first."

Re:Unlawful Business Practice

[josepha48]

I don't really think that this law applies here. I'm no lawyer, but here is why: you can still access other sites through your book marks so you are not really 'locked in'. They do not control your browser completely so you can still exit by typing in a URL in the location bar. Since both Netscape and IE browsers support searching through the location bar you can always exit one of these site.

While I do agree that this is bad practice on the site developers side, I do not think that it is against the law. Also how are you going to sue someone or take legal action if they are not in Arazona, or even the US? I imagine that since these sites have basically ben blacklisted on slashdot it is only a matter of time before most of them stop that practice anyway. I know that it is a cheezy way to keep visitors. Obviously if a site needs to do something like this then they have no content that will make people want to return.

send flames > /dev/null

Re:Unlawful Business Practice

[Chops]

Jesus God, this is a bad law. One of the premises of the net that The Man has fundamentally failed to grasp is that if your computer does something, it's your fault. If you're using a client that is willing to "lock you into a web site," it's your bad for using a broken client, and you should be punished for it until you find a better one.

If a technical solution exists, legal solutions will ultimately be harmful, because they discourage people from actually solving the problem. Prosecuting people because they served you a stream of bytes you consider "harmful" to you, in response to YOUR request to THEM, is an affront to logic as well as free speech.

For God's sake, man -- web sites are going to the trouble of advertising to us that they're poorly or maliciously designed, and we're COMPLAINING about it? I'd love it if there were an HTML tag that inserted subliminal advertising on my desktop. Junkbuster would start telling me, "IBM is trying to steal your money," and I would know never to buy anything from them again.

Re:Unlawful Business Practice

[GigsVT]

The problem with all "Internet legislation" is that there is no way to enforce it. This law may stop sites in Arizona from doing this, but they can just move the site to another state or overseas. Who knows, maybe this will be a their excuse for a world government.
-----------------------------

Re:Unlawful Business Practice

[Frank+T.+Lofaro+Jr.]

If they operate in another state, but in any way do business in or with anyone in Arizona, they could be covered by this law. If they move overseas, they could be covered if they have any assets or business in the U.S. They could be barred from doing any business in or with Arizona possibly, even if the are foreign. I am not a lawyer - contact one for real legal advice. But remember this, the U.S. (and its political subdivisions) do not take kindly to attempts to sidestep the law, including those involving trying to escape jurisdiction. We can, and do, prosecute U.S. citizens for actions taken outside of US controlled land...

Talk about annoying...

[darrenford]

I can't believe nobody has mentioned this.
What is with that slurping sound coming from Top9.com... I'd rather deal with the back button problem than listen to that.

SecurityFocus == Oh my.

[AdrianG]

If you want to see something really annoying, set your browser to ask you before accepting cookies and then hit www.securityfocus.com. The've implemented this really nifty stunt which makes your browser fetch another add about once every minute. To make sure it's a different add, give you a new cookie each time so that your browser does the work for them of keeping track of which add you got last.

SecurityFocus is a handy site, but they drove me insane when I was trying to understand more about what people were doing to me with cookies.

Adrian

Re:SecurityFocus == Oh my.

[sulli]

Indeed. Talk about crappy design: screen real estate that ever allows content seems to be less than 50%, what with all the mandatory-ad frames &c. I know they gotta pay the bills, but Good Lord!

Not to mention cookies.

sulli

important point

[perlmangle]

Let's not forget one important and useful application of the hereoft derided META refresh tag...

MRTG

--That is all.

Thankful For Being Locked in a Porn Site

[Municipa]

I for one am thankful for that a particular porn sites, whose name I won't mention, locked me at their site, and inundate me with popup windows. At first, I was reluctant, "I'm looking for a crack for Grandma's Recipe Tracker V" But after a series of 12 popup windows and irreversable navigations away from warez, I realized porn is what's missing from my life. They finally convinced me, and I'm glad they did -months later, here I am, forking over my hard earned cash for sweet porn, and happier for it.

ERRATA:The ever MISGUIDED marketing minions

[Pac]

Remember, it is not enough to press the Preview button, one should actually read and correct the text... :))

A simple fix

[lobos]

I went to several of the sites listed on top9, and did the same thing I always do to get out of those sites. I never saw them as that much of a problem, but they still get on your nerves at times.

Anyway, just click the back button and hold it down. You will get a list of the past websites you have been at and just skip the most recent one. This would, of course, be the one which keeps sending you forward. If you use IE, it's even easier. There is a small button with an arrow pointed downards next to the back button. Click this and follow the same directions as before.

Re:A simple fix

[rob_from_ca]

Or if you don't feel like aiming for the small arrow in IE, you can right click the back button to see the same list. You're right; very simple. Too bad no one bothered to actually _read_ the referenced article, let alone read this far down into the comments to find the simple fix.

Re:A simple fix

[Yer+Mom]

Or if you don't feel like aiming for the small arrow in IE, you can right click the back button to see the same list. You're right; very simple. Too bad no one bothered to actually _read_ the referenced article, let alone read this far down into the comments to find the simple fix.

Does anyone know how to do this in Opera? Even with the shiny new Opera 4, I can't see where this is hiding. And they've got just about everything else right...

--
Hell hath no fury like a pissed-off Glaswegian.

Holding down the back button?

[puddles]

Am I missing something? If you hold down the back button on Netscape long enough, you get a popup menu that allows you to "pop the stack" to any page you've viewed so far. This only works with recent Netscape, of course.

Let the bastards know.

[F0rlorn]

Despite all the ranting and raving (and I do agree) about these annoying tactics, I'm guessing the reason they keep doing it is because they never get complaints. Personally, if I come across something annoying, I often close the window, and move on. It's a bad habit.

Make sure if you see any annoying aspect of a website, whether it's an annoying script or just a really disturbing yellow hue on a banner, send the webmaster a note.

Re:Let the bastards know.

[mpmansell]

Better still, send them a copy of their page. After all, if its so good.....

Let them know!

[SlashGeek]

I doubt many Home Depot officials read /. So instead of complaining here, why don't we complain to them? They have a contact page on their site with webform submission, so you don't have to use your personal email. It does ask for an email, but there is no reason you can't use a fake one. If we as net consumers don't get the message across now, what's to stop this from becoming a popular occurance? Personally, I'd hate to have to right click every link and open it in a new window someday because nobody ever said anything about the practice. And yes, I already have submitted a complaint to them. A reference to lost business might drive the point home a little faster, and there is nothing in Net.Law (sorry Rob, I just love that one) that says you can't tell them you are boycotting them even if you're not.

Ask Dr. Jakob Nielsen

[Inoshiro]

He'll tell you that this is the #1 mistake in the top-ten list of mistakes done by webpages. And I agree. Linking to the outside world, and letting other people back out of your site shouldn't affect it. How else could Yahoo!(tm)(r)(c) become so popular, eh? They certainly don't have a lack of people browsing their site.

The back button is the most often used widget in the browser. If a user hits a site they don't want to see, or make a mistake -- boom, off they go. Locking them in to a site once they get in agrivates them (it sure pisses me off).

My suggestion: turn off Javascript in any browser which allows you to (except Netscape, because that kills CSS [why?]).

So what happens to sites which still do disable the back button, or otherwise lock you in? Well, I tend to just kill my browser process. It's simply easier than dealing with BS websites. Plus, I know to never go to that site again (it'd be nice if Mozilla had a dynamic blocklist which would mark down sites which do this, and block them).
---

Re:Ask Dr. Jakob Nielsen

[Jade+E.]

> (except Netscape, because that kills CSS [why?])

Because Netscape doesn't actually support CSS. It converts CSS to it's own* Javascript Style Sheets internally. Hence, no Javascript, no Style Sheets.

* It's 'own' standard in the sense that it's published, but nobody else uses it.

-Jade E.
Not an expert, but I've run into the problem before.

Sure I have...

[sulli]

I grew up in Washington, DC!

no

[samantha]

It is NOT legitimate. It is a direct interference with free passage, the cyber equivalent of barring the door to keep you from leaving. Sites that do this deserve to lose customers and get tons of flak. I wouldn't be surprised if a few ticked off hacker folks decide to "fix" their site's annoying traits for them.

Another unofficial method of avoiding lock-ins

[Asmordean]

What I do when I surf about is to right click on almost every URL and "Open in New Window" or I physically type a URL. I hardly ever encounter a lock-in because I just close the window.

Right now I have 4 browser windows going (Slashdot news page, this page which I am typing this, Anandtech, and HardOCP)

Perhaps I just have wierd surfing habits.

Re:The real-world equivalent (OT .sig reply)

[jayhawk88]

It also means that an infinite number of chickens will only supply as much funny as the first two. Cleary the implications of this are astounding, and will shake the scientific community to the core. For more information, see this Goats.com comic on the subject. I would have had the whole quote and link in my sig, but that damn 120 character limit...

Lynx

[alleria]

... users must be grinning gleefully right now. I kind of share the feeling, since my browser barely supports transitional HTML 4, let alone Javascript or anything fancier.

Re:easy to beat

[troeg]

Yes, I taught a person how to use a book mark the other day...

That person said, "You mean I can go directly back to that page at any time?"

That person is a manager in a Forture 500 company. We assume to much maybe? I don't now.

It's Both

I work at a company, and I'm constantly getting orders from on high which run contrary to what I consider good website design. One of these is the idea that people should never actually leave the Website. It's an idiotic thing to do, because I know when a Website does it to me, I simply don't go there that often (or not at all, if there is no compelling reason to do so).

My bosses tell me to do my best to keep people inside of a frame (the majority of which is 100% useless screen area wasted on a large, "decorative" header frame.)

Oh, and you can easily disable the back button with Javascript (in the case of this Website, Javascript combined with JSP pages). I always go into "weasel mode" when my boss suggests to me I do something so egregious, saying things like "You know, when I visit a Website to shop, I always find stuff like that annoying, don't you?" Sometimes it works, sometimes it doesn't.

Well, it doesn't matter. The company I work at is basically a folly. Rich private investors pouring money into a hole that won't produce anything useful to society or even make money for them.

Why do I stay? Maybe I'm like the pointy haired boss on Dilbert, "Brinksmanship, like sometimes I drive into oncoming traffic and only pull out at the last second." Though more likely it is that the hours I spend at work keep me from creating a decent resume in my "spare time" (hah!).

you're someone with experience.

[AugstWest]

It never ceases to amaze me (but then again, old versions of Slashdot did the same thing, so who am I to judge?)

you're someone with experience as a webmaster of a high-profile website. you're under more criticism than any of the companies you criticize. you've learned what people want and what works. (you are missing a few things... why is the search box all the way at the bottom? an empty white box in the left-hand side would break up the menu nicely, adding some white space and some functionality...oh yeah, criticism. right. it keeps you on your toes, though.)

generally, companies care more about graphic design than function. they like splash, and don't understand the web user's habits... and web use is definitely a habit. capturing the user is the worst thing you can do to someone with the habit.

it's a young industry, and it's earliest denizens are getting older. there's a major emphasis on young guys who will burn for the big bucks, but there's nothing as valuable as experience.

so screw 'em. judge. :]

Re:No different from "Go" menu -- but also there's

[Joe+Rumsey]

In Linux netscape, the middle button opens a link in a new window. In IE, shift-click does it. I open most things with the middle button when I know I'm going to want to come back to the original page. Back doesn't work very well on many pages if you've scrolled to somewhere in the middle (Slashdot stories are a prime example!)

Ever heard of a new window?

[Woil]

Open the link a freaking new window. With Netscape on Linux this consists of simply clicking the middle mouse button on the link. (How tough is that). When you're done with the site, close the window. The OS usually refreshes faster than the browser for pages, so when surfing I tend to have 10 or more windows open when surfing. With windoze just right click on the link and select "open in a new window" Pretty simple, and a big time saver.

This is a non-issue

[mschmitt]

Being stuck behind a redirect is nothing that's been invented in the Year 2000. In fact, it's something I've been used to deal with for years.

What's the big deal with this? Drop down the list of recent pages from your back button, select the page you want to go back to, and there you are.

Re:Lynx: I don't get the "best experience possible

[troeg]

Hey, don't agree with it, but if it says "or follow your browsers instructions to enable JavaScript" like you say you got the same message then....

READ!

Time is an offender

[sconeu]

I've put time.com in my IE "Restricted Zone" list. I really wish Netscape had something similar (but better!).

Time pops up those annoying advertising Subscribe To Time windows when you leave their site. Don't they know that it makes them look like a pr0n site?

There's a reason sites do this

[bellings]

Here is the Home Depot home page, copied word for word:

<html>
<HEAD>
<script language=javascript>
window.location = "index1.html"
</script>

<noscript>
<META HTTP-EQUIV = "refresh" content = "0; url=noscript.html">
</noscript>
</HEAD>
</html>

I'd love to know what the "correct" way to do this is. If you say "HTTP redirect", you'll have to explain how the server knows if javascript is turned on in the browser.

Of course, as many people have pointed out, the line 'window.location="url"' might have been 'window.location.replace("url")', and that would have solved much of the problem -- but not all of it.

The HTML "meta refresh" tag with a time of 0 is an ugly kludge, because it pollutes the browser history. Unfortunately, I am not aware of any "correct" way to do a redirect from HTML without polluting the browser history. This has little to do with malicious scripters, and more to do with browser designer's apparent failure to implement something that seems pretty basic.

(Of course, the entire subject seems like a troll -- I didn't have any trouble getting out of any of the sites listed on top9, and I'm pretty sure that the crappy redirects are due to developer negligence rather than malice.)

Re: "Technical Experts"

[kevin805]

I started laughing when I saw that. Like it's some amazingly complicated problem or something, rather than just leaving a 5 second delay with a "click here to enter" link.

NEVER go back

[fanatic]

I just make a note that this is a 'webmaster' (what a pathetic lie that one is!) who thinks my time is less important than ... whatever, and I never go back (if I can remember). I sometimes drop said webmasturbator a note letting him know what a twit he is.

Why do they call them 'webmasters'? Most of them are fools and parrots.

Redirection should be done on the server side

[ShaunC]

Redirection should take place on the server side whenever possible. All it takes is one line of Perl:

print "Location: path/to/new.html\n\n";

or PHP:

header("Location: path/to/new.html\n\n");

Hitting the back button after being redirected on the server side will have the desired effect; you'll go back to wherever you were before you were redirected.

That said, there are times when a designer will want to "lock in" their viewers, and after visiting a few of the sites listed, I think their design was intentional. Ask anyone who's dealt with some of the popular CGI-based shopping carts, and they'll tell you that their worst enemy is the back button. At a lot of shopping sites, the developers do everything in their power to make the customer's shopping experience a forward-moving process.

Unfortunately, sometimes warning users "don't press the back button, click (wherever) to continue" just isn't effective.

Shaun

This can be LEGIT

[whm]

Now, I can't lay claim whether Home Depot or any of the other 'lock-in' sites are legit or not...but there may be an entirely legitimate reason to have this sort of redirect.

I used to run a large volume site which relies heavily on Javascript. We used something that would be classified as a 'lock in' to determine whether the browser had Javascript enabled.

1) Javascript redirect on 0 seconds
2) Meta refresh on 3 seconds.
3) Link for the unfortunate.

I can't believe so many people immediately jump to the conclusion of malicious intent.

~whm

My website once had this unintentional problem

[pjrc]

It's really simple and easy to do this without knowing it... or at least it happed for me.

For four years, my web site was hosted by the Oregon State University Electrical Engineering Webserver, at this url that was widely linked and in all the search engines' first result page for a number of keywords.

Well, all good things (actually their server was not very reliable) come to an end, and the university was under a big scare, supposedly because of some lawsuit somewhere, regarding old accounts from former students. I got a message that I would need to move my site.

I did indeed move the page, to it's new and permanent location, but even after over a year, the old site still gets lots of hits. Forunately, they have been nice enough to keep my redirector page in place all this time.

At first, I did what seemed like the obvious thing and I set the HTTP-EQUIV meta tag to redirect, in zero seconds. Seemed like a good idea. It was actually like that for months, and I was totally unaware of the problem. I finally got an angry e-mail from someone who was upset that I messed with his back button, but as far as I could tell, nothing on my site would do that. Indeed, nothing on my site was doing anything with the back button.... by that time I hardly gave any though to the old urls anymore, so it didn't even occur to me at the time to try going to the old url and then seeing if the back button still worked. Even if I'd typed the old URL, to experience what an ordinary web surfer got, I would have had to find my url from a link (not hard, since the search engines don't update well anymore, even if you fill out their forms to rescan your url).

Well, several weeks later, I learned what had happened while reading Jokob Nielsen's Alertbox Column, Top Ten New Mistakes of Web Design. Breaking the back button was his number 1 offense, and I was guilty... and until that moment I didn't even know it.

My point in all this, dear reader (and you're still reading after all this rambling), is that it's easy to need to redirect users, because old URLs don't stop getting hits, even after a year.

Some people have said that the web design should use a location redirect in the HTTP header. I tried this, but the browsers generally don't honor that from within the HTTP-EQUIV meta tag (even though they should), and I have no control over the configuration of the server itself, only the html content.

It's easy to say the commercial companies are different, since their web servers are for their corporate missing (whatever that is), but I can easily see how the "web designer" only has control over the content within the html file itself, and not the web server config... often times controlled by an admin who isn't helpful, or a third party hosting company.

Re:My website once had this unintentional problem

[pjrc]

An AC writes:
...and a server that doesn't even provide control over that is fundamentally broken.

My point, lost somewhere in all the rambling, is that many site authors do not have any control over their web server, only the HTML files they can edit. Since they can not excersize any control over the HTTP headers, all they can do is redirect with a meta tag. The intuitive thing to do is redirect with a zero second delay... assuming the user won't want to wait to get to your page in its great new location. It is very easy to do this and believe you've made a good design and never even know that your design has messed up the back button.

If anything, the web browsers are fundamentally broken when they implement a redirect immediately after the user presses the BACK button. This only ends up returning the user to the same page that they were attempting to leave by pressing the back button in the first place.

I wonder if anyone from the MOZILLA team is reading this message. How hard can it be to ignore the redirects when a page is loaded as a result of the BACK button. Does it ever make sense for a browser to follow a redirect when the page was reached via the back button?

Webwasher

[kris]

Webwasher filters all incoming HTML and will remove annoying Javascript as well as ads, and will on request deanimate all animated gifs.

© Copyright 2000 Kristian Köhntopp

Re:porn

[The+Grammar+Jew]

Old Five Seven Five,
You better look out, you've got
Some competition.

A more effective trick

[yerricde]

...would be a JavaScript script in index.html that

1. opens a new window and sends it to the homepage, and
2. closes this window,

erasing the Back button's popup menu.

Re:A more effective trick

[Frank+T.+Lofaro+Jr.]

As far as I know, you can't close a window directly, you can only have the browser pop up a dialog which asks you if you want to close - say yes and it closes, say no and it does nothing. Of course an evil person could put that in a loop. doing an alert() in a while(1) in javascript is a very evil trick too. Tested that on myself - it was bad enough to qualify as a DoS attack had it been done by someone else to me...

What if I don't have root on the server?

[yerricde]

The correct way is to send a 301 or 302 HTTP response

How do I do this with XOOM.com, Geocities, or Tripod?

Re:What if I don't have root on the server?

[LiamQ]

The correct way is to send a 301 or 302 HTTP response

How do I do this with XOOM.com, Geocities, or Tripod?

XOOM.com, Geocities, and Tripod don't allow user-friendly Web sites. But you don't need root access to be able to send 301 or 302 HTTP responses; most non-free Web space providers allow it.

So how do I do 302 on a free web server?

[yerricde]

Is there a way to make a free web server (Xoom, Freeservers, Tripod, Geocities, FortuneCity) return a 302? Otherwise, I have to use window.location.replace('new page.html');</script>

Turn off CSS?

[yerricde]

Some things I'd like to turn on and off: ... CSS with version selection

Motion picture studio web sites do not want you to turn off CSS :-)

Oh, that CSS. But they still don't want you to turn CSS off and make their eye-catching promotional pages look dull.

Contra dicted yourself.

[yerricde]

I've seen a few browsers trying to access /index.htm for some reason, /index.shtml is there and the first under Apache's default document list.

But...

I don't want to use javascript because people use lynx.

I thought Lynx adhered to the standards. Is Lynx one of the browsers that's going straight to index.htm?

Contra: ^ ^ v v < > < > b a b a sel sta

What's the whole problem here?

[ZeroTolerance]

You can just as easily use your "go" menu item (Netscape) or the pulldown menu on the back-button (IExplore) and move a few sites back .. no need to press "back" .. and also .. you can beat that system by clicking VERY VERY fast. See it as an arcade style game "Leave the site" .. you know you can do it !
--

Talked with HomeDepot regarding this...

[jvoisin]

I decided to send homedepot an email message as they were apparently one of the worst offenders. They seem quite sincere with their response to our concerns. At least they aren't doing the dozen popups that we have all come to love so much. (sarcasm).

-------------------------------------------------- ----------------

Thanks for the continued support. We are aware of the negative publicity regarding this issue and assure you that we are looking in to the matter.I have an explanation about the site which may make you feel better about our approach to serving customers on the web.

I'll try to make this short and intelligible, bear with me...
In the effort to make your visit to our website personal, friendly, informative and entertaining, we have enlisted the help of some high level software. The page you see is not as it appears. If you have registered as a member at our site, we have pulled up information that pertains to you. In the near future, our site will bring you local content and information about your local store. If the site looks like a solid page, guess again. The page is made of a template for navigation and a panel of information. This panel could contain a store locator, driving directions, or printable instructions to build a swingset! It all depends on the customer's needs and preferences. The table is "Cooked" up hot and fresh, every time. If you noticed, the site didn't ask you to "Click here if you're using Netscape 4.0". We have already found what system you use. In your case we see that you are using:

Browser & OS Info: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

In order for us to pick up this information, we must enlist sessions (To keep track of any changes to the site since last visit, remember...Hot and Fresh!) Check your browser to make sure we gather the right pages, go pick up the fellas (the parts that comprise the page) then arrange to meet inside the template for a seamless presentation. The first step happens really fast, but you can make it work if you're quick with a mouse. The key is the lightning fast re-direct, as you might have assumed. Try to click the back button quickly after hitting enter, if you are faster than the next page load, then the page will simply back out like normal.

What would anyone do this?

[cabalamat]

I don't know why anyone would do this. Surely someone could achieve exectly the same effect, with much less effort, by replacing their entire website with a single page that reads:

I am a fuckwit who doesn't understand new media. I also have no respect for other people. Please do not read my website, as it is not worth bothering with.

How silly is this?

[jpatters]

I tested several of the sites that they had listed with a red lock on four different browsers. iCab2.0 for Mac, MSIE4.0 for Mac, and NC4.7 for Mac all allowed me to go back to the previous site with minimal extra effort, i just had to press back a few times rapidly. IE5.0 for Windows would not go back from the homedepot.com site by any ammount of rapid clicking on the back button, but I could use the little pull down thingie next to the back button and select the previous page from the list and go back that way. What is the big deal?

Petty Stuff

[Kubisuro]

It really doesn't matter what people do with their webpages, because its on their own server....presuming that it *is* theirs. Still, its their property and if they want to lock users in, so be it.

We'll just show them, one way or another, to keep doing it or to *stop* doing it. Let 'em be, its not that disturbing.

IRS: Created at war time, still at war with us.

Re:Many of these sites are not trying to lock you

[fleener]

I agree Flash is diametrically opposed to substance. However, forcing people into Flash content simply because they have the plug-in installed makes the incorrect assumption that those people want Flash.

*I* have Flash installed for that one night 14 months ago I wanted to see one particular small item that was presented in Flash and I keep Flash installed only for the moment 22 months from now when I'll want to see a Flash item again.

So perhaps the solution is to automatically determine whether Flash is installed, but when you redirect Flash users, give that group of users the choice of the HTML or Flash version.

Fake hit inflation

[Junks+Jerzey]

Sites that sell ad space will do anything to increase their page views. If you hit Back and everything reloads, there's a another page view. Intro screens serve the same purpose. Lots of sites break articles into too small pieces, so you have to look at a dozen pages instead of one or two. And each time you click, there's another banner ad.

Re:*SAFE* refresh... Is slashdot broken?

[GruikMan]

Is it just me, or were the and tags of this post actually rendered as real HTML tags instead of being quoted by the Slashdot engine? Those are supposed to be forbidden in HTML formatted posts... But by browser executed the Javascript within the previous post, and I can view the un-quoted tags in the source
Well... strange

Actually, Tripod does support it

[ionpro]

Tripod will allow you to use CGI scripts, but only in a special directory, etc. Also, only Perl is allowed, and no system or exec is allowed, and scripts will only run for one second before being auto-terminated.

Mizing JavaScript

[sparkmanC]

It's so easy even us skr1pt k1ddiez can do it!
Sparkmania Skull page

Re:Filters...

[youngchaz]

where can i find guidescope........

Re:Filters...

[youngchaz]

cancel previous request... i found it at junkbusters........

Backspace 'feature'

[Annihilus]

ARRRGH!! Who was the IDIOT who thought of binding Backspace to [back]!? I mean, it's not like someone minds if they are typing something in a form, then click on another bit of the text, hit Backspace and then go back, only to lose the stuff they were writing when they return? This is not quite Office Assistant but it's close...

Re:Backspace 'feature'

[CBAS]

IE saves the text you typed when you click forward (ALT & ->)
You'll have to retype your password though (thankfully).

Browsing with the middle button

[Kev+Vance]

Website lock-in, as well as the fact that netscape doesn't remember your position when you click on links, is why I tend to browse with the middle button. That is, when there are multiple links on one page that I'm going to use (i.e. in a search engine or reading slashdot), I'll open a new window on the first one, then click+drag from the old window to the new one.

You need some desktop space for this, of course. 800x600 isn't going to cut it. But then, you don't have to sacrifice all your netscape windows when one of them goes running amok.

Re:How do I implement that in Junkbuster?

[Lev_Arris]

Sorry for the stupid question but I really have no idea where to put that.

Greetings

Re:Intolerant people and you

[Zan+Thrax]

Nice to see that some AC's can grasp irony...

I don't get it.

[fm6]

I must be missing something. This is not "locking" in any sense I understand. It's just redirection with no delay. It's obnoxious, it's stupid, it's un-user-friendly. But "lock in"? Get real.

I once worked on a well-known web site (I dare not speak its name) that was (and still is) full of these redirects. Whenever we restructured the site, we had to do redirects for all the old URLs. The Idiot-In-Charge insisted that it was Very Uncool to return 404 for any link that had ever worked, however long ago, and however briefly.

Let's not confuse stupidity with malice.