Slashdot Mirror

← Back to Stories (view on slashdot.org)

Web Site "Lock-In"

Posted by ryuzaki0 on from the pet-peeves dept.

Danborg writes "There's a great article over at ZDNet about annoying web sites that lock surfers inside a web site once they arrive. This practice, started by porno site operators, appears to have gone mainstream. Formerly respectable corporate sites like Home Depot now lock you in, disabling the use of the "Back" button. Fortunately, Top9.Com has generated a list of the offending sites. Is it a legitimate marketing technique? Or a highly annoying example of poor web site design?" I run into this dozens of times a day while reading story submissions. It never ceases to amaze me (but then again, old versions of Slashdot did the same thing, so who am I to judge?)

18 of 296 comments (clear)

  1. Javascript by Eponymous,+Showered · · Score: 4

    Since all this whack-a-mole stuff is javascript-based, it would cool to have a feature to disable javascript by URL/domain. In fact didn't I hear that Mozilla may have that feature?

    1. Re:Javascript by DHartung · · Score: 5


      In fact, Microsoft offers a freebie add-on called IE5 PowerTweaks. Among other things, the handful of tools includes menu items (on the Tools menu) called "Add to Restricted Zone" and "Add to Trusted Zone". This lets you manage your cookie-and-javascript-enabled sites without messing around in the "Security" dialog box for five minutes.
      ----

      --
      lake effect weblog
      {Network engineer in Chicago--looking for work!}
  2. "Reboot the browser"? by NME · · Score: 5

    Don't forget to powercycle the mail client.

    -nme!

  3. Where's the porn button?! by TheDullBlade · · Score: 5

    I remember hearing some (MS I think) browser developer saying how they wanted to make a main-bar button that would toggle javascript, so you can stop a flood of popups fairly easily.

    It got dubbed the "porn button" and was, unfortunately, never included.

    --
    /.
  4. Redirecting forms by 11223 · · Score: 5
    Part of the problem is web-sites that use a 0-second refresh. For instance, go to this microsoft site and then try to hit the back button - it won't let you out! So Microsoft.com should also be on that list.

    The reason? People are too lazy to return a 302 Moved (like Google does for the I'm Feeling Lucky button) and instead use a meta refresh. Well, it's wrong!

    Browser writers (and Mozilla team): Could you let the back button disable the meta-refresh if you accidentaly back onto a meta-refresh page?

  5. Use window.location.replace('newlocal.html'); by cvd6262 · · Score: 5
    What urks me is that there are a lot of newer web designers who don't know how to correctly use javascript to forward the user to a new location. If they just say: window.location = 'newpage.html'; then when the user hits 'back' it will rerun the script and transfer them again.

    The correct way is: window.location.replace('newpage.html');. This replace the old page with the new in the browsers history.

    --

    I'd rather have someone respond than be modded up.

  6. Joke time.. by Bowie+J.+Poag · · Score: 5


    Ever been inside a Home Depot? Its pretty much the same story.. You cant find your way out there either. :)



    Bowie J. Poag

    --
    Bowie J. Poag

    1. Re:Joke time.. by drix · · Score: 4

      Seriously! It's the closest thing to a casino I know of - no doors or easily accessible exits, no clocks or windows to tell time, open 24 hours a day to entice you.

      --

      --

      I think there is a world market for maybe five personal web logs.
  7. Totally different issues... by artdodge · · Score: 5
    This practice, started by porno site operators
    Ballocks. The problem here isn't web sites trying to "lock you in" - it's crappy web designers showing poor engineering skills and lack of knowledge of their tools. Specifically, lots of these sites (homedepot is a prime example) use the nefarious META http-equiv="refresh" kludge instead of sending proper 302/303/etc redirection responses. They're using an HTML-level mechanism to perform an HTTP-level function. Nothing more, nothing less.

    If they wanted to lock you in, I would wager they could actually disable the Back button with JavaScript (I think some on-line banks do this so they can keep you from going "back" to a page providing info that you just invalidated by performing some transaction).

    I hate META http-equiv.

  8. A Mozilla solution? by ajs · · Score: 5

    Perhaps the right solution is to have Mozilla not fall for it. For example, one way that I know of that people do this is to have /index.html be a blank page with a META REFRESH or REDIRECT tag pointing to the real homepage. Why not have Mozilla detect the combination of "back" and META REFRESH or REDIRECT and simply not obey the tag?

    The other solution would be to take pages out of the history list when they contain a META REDIRECT REFRESH. That would also cause the back button to work as expected, perhap arguably more like expected.

    Do either of these solutions break any reasonable practices?

  9. Re:Lazy developers and dumb HTTP by artdodge · · Score: 4
    they have to work around the miserable way that HTTP handles state.
    Not the problem at all. You can handle state in at least two ways in HTTP (there are others, but some of them are patented :-P), neither of which necessitate the shoddy practices seen on theses sites.
    • Cookies (example: yahoo)
    • Use proper redirection (302 Found or similar) to a URL embedding a session ID (example: amazon) instead of the claptrap HTTP-equiv refresh crap these sites use.
    What kind of statefulness do you have in mind that Cookies don't deliver? (BTW: you might want to look at the most recent IETF drafts; Set-Cookie2 et al are much more mature than Netscape's hack.)
  10. The real-world equivalent by jayhawk88 · · Score: 5

    Me: Hello, I'm looking for RedHat Linux for Commodore64, do you have that in stock?
    Salesperson: No, but we do have the all-new WindowsYou 2000 v5.0 for Watches! Why don't you let me show that to you?
    Me: Umm, no thanks, I think I'll just go look elsewhere.....Umm, excuse me again...
    Salesperson: Yes? What is it?
    Me: Umm, this door appears to be locked.
    Salesperson: Oh, is that so? How odd. Perhaps you'd like to check out the latest release MacOS AquaTealMarine for CoffeePots, now with even more backgrounds!
    Me: No, I'd like to leave the store. This door that I justed entered through is now locked.
    Salesperson: Well, if you feel you really have to leave, you can climb that ladder into the rafters, walk across that I-beam to the far side of the store, and shimmy down the drainage pipe. But then you'd be missing our sale on OS/4 Impulse for Dishwashers...

    I think it's clear that trapping sites are my biggest internet pet-peeve today. This is another reason why all marketing people should never be exposed to any new technology. Ever.

  11. Home Depot's Offical Response by geek2b · · Score: 5

    Thank you for contacting homedepot.com! Our Internet team recently received a copy of the e-mail you submitted through our Web site. We would like to thank you for contacting us at homedepot.com and sincerely apologize for any inconvenience you may have experienced while using our Web site. Rest assured, we do not want to limit your access to the Internet from our site. Because the actual Web address for our home page is quite long and complicated (you can see it in the address field of your browser once you are on the page), we have simplified our Web address to www.homedepot.com to make it easier for our customers to remember and access. When you enter our address in your browser, we convert the simple Web address to the real Web page address. For that reason, the "back" button may not work in some browsers. Our technical experts are working to find a way to eliminate this process.

    1. Re:Home Depot's Offical Response by MrJay · · Score: 4

      Well, hitting the URL http://www.homedepot.com/ redirects you to the page index1.html. This page uses Javascript (uggh) to determine whether the user (ironically) has Javascript enabled in their browser:

      //Proceed only if the browser supports JavaScript.
      ..

      if ( browserSupp )
      window.location = "/" + siteName + "/HDUS/EN_US/pg_start.jsp";
      else
      window.location = "noscript.html";

      In pg_start.jsp, I can only speculate that a new session is created (the next URL has a session ID field) and various startup routines are executed.

      When you arrive at the homepage, the URL contains something similar to this:

      pg_diy.jsp?BV_SessionID=@@@@1850957283.0963009276@ @@@&BV_EngineID=cal ieli dldjbemfcfkmcficgkj.0">

      Given this information, I can make the following statements:

      • They are using Broadvision. Anyone who's used this horrible piece of proprietery crap knows how uncomfortable and cumbersome it is to work with.
      • They are heavy on the Javascript. IIRC, Broadvision sends various Javascript functions to accomplish mostly what can be done without Javascript. An expert web designer can build a complex site without a heavy and almost necessary reliance on Javascript.
      • HTTP and HTML should both be extinct. Perhaps this is why Home Depot opted for the expensive Broadvision. I bet they also paid through the nose for a BV tech to be on site. Yipee!!

      In all seriousness, this sort of thing can be avoided with a proper design. And the sheer difficulty of the whole process is nil.

  12. What is the big deal?! by yomahz · · Score: 4
    I went to the sites on the list that there was "no way" to get back to the previous site and I had almost no problem getting back in either Netscape or IE.

    Both browsers have an option in the back button to skip several pages back.

    - In IE, it's the little down arrow next to the button.

    - In Netscape, you just hold down the button for a few seconds.

    Is it annoying, YES but is it really that big of a deal?
    --

    A mind is a terrible thing to taste.

    --
    "A mind is a terrible thing to taste."
  13. Unlawful Business Practice by __aapbgd5977 · · Score: 5
    As of July 18, this is an unlawful business practice, according to Arizona Statute 13-2316. The newly enacted statute, available online as House Bill 2428 is quoted in relevant part below (new language in ALLCAPS).

    (Note: The summaries say that this is a "Class 6 Felony". This is incorrect.)

    13-2316. Computer tampering; venue; forfeiture; classification

    A. A person WHO ACTS WITHOUT AUTHORITY OR WHO EXCEEDS AUTHORIZATION OF USE commits computer TAMPERING BY:

    ...

    6. PREVENTING A COMPUTER USER FROM EXITING A SITE, COMPUTER SYSTEM OR NETWORK-CONNECTED LOCATION IN ORDER TO COMPEL THE USER'S COMPUTER TO CONTINUE COMMUNICATING WITH, CONNECTING TO OR DISPLAYING THE CONTENT OF THE SERVICE, SITE OR SYSTEM.

    ...

    D. A VIOLATION OF SUBSECTION A, PARAGRAPH 6 OF THIS SECTION CONSTITUTES AN UNLAWFUL PRACTICE UNDER SECTION 44-1522 AND IS IN ADDITION TO ALL OTHER CAUSES OF ACTION, REMEDIES AND PENALTIES THAT ARE AVAILABLE TO THIS STATE. THE ATTORNEY GENERAL MAY INVESTIGATE AND TAKE APPROPRIATE ACTION PURSUANT TO TITLE 44, CHAPTER 10, ARTICLE 7.

    Section 44-1522 is currently in effect, and reads in relevant part:

    44-1522. Unlawful practices; intended interpretation of provisions

    A. The act, use, or employment by any person of any deception, deceptive act or practice, fraud, false pretense, false promise, misrepresentation, or concealment, suppression or omission of any material fact with intent that others rely upon such concealment, suppression or omission, in connection with the sale or advertisement of any merchandise whether or not any person has in fact been misled, deceived, or damaged thereby, is declared to be an unlawful practice.

    Yes, I work for the Arizona Attorney General, but I am not a spokesman for them. I am a lawyer, but this is not legal advice. Please consult your own attorney before taking any actions based upon information in this posting.
    ==
    "This is the nineties. You don't just go around punching people. You have to say something cool first."

    1. Re:Unlawful Business Practice by josepha48 · · Score: 4
      I don't really think that this law applies here. I'm no lawyer, but here is why: you can still access other sites through your book marks so you are not really 'locked in'. They do not control your browser completely so you can still exit by typing in a URL in the location bar. Since both Netscape and IE browsers support searching through the location bar you can always exit one of these site.

      While I do agree that this is bad practice on the site developers side, I do not think that it is against the law. Also how are you going to sue someone or take legal action if they are not in Arazona, or even the US? I imagine that since these sites have basically ben blacklisted on slashdot it is only a matter of time before most of them stop that practice anyway. I know that it is a cheezy way to keep visitors. Obviously if a site needs to do something like this then they have no content that will make people want to return.

      send flames > /dev/null

      --

      Only 'flamers' flame!

  14. Re:Damn these sites (or, my mouse has spoiled me) by GigaGoogle · · Score: 4
    I cross-referenced your post. Hope this helps!
    I've got one of those Intellimouse Explorers (the huge silver ones with the superfluous tail light and like three extra buttons; well, what the hell, here's a http://www.microsoft.com/Mouse/explorer.htm link) and sites that won't let you back out are an incredible annoyance. See, two of the buttons on there serve as Forward/Back (respectively) while browsing the web, and after about 20 minutes of using them, I was hooked. You wouldn't believe how simple (and remarkably intuitive) to navigate with your thumb. Now if I could just find a good use for those buttons in Half-Life... I mean, sure, it's easy enough to hold down the back button and select the page before the offending site, but that would require moving my cursor over six or so linear inches of desktop space. Isn't that just a little bit unreasonable? No? Ah well.