Google Plans To Alter JavaScript Popups After Abuse From Tech Support Scammers

An anonymous reader writes: Chromium engineers are discussing plans to change how JavaScript popups work inside Chrome and other similar browsers. In a proposal published on the Google Developers portal, the Chromium team acknowledged that JavaScript popups are consistently used to harm users.

To combat this threat, Google engineers say they plan to make JavaScript modals, like the alert(), confirm(), and dialog() methods, only work on a per-tab basis, and not per-window. This change means that popups won't block users from switching and closing the tab, putting an end to any overly-aggresive tactics on the part of the website's owner(s).

There is no timeline on Google's decision to move JavaScript popups to a per-tab model, but Chromium engineers have been debating this issue since July 2016 as part of Project OldSpice. A similar change was made to Safari 9.1, released this week. Apple's decision came after crooks used a bug in Safari to block users on malicious pages using popups. Crooks then tried to extort payment, posing as ransomware.

Oh well

Took you fucking long enough!

It's taken... how many decades?

[squiggleslash]

Seriously, this has been a problem since Netscape first implemented alert(). Why has it taken this long for someone to fix it?

Re:It's taken... how many decades?

But Firefox fixed this years ago. All of the alerts are bound to the tab and not the window.

Re:It's taken... how many decades?

Firefox fixed this in early 2011. It's Chrome that's lagging behind in this case.