Mozilla Working On In-Page Popup Blocker For Firefox

Firefox is working on a blocker for annoying in-page alerts that often ask you to input your email address to receive a newsletter from the site. "The feature is still in the planning stages, but Mozilla is asking users for any examples of sites with annoying pop-ups," reports Android Police. "Mozilla wants to make Firefox automatically detect and dismiss the popups." From the report: If you know of sites that use in-page popups (whether it be newsletter signups, surveys, or something else), you can fill out the survey here. There are also Firefox and Chrome extensions that make the process easier. I'll be interested to see how Mozilla pulls this off, it will no doubt be difficult to detect the difference between helpful and not-helpful popups.

Adblock

[110010001000]

I love the "whitelist us" adblock popups. As if I am going to whitelist any site so they can show me ads that can contain god knows what malware.

Re:Adblock

I've installed "Quick Javascript Switcher" so I can easily disable that kind of crap on a site by site basis. It reloads the page with JS off. Seems less extreme than NoScript. It's also good for killing auto-play videos that aren't ads or weren't caught by adblock.

I'll never, ever white list a site from adblock. I'll only squash them harder when they squirm, until it becomes necessary to simply walk away.

Re:Adblock

My criteria for whitelisting ads in the 90s
- Don't be distracting

My criteria now
- You cover any data bills incurred by downloading your ads. With interest.
- Static image. Jpg or PNG, no larger than 45,000 pixels total.
- A one-click function that brings up the ad network, the provider, and whoever paid for the ad. Names, home addresses, and phone numbers.
- National vetting and region locking for all ads. so that I can sue for bad ads under the laws of my country.
- The status bar shows where it goes to on mouseover. I want an ad for insurance to go to example.com/insurance, not shittyadnetwork.ru/shdfsdkhivuhirvh937yv973hrv8o73ghrv24v279vh72h4vo7892hfh2ifh29p4fyh.exe
- A court case over malicious ads ends with fines and jail time.

Re:Adblock

Thank you for telling me about "Quick Javascript Switcher" I dont use Chrome, but firefox, so I chose "JavaScript Switcher " addon instead.
But its the same. Thank you. I hate that pages asks me to give out my emailadress so they can spam me.
I would rather give out my password and creditcardinfo before I give them my email.

Re:Adblock

Just use uMatrix. It's the best web site resource permissions manager there is.

Re:Adblock

yesscript2 is a good for this as well

Be Brave

[movdqa]

I'd love to get the best of Brave and Firefox. Bring back Eich!

Helpful Popups

[mentil]

it will no doubt be difficult to detect the difference between helpful and not-helpful popups

There is No Such Difference! Kill 'em all, let FSM sort 'em out.

Re:Helpful Popups

[Waccoon]

Virtually every image viewer on the web uses an in-page pop-up.

The alternative is to resort to "old fashioned" pop-up tactics, like drawing an element off-screen and moving into place on cue, using z-order tricks, making them 1-pixel wide and widening them, etc. There's no way to distinguish between ads and image viewers.

For now, the only way to detect ads is to weigh the amount of scripting from 3rd-party sources. Whether the element is presented as a pop-up or not is irrelevant.

Re:Helpful Popups

[mentil]

Right now Firefox blocks popup windows with a message that the site wanted to open a popup, with an 'open anyway?' prompt and 'ok' button. The same functionality could be reused for in-page popups, with an option to permanently whitelist the site.

Re:Helpful Popups

So those annoying viewers could be also eliminated, not just email query popups? Great, this is a win-win feature! Before the idiotic javascript image viewers took place, one could eg. zoom on the pictures, go backwards and forwards by history keys and even set bookmarks on them. Luckily at least Wikipedia now allows one to permanently disable the javascript piece of crap for images.

Re:Helpful Popups

What good would it do to kill a popup with another popup? They just need to be silently blocked. Next in line: EU cookie nags and "Allow notifications?" spam.

Re:Helpful Popups

Static html is fine thanks.

Re:Helpful Popups

Virtually every image viewer on the web uses an in-page pop-up.

Image viewer, what is that? Webpages with images do this without any "viewer": a href="image.png"
It works, it shows me whatever images I want to see. No popup involved.

The simple way to ditch popups is to remove their support from source code. No "blocking" needed, but a browser that simply don't support any way of creating a new/overlaying window - other than "right click & select 'open in new tab/window' ". No popup of any kind then.

Whatever tag or js does the popping would simply be seen as an unknown tag or js syntax error - and ignored like misspelt tags or other js syntax errors. And the browser would be a smaller executable without such windowing code.

Re:Helpful Popups

[apoc.famine]

I've been blocking those elements with uBlock for a couple of years now. It takes a couple of filters, to get both the popup, frame, and overlay, but once done for a site it's done.

I don't see them often now, unless I'm wandering far outside my normal haunts.

Re:Helpful Popups

Virtually every image viewer on the web uses an in-page pop-up.

And your point is? Those types of image viewers are obnoxious as fuck. I would welcome their demise.

Add APK Hosts File Integration

Why reinvent the wheel when a superior HOSTS file solution to block virtually all malware, ads, and other spyware is already available?

I hope we can see at least an optional

      [x] Install APK Hosts File Engine

option in future versions. That would truly be "by far the biggest update since Firefox 1.0" alluded to earlier today.

Take back the web with APK!

Re:Add APK Hosts File Integration

[AHuxley]

How about some GUI for that?
Mac, Windows, Linux.
Click on the malware pushing ad and get the nice GUI to ban that from the computer.
As an app that would be worth something as a lifetime licence per computer, mobile.

Re: Add APK Hosts File Integration

The hosts file mechanism needs dns wildcard matching to take out entire domains or domain patterns in one line. Only thing I found so far is this python script: https://github.com/dzzie/dnsblock

Re: Add APK Hosts File Integration

[ruir]

Local BIND name server with RPZ works particularly well for wildcarding.

notifications

Already can be done with about:config. Works about 95% of the time.

Tracking blocking

[tepples]

Sometimes I submit a support request that a website mistakenly detected the tracking protection built into Firefox as an ad blocker. I tell them that I see ads hosted by the publisher,* such as those on Daring Fireball and those on Read the Docs, and sometimes I click ads hosted by the publisher. But I don't blindly accept scripts that allow third parties to insert arbitrary proprietary scripts that track my "click-stream" from one website to another in order to build an interest profile and try to sell me things I just bought. If a site's ad script requires such tracking in order to run, the site needs to fall back to publisher-hosted ads. Even if publisher-hosted ads have a lower CPM than interest-based ads based on tracking, it's still more than the zero that a site gets if I leave after hitting its adblock wall.

* In the web advertising market, a "publisher" is the operator of a website on which advertisements appear.

Re:Tracking blocking

Being a decent person, you don't mind ads. You mind the evil: dangerous scripts that spy on you and deliver malware.

But that evil, that's exactly what the industry wants to push on you. It is as valuable to them as the ads themselves. So, they don't really care how willing you are to be reasonable on the visible-ads front. They want it all, and they are going to continue to push on this front until they are forced to stop.

My ad blocker stays on, all the time.

Re:Tracking blocking

i mind the 5-10 megabytes of scripts loaded from a dozen different domains and autoplaying media that bogs down the browser for zero benefit to me.

noscript and an adblocker is what makes the web usable.

Re:Tracking blocking

Being a decent person, you don't mind ads.

Of course I mind ads. Ads are, in many and perhaps the majority of cases, an attempt at taking your money by manipulating you into making a purchase (or, god forbid, signing up for a subscription) that you otherwise would not.

It sometimes happens that I see something that makes me go like, yeah, I want to visit that restaurant, I want to buy that gizmo, I want to watch that movie, thanks for telling/reminding me that it exists. But most of the time, it's just something that captures my attention, wastes my time, and, at worst, steals my money and gives me a useless piece of junk that I never actually wanted.

Fuck ads and I really don't care about them paying for some shitty blog site.

Fantastic idea

All the fucks YES!!!

When the publisher serves the crap

[tepples]

You're not APK; I can tell because your writing style doesn't match. But I'll quickly answer why his DNS blocklist solution (whether installed locally or through Pi-hole) isn't quite a complete solution by itself:

Sometimes the publisher itself serves this crap.

A DNS blocklist works when a third-party script displays the popup. But if the same site (e.g. files.slashdot.org serves both things essential to the website's operation (such as style sheets and images) and the popup script, trying to block it will either throw out the baby with the bathwater or send you back to the Netscape 1 web.

Furthermore, the syntax of his preferred blocklist format requires listing each individual hostname to block, not all names in a domain. if the third-party script comes from a random subdomain with a dozen or more hex digits that gets resolved by a wildcard in the DNS zone, this sort of blocklist can't handle all possibilities. The Sandstorm application suite already uses random subdomains for session separation.

anti popup blockers

the problem is once firefox gets it going the publishers will pay another programmer to add firefox popup blocker to their anti popup blocker blocker and you won't be able to read the page unless you turn the firefox in-page blocker off.
this is an escalating war. I'm currently using the anti anti popup blocker FuckFUck anti blocker and even in experiment mode the sites are able to stop me from reading the page, even in a private mode.

Re:anti popup blockers

[theweatherelectric]

are able to stop me from reading the page

You can often just switch to reader view to read the page by clicking the document icon in Firefox's location bar. Firefox doesn't detect a possible reader view for all pages though.

Re:anti popup blockers

ok thanks.

Re:anti popup blockers

The whole point is to not see the popups (or ads). If a site tries to fight over that, I skip to another site. That way, I still don't see their popups/ads. They also loose the whole war, because people leave. Sure, they can prevent people from seeing their site without their beloved popups - but it will be because the site won't be seen at all.

There may once have been something interesting on that site, but you'll get over it soon enough. Don't give in to 'anti popup blockers', just consider the site useless and don't go there. For every topic, there are a hundred other sites - many without 'anti popup blockers'.

Young people are even leaving facebook over 'too much crap/ads'. Of course, they are new people who never got used to always using facebook, so it cost them nothing. You can no longer depend on reaching all (except a few nerds) via facebook. Destroyed by ads . .

Bad idea

As a web developer, I can assure you the the small business site owner is doing the popup for a reason. It all comes down to point of view. Your "marketing bullshit" is his "keep the company alive till next quarter "

Re: Bad idea

As a small business owner, that's bullshit. If a customer doesn't like or trust you, they're not going to give you money. Especially, not if it requires a credit card.

If you can't compel the prospect without the annoying scripts. You don't deserve to be in business. Confer up with a better pitch, better product and better ads.

Re: Bad idea

If you are pinning the future of your business on the implementation of a jQuery animation then the shit you're in may be deeper than you imagine.

Re: Bad idea

He is talking about the small businesses that really don't sell anything and doesn't really do anything that people would voluntarily pay for, so instead, they get their revenue from ad clicks.

Most of them don't really deserve to be in business either, so you both have good points.

Position Absolute

[technosaurus]

How about an option to:
* disable display of anything with absolute positioning
* disable remapping of keys
* disable remapping of mouse buttons
* disable redirection (optionally with confirmation)
* start pages with javascript disabled with an easy access button to refresh with scripting enabled
* have a fast/secure mode where all of the above (and more?) are disabled and after a page is fully loaded, a menu with all these worst practices violations would allow you to enable them individually either per session or always

Re:Position Absolute

[ruir]

add disabling of videos and anti-cut and paste measures, and I will buy whatever you are selling.

Re:Position Absolute

[tlhIngan]

add disabling of videos and anti-cut and paste measures, and I will buy whatever you are selling.

Well, in Firefox there is an about:config option to ignore AutoPlay settings so videos do not play by default.

Also, Firefox does allow shift-right-click which bypasses any javascript disabling of right-click menus so you can copy/paste (and do anything else).

This is one of the key reasons why HTML5 is better than Flash - because a browser is free to disable those features that are annoying. You can't disable autoplay in flash videos other than by blocking, but no one said a browser is obligated to obey the autoplay parameter in a tag. And a browser can ignore fake "clicks" to a play button caused by javascript - it can decide it would only play a video if the browser received a genuine user click.

Same goes for every other thing you can do in javascript. Firefox lets you force the right-click menu to always display by shift-right-click (works on modern Windows too to get back the system menu with the Move/Minimize/Maximize options if you right-click an app on the task bar - the quickest way to bring a window to the current monitor is shift-right click the app, select Move, hit an arrow key and then jiggle the mouse. The arrow key begins the window move operation, the jiggling the mouse brings the window under the mouse cursor).

Re:Position Absolute

[ruir]

I indeed enjoy how much you can mess up with the setting in Firefox and have indeed disabled autoplaying and image animations, not so in love with it being largely bloated nowadays.

PAC files SORT of used to in old browsers... apk

... BUT, do "ad machines" (FF/Chrome) allow for PACs still? Original Opera does (not sure on FF/IE) but pacs can be abused https://labs.bitdefender.com/2016/05/inside-the-million-machine-clickfraud-botnet/ - & aren't "auto-click" ez (I've made hosts as EASY AS POSSIBLE & GUI - Windows ONLY APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

PAC doesn't do avoiding DNS security issues as hosts hardcoded fav. sites do OR to resolve faster LOCALLY minus remote DNS security risks either (OR locally installed DNS added weight (much more than hosts + more complexity for exploit/breakdown).

APK

P.S.=> Could I port to Linux &/or MacOS X + iOS/Droid too? Compiler version I have (Delphi XE4) does all BUT Linux (New Delphi XE 10++ does Linux though)... apk

Thanks but here's what's-what for me now

Whipslash/Logan Abbott the owner (DUBAI controlled) filters vs. my posts & his trolls/sockpuppets take nigh-constant 'potshots' @ me but don't technically get the best of me (ever)!

What's the point of me taking discriminative abuse when I've created what many here like & use, doing the RIGHT THING (which is more than my 'naysayers/stalkers/detractors' WANNABE talkers do)? None. I don't merit it.

I've gone onto other forums - why? Imo (& that of others)? /.'s gone to hell w/ all the BS SJW topics

APK

P.S.=> I stuck it out this year, just on principal, to toss it in Logan Abbott/Whipslash's face he CANNOT stop me posting (He shot his mouth off he would & can't! I know why he does - hosts affect his "GOD" $ in ad banners like every webmaster - it's SO transparently obvious - I don't see him do it to inferior OpenSORES AdBlock/UBlock/Ghostery (that don't do a FRACTION of what hosts do + use more)... apk

for mobile

....for mobile. The desktop version has had a popup blocker for ages.

You're the product

This seems to me like fixing the symptoms. Everyone talks about how to block, disable, hinder ads. But the adds pay the bill! What if - in a parallel universe - we (the users) just paid the website directly? Then I am sure they would just respect a series of settings, like "please don't pop stuff up". What Mozilla (and all other browser vendors aside fro Google) should be investigating is how to extend the HTTP protocol with Micro-payments capabilities. And then build it into the browser, for an add/popup/tracking/crypto-mining free experience.

Re:You're the product

Naive.

You see, the problem is not that websites wouldn't like the visitors to pay them directly, that's already a thing. It's called "a paywall". That notwithstanding, this approach has several problems.

Number one is that abusing your visitors computers for your own financial gain probably not only would piss your visitors off, but be outright illegal. Bad move.

Number two is that people generally won't put up with it, especially if your site doesn't produce anything worthwhile compared to what's freely available.

Number three would be that even if all the above would work out, there is nothing to stop site owners from serving ads on top of it anyway, and believe me they will, because it's free money to them.

Introduction executable code on the Internet was the biggest mistake ever. You can't trust the clients but, which is the basic flaw of the current web, you sure as hell can't trust the server side either.

Re:You're the product

This seems to me like fixing the symptoms. Everyone talks about how to block, disable, hinder ads. But the adds pay the bill!

Nope. The ads pay no bill for me - which is why I have no interest in seeing them.

Oh, you meant for the site operator? Well, their revenue is their problem, not mine. and no, I don't care if quite a few websites go bankrupt! There are more than I need anyway.

When I feel like 'buying', I surf to some webshop. There, I don't mind reading about 'products', and I eventually 'pay' when I actually order something. So, webshops are possible even no ad revenue at all. And how did I find the shop without ads to guide me? I searched for the product I wanted on google, and got there from a search result or a review site. Not from a random ad where I read daily news.

If I am the product, I am not a profitable one. Don't want to be!

Excellent!

[bazorg]

A while back I started to get pop ups of this type that clearly identify when I'm about to close the tab (they probably check the mouse movement).
I imagine it's highly effective in getting attention, but once again (for the millionth time), being inconvenient is not an acceptable way to get attention. Being user-unfriendly like that only leads to continuing an arms race, and I'm happy to see Mozilla working on this sort of thing once again.

Those idiotic players on news sites

[hawk]

I've been using adblock for ages, but it's modern incarnations mostly lack the ability to list lockable elements.

With that, I am completely unable to block those stupid little players on news sites, such as foxiness, that pop up partway down, and stick around, partly obscuring the test.

The chances of my walking a video on a news site are about the same as being struck by lightning. Safari is fully successful in blocking them from playing but I want them *gone*.

While I'm at it, the other lost art is the blocking of page reload javascript--I really don't need pages reloaded every five minutes or even every minutes. I *know* how to reload a page to see if it's changed.

hawk

Tepples, time to shoot you down (again)

Sites/publishers have liability. 3rd parties don't & abuse 'em in openbid ads malware/trackers! DNS wildcards create false positives

Hosts specifics don't + DNS's LOADED w/ security issues https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/

DNSMasq = PiHole = security issues https://www.bleepingcomputer.com/news/security/security-bugs-in-dnsmasq-affect-computers-smartphones-routers-iot-devices/ - patched yet?

APK

P.S.=> APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ works + doesn't F-up researchers monitoring botnets via DNS or RIPE sinkholing.

Hosts do more for less natively MINUS illogically bolting on security issues or crippled limitations (adblockers/dns/antivirus) w/ EZ SYNTAX vs. DNS rules or adblocker regex

Retard APK loses again

Retard Alexander Peter Kowalski still can't defend his work

The article he links to mentions that the issue was patched the day before the article was published so like so often his links don't prove what he is trying to say but instead prove the opposite and shows the world that he is a retard.

He also makes more claims that he will fail to back up because he thinks you win arguments by making a bigger pile of bullshit

No wonder he worships Trump and Alex Jones.

Up next APK will claim I made him look good by pointing out that he is a retard.

Retard APK whining like a little bitch

Now retard Alexander Peter Kowalski whines like the little bitch he is

He has never gotten the better of anyone, but just lies to himself that he does

He links to bullshit all the time that says the opposite of what he is claiming

He links to other bullshitters

He misquotes and takes things out of context

He makes wild claims

Basic logic and reasoning escape him

APK is a legend in his own retarded mind, everywhere else his stupidity is legendary

If you really want to wind him up start pointing out how poorly designed his software is, there are plenty of places where he spouts off about all the useless things he put into his file aggregator or how it is the pinnacle of software development.

I'm sure I will be called a soros pawn now by him, maybe also a follower of the zuck too, if I am really lucky maybe even a killary shill.