Thursday, November 16th, 2006
Popup Nightmare 2.0?
Category: Advertising
, Security
Nat Torkington on the O’Reilly Radar recently commented on the rise of “floats” (AKA “divdows”, “Ajax dialogs”).
One of the really big issues facing us, IMHO, is the new Javascript-driven ad technology called “floats”. They’re not separate windows popped up, they’re in-window divs that move up to obscure the web page and force the user to click to dismiss them. They can’t trivially be blocked because they’re generated by Javascript code within the page, and identifying such code is a similar problem to identifying viruses. They ruin the user’s experience by being unavoidable and maximally intrusive.
At the moment they’re rare (e.g., TVNZ and MSN only show them once per user per day) but if we learned anything from 2001 it’s that greed will ruin user experience if it can get an extra buck in ad revenue. We got popup blockers as a result of the 2001 popup orgy. What’s going to save us from the 2007 float invasion?
It’s really not as scary as it sounds, as these new popups can only live inside the tab/window of the app that launched them - sites that run annoying Ajax popups are only doing themselves a disservice, the web equivalent of nagware. Christian Flury has outlined the counter-arguments.
- Javascript pop-up windows left a trace in your working environment: Even after leaving the page that had triggered them, you still had those few additional browser windows open – and those were the days before tabbed-browsing became popular, so it was already difficult enough to stay on top of your zillions of open browser windows
- Psychologically, from a site owner’s perspective, a pop-up window is not as closely associated with your page as an ad that occupies your own real estate, so to speak.
- More importantly, back in the olden days, it was far from obvious, especially to the not so tech-savvy, which page had actually triggered the pop-up window.
That said, there are still security implications - with richer graphics and browser scripting, it’s easier to pretend you’re a native OS dialog box.
I like the detail that the layer ads (that is the term for it for some time though now, isn’t it?) are “JavaScript generated”. How would you create a full popup window without JavaScript (target=”_blank” doesn’t count as you want to open a popup and load the other page)?
It is the same annoyance, and quite a natural progression. As most browsers offer popup blockers by default now advertisers find another way.
NoScript and Adblock Firefox extensions are both very capable of dealing with these annoyances. They can also get rid of those annoying mouseover keyword ads sprinkled in content.
The public at large though, will probably just suffer through it, unless a savvy Firefox user helps them out.
I did one for jQuery the other day (native XP aqua look). It is almost finished (only needs the iframe hack for msie) but this is a good example with this article. P.s. the code will be in jQuery SVN soon.
http://gilles.jquery.com/window/
The problem here is that popup blockers will have to use broader rules to get rid of these, and some users will just decide it all isn’t worth it and turn Javascript off altogether.
I’m worried that these new spawns of bad advertising will prompt more and more users into something that is already dreaded by most reading this site: “The javascript-disabled browser”. Don’t deny it, even if you’re building accessibility and scalability we’re all secretly wishing for the day when Javascript covers 100% of the user base.
An alternative that used to work was using platypus to create greasemonkey scripts to get rid of these in individual sites. Now advertisers have caught on this and randomize element names and functions so it’s harder to catch.
Don’t get me wrong, i don’t use it for advertising nor do i encourage the use of these kind of popups. I merely use mine in a controlled environment where i am sure the user has javascript turned on (cms/intranet applications). This improves usability without having to worry about popup blockers.
Gilles, I think you should worry about disguising your ajax dialogs as standard winxp windows.
Last night my father rushed me to his room declaring “look at this, a message box popped up saying I’m their millionth user and I’m getting rich!”.
This sort of advertisement, tricking customers into thinking it’s not one, should be regarded false in every media. Just like the little “sponsored ad” comment in newspapers.
It is simple to create a layer ad that works if javascript is disabled:
[style]
#ad
{
display:block;
position:absolute;
top:20px; left:300px;
width:200px; height:200px;
border:solid 1px red;
background-color:blue;
color:white;
}
#ad:visited { display:none; }
[/style]
[a href="randomlink.html" id="ad" target="closead"]
Vlaqra
[form action="buy.html" method="get"][input type="submit" value="buy" /][/form]
[iframe name="closead" src="about:blank"][/iframe]
[/a]
Took 2 minutes to invent/build/test.
Now you need to turn off CSS to avoid floating ads.
I have to agree with Lon, the detail that these layer ads are normally generated by JavaScript is not really important, if anything it helps to block them because often those scripts are loaded from known adertisement URLs.
The web will always have some sort of annoying pop-up or ad; it’s what drives the whole thing. Blocking third-party JS might also help.
I highly recommend using the combination of DNSKong and eDexter. The former is a lightweight DNS proxy which resolves ad-serving domains (with user-editable filters, wildcards and so on) to 127.0.0.1, the latter is a very small web server which pumps out transparent 1×1-pixel GIFs. So eg., servedby.advertising.com resolves to 127.0.0.1 and requests go there rather than the actual host, custom JS and GIFs can be returned to prevent render errors etc.
Not only do I feel like I browse faster, it’s much more free of ads and cookies. ;)
http://www.pyrenean.com/
I know - instead of trying to block them, avoid websites that use them. It’s a well proven strategy. Eventually advertisers will have no one to bother. If that doesn’t work out, I’m sure you can find your Hilary Duff images on a different non-spamming website. Cause we know what you’re doing …
These floating ads use the exact same techniques as all of the the new ‘Web 2.0′ AJAX enabled sites. Block the ads and block the added functionality. Let’s hope all of the cutting edge sites employed progressive enhancement in their design.
yeah.ajax dialogs as standard winxp windows is a important point.
I think the standard nomenclature for this type of interaction is a modal window.
The term floats is a little confusing, especially when dealing with CSS because of the float property.
I think blogs are the new business cards as well.
Mark
Blogs are the new business cards? Interesting aspect, but that’s a saubject we could talk very long about and I believe there won’t be a conclusion!
I want popup comment/suggestion form in my home page which passes through popup blocker. Looking for the resource to implement that. Hope will find soon.
I think you should worry about disguising your ajax dialogs as standard winxp windows.
Yeah, I really hate pop-up.
these are really annoying. we never use any popups on our sites.
is right?
If I have to use this kind of ads i prefer pop-under.
Thanks.Good article
Popups do indeed suck. Armenian Genocide