Does this mean websites can now hijack android’s OS-level back button? In addition to hijacking the browser level one?
I hate when I hit back, but instantly redirect to the same page. This is so frustrating when it happens. And it happens even on major sites. (Microsoft’s official community “answers” forums have given me this issue lately. Fills up search results and then traps you there)
Briefly, the user may need to press back a couple times in order to escape, but the maximum number of presses needed is bounded and is dependent on how much the user interacts with the page. Of note, closing the tab bypasses this API entirely, at least according to that page.
Usually my back button on my phone already just does the browser back functionality when the browser is open, which does mean it gets hijacked. Sometimes if I mash the back button enough I'll manage to sneak a trigger throughout whatever dumb thing the site implemented to try to stop me though, so I'm loath to give them any other tools to try to detect this.
(I don't know if it is OS-level.) If you have the GitHub Android app installed, GitHub links open in the app. In the app, swiping right (back) takes you to the app's home screen and not to where you clicked the link (e.g., the HN app). The same isn't true for many other apps.
Also, GitHub team, could you make your app better? It has so many little annoyances.
I'm seeing this a lot with news sites, they'll redirect your back press to a page screen with bunch of click bait headline/images. Some of them are pretty disturbing at first glance, seems like they're trying to get shocking images in front of you to keep you engaged. I think they're trying to fight against news aggregators but it's such a shitty idea.
The funny/sad thing is the folks adding this functionality are probably reading my comment. You should be ashamed of yourselves.
A more evil version of this is detecting which news aggregator sent you there, then making that clickbait page look like the source aggregator. I've seen this with the news feed from Chrome on Android, clicking on a store then going back I thought I was back on the news feed but the stories just didn't look right.
This could totally be used for phishing, right? Open a link in gmail -> go to nasty site -> press back and see google login page that's actually still the nasty site. Browsers should prevent cross origin sites from seeing where the visitor came from (i.e. clear referrer).
Also, why doesn't the back button disable any automatic (non-user initiated) redirects on pages loaded that way? Seems like an obvious fix to the history loops we keep seeing.
Websites have a lot of control over referrer headers these days.
Often, news aggregators add to urls so the site knows where it came from, or it’s using a feed that already has that.
Now, that said, in an email, you can send links that encode that it’s coming from email, but you would get caught by the non-gmail using people suddenly seeing fake gmail.
I am starting to make a collection of such sites. Wonder if UBlock Origin would be interested in adding them to a new or existing "annoyances" filter list?
I noticed this, as well. AI-generated code? (It's hard to imagine a human setting up that code and forgetting about the very thing they are attempting to demonstrate.)
Couldn't they add an HTML attribute onCloseRequest?
Slightly related, I wish there was an attribute "onClickOutside" so we could close modals and dropdown menus without manually adding an event listener on the window and checking if the click wasn't inside the element.
If you use popover="", you get the kind of functionality you're discussing for free. For <dialog>, the discussion is in progress and reaching a conclusion: https://github.com/whatwg/html/issues/9373
I don’t think I ever like accordions where you can only have one item open at a time. So often I just want to open them all, and probably wish you hadn’t collapsed them in the first place. Well, at least if people start doing it this way I can make a simple user script to just remove name attributes from <details> elements.
Can't speak for OP, but Google pushes through too many "standards" that are just "Do what Chrome already pushed to prod, or else users will think your browser is broken". Could be the same thing here
I hate when I hit back, but instantly redirect to the same page. This is so frustrating when it happens. And it happens even on major sites. (Microsoft’s official community “answers” forums have given me this issue lately. Fills up search results and then traps you there)