conclusive way to block "onunload" spam ("are you sure you want to navigate away?")

6

2

i'm looking for a conclusive, 100%-effective way to block this latest hideous trend of marketers and scammers alike. you'll be familiar with it yourself - it's a very easy way to tell whether or not to trust a website if it flags up a warning like this when you try and navigate away:

"are you sure?" spam

i'm aware some sites use this benevolently - even superuser does it when attempting to close the browser - but i hate it. if i close a tab it's because i want it closed. i do NOT appreciate my browser second-guessing my choices. if there is a way to kill this, i expect it to kill superuser's implementation of it as well.

there are more than a few userscripts that aim to kill this, and i'll post them here. all of them refuse to work with a certain link, which i'll also post, which renders them moot immediately.

https://chrome.google.com/webstore/detail/let-me-out/hnfdibcbmlppjlkefinedeffoiomlecc/reviews?utm_campaign=en&utm_source=en-et-na-us-home&utm_medium=et

https://userscripts.org/scripts/show/98260

https://userscripts.org/scripts/show/187713

here's the site that somehow manages to overcome any protection against it:

http://as.sexad.net/as/pu?p=adc

(PLEASE NOTE: this is a dangerous site! do NOT visit it if you are not protected with an anti-virus, if you're running an obsolete web browser, if you have java installed, etc., etc. it WILL attempt to mislead you. also, be aware it has a penchant for playing awful music immediately upon loading at full volume so best to put the mute on.)

the above site will either load something about free sex videos or, more often, a video sharing site trying to be youtube. this evades any "block onunload" script i throw at it. you can also try posting a reply to this topic (i tried commenting, but that didn't cause the dialogue, so try answering, which i can't yet) and then closing your browser - superuser do the same thing, for their sins.

thanks for any suggestions. let's kill this user-hostile nonsense for good.

seagull

Posted 2014-02-15T22:03:17.063

Reputation: 4 278

Question was closed 2014-02-20T17:33:21.070

1I hope all web browser makers allow users to control which sites can show the alert() and "are you sure to leave" as modal popup. These just leave spammers great ways to exploit users. Not only spammers, but dumb web developers in my country excessively use alert() for stupid things like "You are logged in." – Damn Vegetables – 2015-01-15T22:30:48.140

I am also looking for an easy way to block those messages in Chrome since I only know a fix for Firefox (go to about:config and set dom.disable_beforeunload = true, reboot Firefox and all cool).....grmpf. – nerdess – 2015-04-23T22:06:43.673

You could whitelist javascript for only those sites you want it to run on, which would essentially solve this problem. – Paul – 2014-02-15T22:07:03.843

whitelisting javascript strikes me as an incredibly overreaching solution to tackle one annoyance. i shouldn't have to alter my entire browsing experience to accommodate some injurious design decisions. – seagull – 2014-02-15T22:09:08.653

You are actually describing two annoyances. One is a straightforward "onunload", which can be countered with the userscript you provide. The other is "what if that doesn't work". Nefarious sites will use a range of techniques to subvert control of your browser. You may find an approach with the site example provided, but that doesn't mean it will work with the next site that obfuscates its methods. Whitelisting javascript managers generally involve a one-click per site you frequent, so it is quick to get back to where you were beforehand, but now with protection. – Paul – 2014-02-15T22:30:35.867

i really don't want to go down the route of "guilty until proven innocent", but it's certainly something to consider. thanks. – seagull – 2014-02-15T22:32:44.787

You can consider blocking spammy sites altogether by making an entry in your HOSTS file (assuming you're using Windows). The file is typically at this path - C:\Windows\System32\drivers\etc. Open the hosts file with administrative privileges & make an entry for the offending site like this - 127.0.0.1 unwanted.domain – mvark – 2014-02-16T04:26:51.507

the issue is that i don't know sites are going to pull this BS until after i've visited them. again, it's a too-far overreaching solution. – seagull – 2014-02-16T10:46:05.080

Answers

0

There are actually two ways to see the dialog you mention.

Only one of them is marketing spam. The sure-fire way to block that is to us NoScript or an equivalent that blocks JavaScript.

The other way you get it is, in fact, legitimate and helpful. You get it if you try and navigate away from a page where you have been adding content. This very site is a good example. If I'm halfway through typing and answer and I decide not to bother, I get a warning asking me if I am sure I want to leave. That's good!

Julian Knight

Posted 2014-02-15T22:03:17.063

Reputation: 13 389

1

@seagull, I feel your pain and agree 1000%. Sadly, I can't offer a perfect solution. I've used https://chrome.google.com/webstore/detail/alert-control/ofjjanaennfbgpccfpbghnmblpdblbef/related?hl=en myself. It unfortunately breaks ALL alert boxes but for me personally, I'd prefer all alerts to be broken over having onbeforeunload alerts. NOTHING is more infuriating than disobedient software. If I have a tab and I close it, I don't care if the popup is a genuine and real message: "Closing this tab will make you forfeit your entire bank balance." I clicked the X and I expect that tab to CLOSE.

– Joshua Pech – 2015-11-06T04:36:21.350

2i address this in my initial post. i don't believe it's good; i see it as an annoyance. i detest it. i wish to block them both conclusively. – seagull – 2014-02-15T22:36:53.323

For the 2nd part, if you havent edited anything on the page, it shouldn't be triggered. You can test this on SuperUser. I think the behaviour is baked into all browsers so you are unlikely to avoid it without some serious hacking. For the 1st issue, NoScript will always block the behaviour. – Julian Knight – 2014-02-15T22:45:37.423

2"serious hacking" is what i come to superuser for. i want a blanket ban on this sort of behaviour because i find it user-hostile and unnecessary. if i've closed the browser, the browser should close. questions regarding operation are neither here nor there; i wish for the behaviour never to manifest itself, not for a way to alter myself to ensure i never run into it. – seagull – 2014-02-15T22:47:20.877

Sure. The other way would be to use the onunload script in conjunction with javascript blacklisting for the sites that have workarounds. – Paul – 2014-02-15T22:51:07.017

@seagull, SuperUser is not for serious hacking, there are other forums here for that. SuperUser is for users. What you don't like, others do. Go complain to the browser creators. – Julian Knight – 2014-02-15T22:54:37.647

2i'm not asking google to remove the feature, i'm asking if anyone knows a way to circumvent it. i think you've made this issue a little more personal than it ought to be. – seagull – 2014-02-15T23:20:25.540

:) I'm not the one getting angry about how browsers work! – Julian Knight – 2014-02-15T23:21:44.903

0

  1. Install TamperMonkey

  2. Create a new script with the following text:

// ==UserScript==
// @name Disable Leave Page
// @namespace http://www.greasespot.net/
// @include *

// ==/UserScript==

location.href = "javascript:(" + function() {
  window.onbeforeunload = null;
  window.onunload = null;
} + ")()";

With a little fiddling you should be able to get it to work.

allquixotic

Posted 2014-02-15T22:03:17.063

Reputation: 32 256

interesting - i'll give it a go, cheers! – seagull – 2014-02-19T15:51:09.363

hi -- this doesn't work on either superuser or the spam site posted above. sorry. – seagull – 2014-02-19T16:52:41.597

Asked: 2014-02-15T22:03:17.063

Viewed: 11 107 times

Active: 2014-02-18T17:08:24.030