You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For the issues w/theannoyingsite.com, are there any other rules we can add to WebHint to help prevent these types of issues from happening? (we already caught this one)
The Most Annoying Website (aka the power of the web platform); Feross Aboukhadijeh
This talked began with the premise of creating a super annoying web page that with just one user event/interaction, could do horrible browser take over hacks to annoy anyone that clicked on it. You can’t do that with the modern web right? Wrong! Feross showed how using the following techniques and APIs all on one page could do a take over. Check out the end result here if you have some time… http://theannoyingsite.com
Found that window.MoveTo, open and resize could make the window move around the screen making it hard to interact with
Wrote a function to bring the window to the foreground
Made the windows bounce around the screen
With user interaction/permission granted with one click, he could invoke speech synth APIs
Used beforeUnload to make the user to an extra step before closing the window
Hiding the cursor
Showing a modal to prevent window close
Disable the back button by sending them forward on popstate event
Push state to send extra bad URLs to the history Target=’_blank’ will open a site in a new tab – takeover the tab with refferWindows. *Webhint has a rule that would have caught this pattern
🚀 Feature request
For the issues w/theannoyingsite.com, are there any other rules we can add to WebHint to help prevent these types of issues from happening? (we already caught this one)
The Most Annoying Website (aka the power of the web platform); Feross Aboukhadijeh
This talked began with the premise of creating a super annoying web page that with just one user event/interaction, could do horrible browser take over hacks to annoy anyone that clicked on it. You can’t do that with the modern web right? Wrong! Feross showed how using the following techniques and APIs all on one page could do a take over. Check out the end result here if you have some time… http://theannoyingsite.com
Found that
window.MoveTo
,open
andresize
could make the window move around the screen making it hard to interact withWrote a function to bring the window to the foreground
Made the windows bounce around the screen
With user interaction/permission granted with one click, he could invoke speech synth APIs
Used
beforeUnload
to make the user to an extra step before closing the windowHiding the cursor
Showing a modal to prevent window close
Disable the back button by sending them forward on
popstate
eventPush state to send extra bad URLs to the history
Target=’_blank’
will open a site in a new tab – takeover the tab with refferWindows. *Webhint has a rule that would have caught this patternJSConf US 2018, @Maggers for more info
The text was updated successfully, but these errors were encountered: