[Feature] Webhint rules for theannoyingsite.com

[brendyna]

🚀 Feature request

For the issues w/theannoyingsite.com, are there any other rules we can add to WebHint to help prevent these types of issues from happening? (we already caught this one)

The Most Annoying Website (aka the power of the web platform); Feross Aboukhadijeh
This talked began with the premise of creating a super annoying web page that with just one user event/interaction, could do horrible browser take over hacks to annoy anyone that clicked on it. You can’t do that with the modern web right? Wrong! Feross showed how using the following techniques and APIs all on one page could do a take over. Check out the end result here if you have some time… http://theannoyingsite.com

Found that window.MoveTo, open and resize could make the window move around the screen making it hard to interact with
Wrote a function to bring the window to the foreground
Made the windows bounce around the screen
With user interaction/permission granted with one click, he could invoke speech synth APIs
Used beforeUnload to make the user to an extra step before closing the window
Hiding the cursor
Showing a modal to prevent window close
Disable the back button by sending them forward on popstate event
Push state to send extra bad URLs to the history
Target=’_blank’ will open a site in a new tab – takeover the tab with refferWindows. *Webhint has a rule that would have caught this pattern

JSConf US 2018, @Maggers for more info

[molant]

@brendyna there are a bunch of request in here. What's the call to action exactly? While these APIs can be abused, they have legitimate usages.