Firefox popup blocker compromised???
 

I have seen about two instances of pop-unders that Firefox didn't block. A memeber of my LUG (with more Linux experience than I) has seen it about 6 times or more.

Has someone really found a way around Firefox's pop-up blocking tech???

PS: I'm no newbie,... so this isn't simple paranoia... just concern.

It is simple.

Some popups are triggered by clicking on a link. These popups will work because you chose to click and open them.

Some popups are triggered by loading a page. Technically there is a difference here. These popups will be blocked because it is assumed that you did not wish to open them, rather the page you wanted is opened in the window.

Popups are just a feature used by websites. It is like a scripting tool like a dialog box. It can be put to different uses by the web developer and different events can trigger it.

In some cases, popups can be useful (like the "PM notification popup" in some forum softwares).

The way to circumvent popups is to use different user-triggered events rather than the page loading to initiate the popup.

I am not technical here, but I think Firefox blocks popups based on the event triggering the popup rather than the popup itself.

Blocking all popups just does not make sense because some websites use the popup feature to display supplementary information and such.

Yeah I noticed these ads recently too.....so yes its not as efficent as it used to be.

Those are popunders but I don't know what's the difference with popups that make them appear. Guess that would be one of the reasons above

These other windows are opened via the event handlers in the HTML body element. There is an onload() handler and an onunload() handler. (They are often written using caps in a manner similar to Java, but Javascript is not case sensitive.) The important thing is, they can be opened by _any_ event handler. e.g. onmouseover, onmouseout, onmousemove ...

Disabling Javascript, hiding your plugins from the browser -- these are effective and (occasionally smart -- if not necessary) things to do, at times. Websites that do not check your browser to find out whether or not your browser has an enabled Javascript interpreter are poorly coded. It isn't your fault if you miss content by virtue of having Javascript disabled. Since opening a page is -- at times risky -- making a decision about disabling all scripting is something you should always consider. Here's an example of why: Last year, for several months, the png library incorporated into Mozilla (and Firefox, Netscape, Galeon and Konqueror) was vulnerable to a buffer overflow. This made it possible to hijack a machine with the privs of the browser.

Browsing the web isn't any safer or any more dangerous than walking around most places in Manhattan. If you are paying attention to your environment you sould be fine.
-- John

(I came to this message, Hari, to copy your sig line. I'm quoting you in another thread).

I read that now advertisers are using FLASH to do pop ups and make annoying ads. These, unfortunately, Firefox or any browser for that matter, cannot block.

I think once I experienced a popunder in Mozilla and after hunting through the code due to curiousity, it was something like forming a string which was a line of JavaScript which would generate a popup, and then a call to evaluate/eval() the string which executed the code.

Yep, I've been running into this already for about a week. The solution there is to add the offending domains to /etc/hosts to deprive them of the advertising revenue.

I'm perfectly okay with banner ads, but hands off my desktop, advertisers!!

You can still stop them.
 

Or install the Flash Block extention for Firefox. Man the extentions are what that browser is all about. I now have a pleasant Internet experience thanks to Flash Block, Ad Block, and that really cool one that prevents new windows from spawning on binary downloads. Good stuff.:D

yes but that blocks all flash. :( If I wanted a text-only browsing experience I'd be running Lynx!

I recommend using a hosts file to totally block well known ad-serving sites. Here's the one I use:

mvps hosts file

I've tested it on both Windows and Linux boxes and it works great. When you copy/paste it into your /etc/hosts file be sure to remove the duplicate localhost entry that it adds.

On Windows boxes it's a *must have* and on my Linux boxes it's a welcomed relief. Of course there are other hosts file alternatives out there and if you have flash installed as a plugin well you may still see some ads from some sites.

The pop-up blocker feature in Firefox is great, but I've always trusted a hosts file as my first line of defense against advertisements.