Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
The Internet

Web Site "Lock-In" 296

Danborg writes "There's a great article over at ZDNet about annoying web sites that lock surfers inside a web site once they arrive. This practice, started by porno site operators, appears to have gone mainstream. Formerly respectable corporate sites like Home Depot now lock you in, disabling the use of the "Back" button. Fortunately, Top9.Com has generated a list of the offending sites. Is it a legitimate marketing technique? Or a highly annoying example of poor web site design?" I run into this dozens of times a day while reading story submissions. It never ceases to amaze me (but then again, old versions of Slashdot did the same thing, so who am I to judge?)
This discussion has been archived. No new comments can be posted.

Web Site "Lock-In"

Comments Filter:
  • by Eponymous, Showered ( 73818 ) <jase&dufair,org> on Friday July 07, 2000 @12:18PM (#950232) Homepage
    Since all this whack-a-mole stuff is javascript-based, it would cool to have a feature to disable javascript by URL/domain. In fact didn't I hear that Mozilla may have that feature?
  • (Unix/Mac) Click and hold the back button until the list of previously visited urls appears. Select one.
    (IE/Win32)RIght click to select previously visited URLS.

    If you don't know this, its time to give up and become a Luddite.

    Seriously, though, I was so glad when Mozilla added this, as I almost can't live without it, to deal with "lock-in".
  • by Todd Knarr ( 15451 ) on Friday July 07, 2000 @12:19PM (#950236) Homepage

    Well, I wouldn't prevent them from trying. But then, their tricks only disable the Back button, not the history list, so I just pull that down and leave the site and never come back. Rule #1 these guys need to learn: make it difficult for the customer to do what he wants, even if that's to leave, and you will lose that customer and 10 others. Marketing 101.

  • by Whyte Wolf ( 149388 ) on Friday July 07, 2000 @12:20PM (#950238) Homepage
    After all, who's going to continue to frequent a sight that continually spawns browser windows after you've exited. What's irritating in porn sights, might very well sink a business as it drives customers (especially non-technical end users) away.

    Hell, I've had several of these types of sites cause fatal errors in my browser and crash it. Not a smar idea if you want me to buy your products or services (or whatever)

    The heart of the problem, IMHO, though is that far too many business look to the corporate website as a gimick and not a true marketing tool. I've had this fight myself--and after I left my last position, the company butchered the website I'd spent 3 months coding.

    Ah well, as with all things, the proof is in the pudding (not to mention the HTML)

  • by NME ( 36282 ) on Friday July 07, 2000 @12:20PM (#950239)
    Don't forget to powercycle the mail client.

  • by TheDullBlade ( 28998 ) on Friday July 07, 2000 @12:20PM (#950240)
    I remember hearing some (MS I think) browser developer saying how they wanted to make a main-bar button that would toggle javascript, so you can stop a flood of popups fairly easily.

    It got dubbed the "porn button" and was, unfortunately, never included.
  • by Jaborandy ( 96182 ) on Friday July 07, 2000 @12:22PM (#950244)
    You may be dismayed to learn that this is a feature of Internet Explorer. With Security Zones, you can set any url or domain to be in a particular zone, and have javascript either on or off in that zone. I use this method to tame cookies. My "trusted" zone is set to be much like medium-high security, except I get to approve all cookie dropping. Other zones do not even prompt me, they are just denied. When I see a legitimate use for a cookie, I "trust" that site to prompt me. The configurability of this system lets you do a lot to make your system more secure than the default.


  • (IE/Win32)RIght click to select previously visited URLS.

    Shouldn't this be:
    (IE/Win32)keep pushing back, you don't deserver better? :)


  • by 11223 ( 201561 ) on Friday July 07, 2000 @12:24PM (#950251)
    Part of the problem is web-sites that use a 0-second refresh. For instance, go to this microsoft site [] and then try to hit the back button - it won't let you out! So should also be on that list.

    The reason? People are too lazy to return a 302 Moved (like Google does for the I'm Feeling Lucky button) and instead use a meta refresh. Well, it's wrong!

    Browser writers (and Mozilla team): Could you let the back button disable the meta-refresh if you accidentaly back onto a meta-refresh page?

  • by cvd6262 ( 180823 ) on Friday July 07, 2000 @12:25PM (#950252)
    What urks me is that there are a lot of newer web designers who don't know how to correctly use javascript to forward the user to a new location. If they just say: window.location = 'newpage.html'; then when the user hits 'back' it will rerun the script and transfer them again.

    The correct way is: window.location.replace('newpage.html');. This replace the old page with the new in the browsers history.

  • by Bowie J. Poag ( 16898 ) on Friday July 07, 2000 @12:25PM (#950253) Homepage

    Ever been inside a Home Depot? Its pretty much the same story.. You cant find your way out there either. :)

    Bowie J. Poag
  • Beware, some might consider this a troll
    In some sites, like, the reasons for the 'lock-in' seem valid. i.e. setting cookies, checking cookies, so on and so forth. But most designers/developers feel that you came to their site for a specific reason and that you will be willing to put up with being redirected to a few different pages so they can give you a better "web browsing experience"
    Now, just because I say this doesn't mean that I believe it or promote it. So flame me all you want..
  • by Chairboy ( 88841 ) on Friday July 07, 2000 @12:26PM (#950255) Homepage
    "Poor web design"? That's like calling a burglar someone guilty of "poor money collection strategy".

    Websitest that lock you in are more annoying then spam, and a pox on the face of computing.

    The problem is, of course, due to marketers. It's true, these websites are obviously designed by a committee of marketers who spend days sitting around tables (or, these days, golf courses) trying to 'brainstorm' or 'strategize' ways of 'grabbing eyeballs'.

    For a marketer, heaven is having a consumer strapped into a chair with his eyes held open ala A Clockwork Orange and being forced to watch commercials. In TV, they use everything from loudness to humor to try and grab those eyeballs.

    So imagine, if you will, what happens when these people get access to an interactive medium like the Internet. There isn't a volume knob on websites, and most commercial humor requires reading abillities and patience, something hard to rely on in this 5 second attentionspan culture, so instead they do the equivalent of tying you into the chair and forcing you to 'experience' their website.

    It's only a matter of time before this practice is identified as the embodiment of impoliteness it is, so it should disapear sooner or later.

    Unfortunately, that means that the wheels will start turning, more of these marketing folks will start flapping their membranous wings again, and the next generation in captive consumers will get to experience their next excreted nugget of marketing 'saavy'.
  • There is a good program for Windows (shudder) that can help with those annoying popups.

    NoAds []

    Very handy, and free too!
  • by Eponymous, Showered ( 73818 ) <jase&dufair,org> on Friday July 07, 2000 @12:26PM (#950259) Homepage
    Folks, none of the sites on Top9 were Javascript whack-a-mole stuff like the header of this article implies. They're all just pages that use a 0 second redirect. I've even had to do this on sites I've built - not for the effect of locking people in, but to jump database instances in the case of the Oracle Application Server (web server). Now, these other sites may have an ulterior motive, but a 0 second refresh is much lesss onerous, IMO, than javascript popup hell.
  • Most browsers have a history pull-down, too. I've always found that the quickest way to get past those instant re-directs.

    9 times out of 10, this is just bad software design. "Never ascribe to malevolence..." ah, hell. You know how the quote goes.

    If they were operating like the shady Java sites, then the back button would kindly open 12 windows of ads for you, to boost hit counts.

  • I've got one of those Intellimouse Explorers (the huge silver ones with the superfluous tail light and like three extra buttons; well, what the hell, here's a link []) and sites that won't let you back out are an incredible annoyance. See, two of the buttons on there serve as Forward/Back (respectively) while browsing the web, and after about 20 minutes of using them, I was hooked. You wouldn't believe how simple (and remarkably intuitive) to navigate with your thumb. Now if I could just find a good use for those buttons in Half-Life...

    I mean, sure, it's easy enough to hold down the back button and select the page before the offending site, but that would require moving my cursor over six or so linear inches of desktop space. Isn't that just a little bit unreasonable? No? Ah well.

  • by Kiwi ( 5214 ) on Friday July 07, 2000 @12:28PM (#950263) Homepage Journal
    Something to keep in mind is that sometimes these lock-ins are unintentional. For example, people may, to make web site updating easier, place all of the web documents in a sub directory, and have the front page be a redirecton to the actual front page of their web site.

    Clumsy designs may have multiple redirects, the same way clumsy UNIX sysadmins may sometimes have a chain of symbolic links eventually pointing to a file.

    The real solution is the reponsibility of the web browser designers--pages that have refresh meta tags should not be part of the browser's history, unless user-enabled.

    I am not going to get in to the javascript games, since I, for security reasons, have Javascript siabled on my browser. Don't get me started on pages that need Javascript enabled to be browsed.

    - Sam

  • On many of these sites, the back buttons don't work because they are redirecting you to another page in their site when you first arrive.

    Why? So they can offer different content depending on what browser you are using, and what plug-ins you have installed. If you have the flash plug in, they'll redirect you to a flash splash page... If you're using an older browser, they'll redirect you to a frames free page, etc.

    You might find this behavior annoying, but it's hardly sinister. People in this thread have already pointed out that it's easy to overcome the limitation. It's kinda funny that slashdot is making a big deal about it.
  • by tacticalsyntax ( 205860 ) on Friday July 07, 2000 @12:31PM (#950269)
    Oh yeah, I forgot to mention that a lot of this comes from the shitty technology behind these sites. Like BroadVision at Home Depot. To do supah-1337 1-t0-1 marketing you have to use their fat-as-hell URLs [] and redirect the user all over the place. So another reason to ditch HTTP: URLs are foolish things to use as objects.


  • Since there is about a zillion porn sites out there it probably won't help a lot to disable Javascript by domain (unless an updated list of domains can be obtained automatically from somewhere).

    Instead I would suggest a button on the navigation toolbar (e.g. instead of the Shop@Netscape button :-) that could temporarily disable/enable Javascript in case one should be "locked in". The function is already present in most browsers, but it is just hidden deep down in the preferences-editor.
  • I don't think the continual spawning of windows is the issue here (although it certainly is annoying). Home Depot's site just redirects you immediately to their main page, so that when you click the "back" button, it takes you to the page that redirects you and you end up looking at the Home Depot main page again.
  • by artdodge ( 9053 ) on Friday July 07, 2000 @12:33PM (#950280) Homepage
    This practice, started by porno site operators
    Ballocks. The problem here isn't web sites trying to "lock you in" - it's crappy web designers showing poor engineering skills and lack of knowledge of their tools. Specifically, lots of these sites (homedepot is a prime example) use the nefarious META http-equiv="refresh" kludge instead of sending proper 302/303/etc redirection responses. They're using an HTML-level mechanism to perform an HTTP-level function. Nothing more, nothing less.

    If they wanted to lock you in, I would wager they could actually disable the Back button with JavaScript (I think some on-line banks do this so they can keep you from going "back" to a page providing info that you just invalidated by performing some transaction).

    I hate META http-equiv.

  • I believe that lock-in is poor web design and reflects badly on the companies marketing department. If the site is not interesting or useable enough for customers to want to stay, the site should not resort to annoying tricks like lock-in or spawing of windows if the browser is redirected to another site or closed.

    Anyone who has had any experience at marketing would know that this may cause some customers to stay an buy, but it will mainly annoy most of them and cause them to not want to return. Bad experiences with web-sites are like bad experiences at stores, if you have one you are less likely to return. The use of these tricks shows immature marketing.
  • by ajs ( 35943 ) <> on Friday July 07, 2000 @12:35PM (#950285) Homepage Journal
    Perhaps the right solution is to have Mozilla not fall for it. For example, one way that I know of that people do this is to have /index.html be a blank page with a META REFRESH or REDIRECT tag pointing to the real homepage. Why not have Mozilla detect the combination of "back" and META REFRESH or REDIRECT and simply not obey the tag?

    The other solution would be to take pages out of the history list when they contain a META REDIRECT REFRESH. That would also cause the back button to work as expected, perhap arguably more like expected.

    Do either of these solutions break any reasonable practices?
  • by hawk ( 1151 ) <> on Friday July 07, 2000 @12:35PM (#950286) Journal
    >Shouldn't this be: (IE/Win32)keep pushing back,
    >you don't deserver better? :)

    I initially was moderating this as funny, then I realized that this was already implemented in Netscape 3, and is part of the reason I still use it.

    In the Mac & Unix versions, alt- moves you through the history--alt-2 goes to the prior page, alt-9 goes back 8 pages, etc. And if you've only gone back, alt-1 takes you as far as you go.

    For some reason, this wasn't in the darkside version, and has been removed from later versions of netscape.

    [the other reason is the window-by-window setting of autoload images, rather than as a universial preference]

  • Yes, it's possible. And compatible with ALL browsers. There are ultimately 3 ways to refresh to another page [as these sites have been doing, therefore 'locking' you in]

    <SCRIPT language="JavaScript1.1">

    <META http-equiv="Refresh" content="0; URL=">

    This page has moved to a <A href="">new location</A>.

    Using all three on the same page can help all browsers. The script works in major browsers, refresh is the older one, with which a quick back click can get past, and the message is perfect for lynx type browser [even tho refresh works in lynx]

  • One of the "Powertools" for MSIE includes a feature which adds two items to your "Tools" menu: "Add to Trusted Zone" and "Add to Restricted Zone". These items, when clicked, will automatically add the domain of the site you are currently viewing to the specified security zone. This should work just as effectively as the button you mention, since you can instantly add a site to the restritcted zone. Actually this would be better than a "toggle" button, because it will remember the site in the future.
  • by drix ( 4602 ) on Friday July 07, 2000 @12:37PM (#950291) Homepage
    Seriously! It's the closest thing to a casino I know of - no doors or easily accessible exits, no clocks or windows to tell time, open 24 hours a day to entice you.

  • Is when porno sites use the above lock in technique in conjunction with java scripts to cause a window explosion.

    The link will look like " g" but when you click on it, instead of the mpg, you get 12 windows flying open all over the screen.

  • I can always find what I'm looking for, pay for what I've found, and find my way out of WalMart. Maybe WalMart is just too advanced for you. Start simpler, maybe try 7-11. There's only 4 or 5 aisles and the cash register is always visible.
  • by artdodge ( 9053 ) on Friday July 07, 2000 @12:40PM (#950301) Homepage
    they have to work around the miserable way that HTTP handles state.
    Not the problem at all. You can handle state in at least two ways in HTTP (there are others, but some of them are patented :-P), neither of which necessitate the shoddy practices seen on theses sites.
    • Cookies (example: yahoo)
    • Use proper redirection (302 Found or similar) to a URL embedding a session ID (example: amazon) instead of the claptrap HTTP-equiv refresh crap these sites use.
    What kind of statefulness do you have in mind that Cookies don't deliver? (BTW: you might want to look at the most recent IETF drafts; Set-Cookie2 et al are much more mature than Netscape's hack.)
  • A lot of sites use meta-refresh to guide users from an index.html to an index.cgi page, as most of their site is not static -- including the main page.

    The browser already offers an answer to this. Hold down the Back button on the browser and select the page just before the index.html page you visited. Problem solved.

  • I don't know about other Netscape for Unix users, but I constantly click on URLs with the middle button, which opens up a new browser window. Probably the majority of clicks I make, espcially from one website to another, are middle button clicks that open a new browser window. Of course this results in me having like 10 Netscape windows all the time, but I never have any of those windows "stuck" in a site because I just close the window when I am done looking at it.
  • How about just being able to turn off some Javascript commands. I don't mind mouse-over and text on the status bar, but I would like to be able to stop the new windows.
  • by jayhawk88 ( 160512 ) <> on Friday July 07, 2000 @12:44PM (#950313)
    Me: Hello, I'm looking for RedHat Linux for Commodore64, do you have that in stock?
    Salesperson: No, but we do have the all-new WindowsYou 2000 v5.0 for Watches! Why don't you let me show that to you?
    Me: Umm, no thanks, I think I'll just go look elsewhere.....Umm, excuse me again...
    Salesperson: Yes? What is it?
    Me: Umm, this door appears to be locked.
    Salesperson: Oh, is that so? How odd. Perhaps you'd like to check out the latest release MacOS AquaTealMarine for CoffeePots, now with even more backgrounds!
    Me: No, I'd like to leave the store. This door that I justed entered through is now locked.
    Salesperson: Well, if you feel you really have to leave, you can climb that ladder into the rafters, walk across that I-beam to the far side of the store, and shimmy down the drainage pipe. But then you'd be missing our sale on OS/4 Impulse for Dishwashers...

    I think it's clear that trapping sites are my biggest internet pet-peeve today. This is another reason why all marketing people should never be exposed to any new technology. Ever.
  • Wait until you've found a few sites which catch your right mouse button click with some Javascript to make sure you cannot use it for browser functions anymore.

    Unfortunately for IE users some functions such as "Open in new window" are _only_ available from the RMB popup. I'm glad all major browsers on Un*x use the third mouse button for this.

  • A similarly disturbing problem is when http POST
    requests expire from your browsers cache. Hitting the back button gives you the "page expired, repost form data" box.

    Never use POST unless you need to (like not showing sensitive info in the location bar and web log).
  • by Anonymous Coward
    That would actually be useful if you could have as many "zones" (security policies) as you want, but IE allows exactly four--one is the default, another is "local intranet" (a sure sign the authors don't know what the word "network" means), leaving you with only two distinct policies you can assign to an arbitrary URL. And it's still missing obvious per-zone policy options like "allow fetching and rendering these Content-Types" and "send Referer: header" and "send User-Agent: header" and "ignore these often-abused HTML elements".
  • As several comments have already pointed out, the 'trap' that sites like Home Depot's put you in is (most likely) not intentional. It's simply the result of a zero-second refresh page to redirect you to another page, and the easiest way around that is to bypass the page by holding down your 'Back' button or by using the 'Go' menu in your browser.

    The real problem, of course, are the porn and scam sites which actively and aggressively prevent you from leaving their web pages. They use JavaScript to sense when you leave their page or close your browser window, and then they bring up another window on their web site -- or, worse, several other porn and scam sites.

    The porn site '' (not to be confused with '') used to do this, and it was a great example of how dangerous the web can be for kids: mistype a URL, and not only might you have pictures of women having sex with donkeys dumped onto your screen, but you might not be able to get them off your screen without quitting completely out of your browser, either. Fortunately, 'gamefaqs' bought the 'gamefaq' domain name to stop this from happening (if you can call extortion 'fortunate'), but it still happens with countless other web sites...

  • I give credit to the porn guys who decided to make their banner ads resemble the standard Windows widgets. Totally devious and shrewd.


  • I believe you can use the keyboard-based right click (the key next to the dreaded Win key) to circumvent those protection schemes...

    Another trick you can use, but with a smaller success rate: Hold down your left mouse button for a few seconds, then click the right mouse button. I've found that this works on a few of those offending sites.

  • This [] site, for a certain well-known free-software desktop project, has the same problem - Another Damn Refresh.

  • Being a very proud and pompous American, with at least a passing knowledge of the legal system gleaned from innumerable hours watching 'Judge Judy' and 'Judge Mills Lane' when I should be working, I am always on the lookout for a sure-fire frivilous lawsuit so that I, like many other lazy Americans, can get paid for nothing.

    Well, here's how we sue the sites on the lock-in list. We get a couple hundred elderly, entry-level Windows users together in a room full of computers. We hook them all up to the Internet over a single ISDN channel. Set the default start page on each PC to, and disable the cache. After writing a small script to respawn IE every time it is closed, we set the lusers loose on the 'net.

    By now you're asking "Hey, technos! Annoying a room full of senile lusers is fun, but how do we make it into a good frivilous lawsuit?"

    Well thanks for asking! I have noted, from my extensive experience as a tech, that the newer and more clueless the luser, the more often and serious they do something bad to the PC. Since we haven't given them any thing else to touch but IE and the contents of the Start Bar (conveniently stripped to just IE) they will eventually power cycle the machine. Some will do it repeatedly.

    Here's another tech tidbit: Power cycling a Microsoft machine is BAD. For the purposes of this frivilous lawsuit, it completly corrupts the hard drive and requires several hours of expensive service to correct!

    "But technos, any judge on earth will throw that out! The judge will call you and your lawyers a bunch of money grubbing slimes, and toss you out."

    No! That's why we've picked on the elderly as our lusers-du-jour! Judges never rule against them! Why not? Because the elderly vote, and the judges are elected officials. Get enough old people in on the class action suit, and the judge will cave to keep his job!

  • As proof of his statement about Marketing thinking the web is just a gimick. I'm the guy who took over his position at this High Tech company. After he left the website sat dormant. I have the necesary skills (if not the experience) to maintain the site. They didn't notice. When we hired a new marketing person, straight out of college she is, they got her to start working on the website. She has never done a website before. They finally got one of the cobol programmers to work on it with the marketroid designing the site.

    This is just a single example in a host of sites where marketing does not realize the full potential of a web based marketing tool. Ahh well, at least Whyte Wolf has the satisfaction of knowing he was right, and all the marketroid, Bill Gates wannabe's in our office were wrong. Aren't I right Whyte Wolf??
  • From my experience, there will be a point dring development where the question about whether to display off-site links or not will arise. At this point, IF the client is somewhat reasonable he/she will agree that the Web is an open ended environment, that NOT giving all information a customer needs to decide on a deal is unproductive.

    If, and this is frequently the case, you are meeting with an EMMM (see title), specially if the said EMMM consider itself a computer/internet power-user, things tend to degenerate fairly quick.

    "No outside links" is just the starting point. They will then suggest tricks like this one (disable back-buttons) and go ahead to things like opening the page full-screen without address, menu or status bars (nearly hijacking the user's computer).

    Sometimes it is possible to prevent this kind of crap, specially if you are dealing with a group. If, on the other hand, the EMMM is the sole or main responsible for the site, you usually end up being forced to develop a site with lots of user-enemy features.
  • ...the very simple work-around of hitting ^N to pop up a new browser window. Drag the link into the new window, or drag the little green-yellow thing by the location bar into the new window, and boom, there you go.

    Or just right-click on a link and select "open in new window," etc, etc.

    When you're done browsing, kill the window. The original one remains where you left it.

    I haven't had to worry about "lock-in" for years. I don't see what the problem is.
  • But it's also extremely annoying. If the companies running those sites want to feel the wrath of customers (and some of us out here in net-land can be very loud and annoying), then they should feel free to play their little games.
  • This is a clever fix, but remember location.replace() is a JS 1.1 function, not 1.0, explaining why a lot of people might not know about it, or be afraid to use it (no IE3 compatability).

  • Is there information on how to perform these operations (302/303/etc) from the site? I've always used http-equiv as I was never sure how to get the web server to send different responses. Does this require a cgi script to send the response, or can it be done from the header of a page?

  • Auto-redirecting users based on browser specs breaks a fundamental and frequently used (if not the most frequently used) function of the web browser... the BACK button.

    It is more appropriate to give the user the choice of using a Flash or non-Flash site. I have Flash installed, but nine times out of ten I'll opt for the non-Flash version because use of Flash tends to be gratuitious and run counter to my purpose for visiting the site. Nothing pisses me off more than being forced into a Flash interface when I know there's an HTML alternative.

    And what if I'm trying to add a link to your site from my site? If you auto-redirect me you are likely to force me (whether I'm aware of it or not) into picking up a link that fits my browser specs, but not necessarily the specs of my web site visitors.

  • That can, and SHOULD, be fixed at the server. The server configuration determines the default page, together with whether it is run as a CGI script.
  • Correction.

    Web sites that have refresh meta tags with a 0-second refresh, or one that refreshes to a different page should not appear in the history.

    A non-zero timeout, pointing to the same place should appear in the history precisely once, for each distinct time it is visited, subject to the rules above (i.e. ping-pong refreshes shouldn't appear etc. etc. etc.)

    The poster appeared to forget the legitimate use of the meta-refresh tag :-)
  • Quite a while back, I wrote these rants. Ok, a little shameless self-promotion, and some of it is out-of-date, but still, I've been complaining about this stuff for years.

    I want to be able to protect various browser components from manipulation. Simple. Don't let any web author change the function of the [BACK], [HOME], and [EXIT] buttons!

    I once got trapped in a site which had used the JavaScript On_Close event to open a new browser window when I exited Netscape. Oh, and please keep my status line displaying real status messages (and latch them, please), instead of ridiculous messages from somebody's scrollit applet, or mouseover spam.

    Oh, one more thing, a javascript.allow and javascript.deny type of management for which sites get it on and off.

    TIA, Mozilla.

  • by geek2b ( 170831 ) on Friday July 07, 2000 @01:21PM (#950349)
    Thank you for contacting! Our Internet team recently received a copy of the e-mail you submitted through our Web site. We would like to thank you for contacting us at and sincerely apologize for any inconvenience you may have experienced while using our Web site. Rest assured, we do not want to limit your access to the Internet from our site. Because the actual Web address for our home page is quite long and complicated (you can see it in the address field of your browser once you are on the page), we have simplified our Web address to to make it easier for our customers to remember and access. When you enter our address in your browser, we convert the simple Web address to the real Web page address. For that reason, the "back" button may not work in some browsers. Our technical experts are working to find a way to eliminate this process.
  • by dzurn ( 62738 ) <daz-slashdot@zzzurn. c o m> on Friday July 07, 2000 @01:26PM (#950352) Homepage
    I wanted to become a Luddite, but couldn't find the on-line registration form.
  • You could use the alt-left alt-right, so long as you aren't working with Solaris 7 or greater, or you haven't set those as hot keys. The CDE included in Solaris 7 and 8 have alt-left and alt-right hot-keyed to move to the next desktop.
  • If these programmers weren't a bunch of lazy morons, they'd have learnt:

    PHP: Header("Location: $url");
    Python: print "Location: %s" % url
    Perl: print "Location: $url\n\n";
    et cetera



  • by Cramer ( 69040 ) on Friday July 07, 2000 @01:36PM (#950361) Homepage
    First off, Top9 is smoking weed if they think a lazy redirect is "capturing" a browser. They have obviously never gone to a porno website and seen what "capture" really is. (Note: disable everything before going on a porno walk-about.)

    Personally, I find all the lame-ass javascript and meta-refresh redirects a serious pain in the ass. It's ranked just below setting the expiration tags on pages to before you download the page. And a recent addition (landing at number three) is the "neat trick" some assholes put in their page(s) to resize the browser to the size of your screen. (This little "feature" has forced me to make fvwm an absolute nazi.)
  • by morzel ( 62033 ) on Friday July 07, 2000 @01:37PM (#950362)
    Same thing happens IRL in a number of stores, with IKEA being a prime example:
    Once you get in, you can't possibly get out unless you walk through the *whole* store, through every possible department - preferrably with hordes of people blocking your way.

    It's a tested idea, and it works wonders (in Ikea, anyway) for the sheople walking through.
    Quite miraculous how I always seem to end up buying more stuff than I actually came for. :-)

    Okay... I'll do the stupid things first, then you shy people follow.

  • Actually what I hate more than this "lock-in" stuff (minor annoyance, easily worked around) are sites that have continually refreshing ads in a separate frame. First, the "hold down Back button and select page from history" solution won't work (the first location in the list will get you completely out of the frameset, not necessarily what you wanted). And because of this, you're stuck hitting Back 50 times while the ad frame cycles back before the "real" frame goes back to the previous page. You may be able to work around this by opening the real frame in a new window, but not if the braindead web designers give you no navigation tags in the real frame, forcing you to use a third, navigation frame. It's just poor website design and it pisses me off sometimes. ;-)

    So many times at sites like this I've wished the Stop button would also stop the timer for meta refresh tags (and I think it should - everything should stop: loading, animations, refresh timers, javascript timers, etc). This small feature would be a godsend for such situations.

  • There's only one thing marketing people should be exposed to. Dangerous levels of radiation.

    "If anyone here tonight is in advertising or marketing... Kill yourself. No, seriously. If you are, do. You're fucked and you're fucking us. Kill yourself. It's the only way to save your soul." -Bill Hicks []
  • The scary thing is, after you buy a home and start hacking your house, you don't care about the problem because you don't WANT to leave Home Depot. It's like asking a six-year-old to leave Toys R Us.

    I was in there today on my lunch hour getting advice on my plumbing project ... I was like "man, I really wanna look at these copper-to-PVC transitions some more, but I gotta go back to work and code..."
  • by Anonymous Coward
    Funny. It works fine for They have a "complicated" home page URL and have managed to do it without trapping refreshes for as long as I can remember.
  • That's where not using Windows comes in handy. Only once have I seen a fake-widget ad that looked like Motif or anything *nixy... and that was on Slashdot. On rare occasion I'll see ads that look like bastardized versions of the Win32 or MacOS widgets, which leads me to wonder what kind of people they were trying to fool.
  • Try ...

    - Jeff A. Campbell
    - VelociNews ( [])
  • I usually browse with Java and Javascript disabled for just this reason. I've also got into the habit of middle clicking to launch a new browser window, as a lot of sites do screw with the back button in one way or another, and an alt-w to close a site and return to the previous site tends to be a lot faster than hitting the back button.

    I also have my cookie file set read-only with just a slashdot cookie in there. I've yet to find anyone else worthy of being allowed a permanent cookie (And the only reason I allow the Slashdot cookie is so that I NEVER get presented with anything by John Katz.)

    If a site is too obtrusive or bitches about my set up, I just don't visit it. It's that easy.

  • if that's authentic, they're smokin' some major crack, and need to fire their entire web design team. making a file called index.html and putting it in the root directory just is NOT difficult.

    Worse, they're running (according to netcraft) Netscape-Enterprise/3.6 SP3 on HP-UX, so there is NO excuse. a symbolic link to the 'real' page they're concerned about named index.html in the publuc_html directory will work just fine. yeesh.

  • by Darchmare ( 5387 ) on Friday July 07, 2000 @02:00PM (#950380) Homepage
    That's downright unethical. The last thing I want when I'm looking for porn is for some stupid video game site to pop up. :>

    (yes, i'm kidding)

    - Jeff A. Campbell
    - VelociNews ( [])
  • I found out the hard way that this is usually the result of poorly-written and poorly-rendered JavaScript.
    Whilst first learning the language, I created a re-director page the detected browser types. Since I made the mistake of placing it on a separate page, users could not get out.
    I found that Netscape was also far more susceptible to the problem as I attempted to tweak my code.
    Perhaps someone could post the source to a workable re-direct solution, and e-mail it to the webmasters of the offending sites?
    I'd hate to think that such an annoying effect was entirely accidental and/or caused by ignorance, and that we didn't say anything about it to ^them^ before we started complaining...

  • by yomahz ( 35486 ) on Friday July 07, 2000 @02:05PM (#950384)
    I went to the sites on the list that there was "no way" to get back to the previous site and I had almost no problem getting back in either Netscape or IE.

    Both browsers have an option in the back button to skip several pages back.

    - In IE, it's the little down arrow next to the button.

    - In Netscape, you just hold down the button for a few seconds.

    Is it annoying, YES but is it really that big of a deal?

    A mind is a terrible thing to taste.

  • by MrJay ( 172412 ) on Friday July 07, 2000 @02:13PM (#950386) Homepage

    Well, hitting the URL [] redirects you to the page index1.html. This page uses Javascript (uggh) to determine whether the user (ironically) has Javascript enabled in their browser:

    //Proceed only if the browser supports JavaScript.

    if ( browserSupp )
    window.location = "/" + siteName + "/HDUS/EN_US/pg_start.jsp";
    window.location = "noscript.html";

    In pg_start.jsp, I can only speculate that a new session is created (the next URL has a session ID field) and various startup routines are executed.

    When you arrive at the homepage, the URL contains something similar to this:

    pg_diy.jsp?BV_SessionID=@@@@1850957283.0963009276@ @@@&BV_EngineID=cal ieli dldjbemfcfkmcficgkj.0">

    Given this information, I can make the following statements:

    • They are using Broadvision. Anyone who's used this horrible piece of proprietery crap knows how uncomfortable and cumbersome it is to work with.
    • They are heavy on the Javascript. IIRC, Broadvision sends various Javascript functions to accomplish mostly what can be done without Javascript. An expert web designer can build a complex site without a heavy and almost necessary reliance on Javascript.
    • HTTP and HTML should both be extinct. Perhaps this is why Home Depot opted for the expensive Broadvision. I bet they also paid through the nose for a BV tech to be on site. Yipee!!

    In all seriousness, this sort of thing can be avoided with a proper design. And the sheer difficulty of the whole process is nil.

  • This sucks. If the site requires javascript to run, and you add it to restricted, you can't just remove it (IE, un-curse it) without blessing it. This is not a solution.

  • by DHartung ( 13689 ) on Friday July 07, 2000 @02:16PM (#950391) Homepage

    In fact, Microsoft offers a freebie add-on called IE5 PowerTweaks []. Among other things, the handful of tools includes menu items (on the Tools menu) called "Add to Restricted Zone" and "Add to Trusted Zone". This lets you manage your cookie-and-javascript-enabled sites without messing around in the "Security" dialog box for five minutes.
  • by __aapbgd5977 ( 124658 ) on Friday July 07, 2000 @02:17PM (#950392)
    As of July 18, this is an unlawful business practice, according to Arizona Statute 13-2316. The newly enacted statute, available online as House Bill 2428 [] is quoted in relevant part below (new language in ALLCAPS).

    (Note: The summaries say that this is a "Class 6 Felony". This is incorrect.)

    13-2316. Computer tampering; venue; forfeiture; classification






    Section 44-1522 is currently in effect, and reads in relevant part:

    44-1522. Unlawful practices; intended interpretation of provisions

    A. The act, use, or employment by any person of any deception, deceptive act or practice, fraud, false pretense, false promise, misrepresentation, or concealment, suppression or omission of any material fact with intent that others rely upon such concealment, suppression or omission, in connection with the sale or advertisement of any merchandise whether or not any person has in fact been misled, deceived, or damaged thereby, is declared to be an unlawful practice.

    Yes, I work for the Arizona Attorney General, but I am not a spokesman for them. I am a lawyer, but this is not legal advice. Please consult your own attorney before taking any actions based upon information in this posting.
    "This is the nineties. You don't just go around punching people. You have to say something cool first."

  • by DHartung ( 13689 ) on Friday July 07, 2000 @02:20PM (#950395) Homepage
    One of the "Powertools" for MSIE includes a feature which adds two items to your "Tools" menu: "Add to Trusted Zone" and "Add to Restricted Zone". These items, when clicked, will automatically add the domain of the site you are currently viewing to the specified security zone. This should work just as effectively as the button you mention, since you can instantly add a site to the restritcted zone. Actually this would be better than a "toggle" button, because it will remember the site in the future.

    It's called IE5 PowerTweaks []. If you turn off Active Scripts for the Internet Zone, you can then go to a site and decide if you trust it to run Javascript or leave a cookie and pull down your menu. Boom! Instant Javascript.
  • ... and in raw mod_perl handlers:

    $r->header_out(Location => $url);
    return REDIRECT;

  • In Win32/IE, shift-click to open a link in a new window.

    In any case, IE users should be familiar with the security zones scheme. Not great, but better than nothing. Any site evil enough to try braindead marketeering schemes like that can be put in the Restricted zone, which you can configure to turn off all scripting.

  • It's closer to the technical equivalent of a roadside billboard transmitting a command to your car's control system to immediately stop, so you can read the entire ad before whizzing by at 60mph.

    Definately rude.

    if it ain't broke, then fix it 'till it is!
  • by josepha48 ( 13953 ) on Friday July 07, 2000 @02:48PM (#950408) Journal
    I don't really think that this law applies here. I'm no lawyer, but here is why: you can still access other sites through your book marks so you are not really 'locked in'. They do not control your browser completely so you can still exit by typing in a URL in the location bar. Since both Netscape and IE browsers support searching through the location bar you can always exit one of these site.

    While I do agree that this is bad practice on the site developers side, I do not think that it is against the law. Also how are you going to sue someone or take legal action if they are not in Arazona, or even the US? I imagine that since these sites have basically ben blacklisted on slashdot it is only a matter of time before most of them stop that practice anyway. I know that it is a cheezy way to keep visitors. Obviously if a site needs to do something like this then they have no content that will make people want to return.

    send flames > /dev/null

  • I cross-referenced your post. Hope this helps!
    got [] one [] of those [] Intellimouse [] Explorers [] (the [] huge [] silver [] ones [] with the superfluous [] tail [] light [] and like []three [] extra [] buttons; [] well, [] what the hell, [] here's [] a [http] link) [] and sites [] that won't [] let [] you [] back [] out are an []incredible [] annoyance. [] See, [] two [] of the buttons [] on there [] serve [] as Forward/Back [] (respectively) [] while [] browsing [] the [] web, [] and after [] about [] 20 [] minutes [] of using [] them, [] I was hooked. [] You [] wouldn't [] believe [] how simple [] (and [the] remarkably [] intuitive) [] to navigate [] with your [] thumb. [] Now [] if [] I could [] just [] find [] a good [] use [] for those [] buttons [] in Half-Life... [] I mean, [] sure, [] it's [] easy [] enough [] to hold [] down [] the [] back [] button [] and [the] select [] the [] page [] before [] the [] offending [] site, [] but [] that would [] require [] moving [] my [] cursor [] over [] six [] or so [] linear [] inches [] of desktop [] space. [] Isn't [] that just [] a little [] bit [] unreasonable? [] No? [] Ah [] well. []
  • by mitheral ( 10588 ) on Friday July 07, 2000 @02:56PM (#950411)
    The following code in junkbuster/proxomitron will remove the right mouse click disable "feature"

    Name = "Allow Right Click"
    Active = TRUE
    Bounds = "<script*</script>"
    Limit = 256
    Match = "*document.onmousedown=*"

    Something I find very handy as lots of sites have picked this annoy habit up. I notice because I have no standard tool bar showing on IE; I use right mouse clicks to move back/forward
  • POST is not evil. GET with huge form data (files, /. comments, etc.) is. I think what you're trying to say is that using POST when GET would suffice (e.g. navigation) is evil.
  • by Inoshiro ( 71693 ) on Friday July 07, 2000 @03:59PM (#950431) Homepage
    He'll tell you [] that this is the #1 mistake in the top-ten list of mistakes done by webpages. And I agree. Linking to the outside world, and letting other people back out of your site shouldn't affect it. How else could Yahoo! [](tm)(r)(c) become so popular, eh? They certainly don't have a lack of people browsing their site.

    The back button is the most often used widget in the browser. If a user hits a site they don't want to see, or make a mistake -- boom, off they go. Locking them in to a site once they get in agrivates them (it sure pisses me off).

    My suggestion: turn off Javascript in any browser which allows you to (except Netscape, because that kills CSS [why?]).

    So what happens to sites which still do disable the back button, or otherwise lock you in? Well, I tend to just kill my browser process. It's simply easier than dealing with BS websites. Plus, I know to never go to that site again (it'd be nice if Mozilla had a dynamic blocklist which would mark down sites which do this, and block them).
  • Jesus God, this is a bad law. One of the premises of the net that The Man has fundamentally failed to grasp is that if your computer does something, it's your fault. If you're using a client that is willing to "lock you into a web site," it's your bad for using a broken client, and you should be punished for it until you find a better one.

    If a technical solution exists, legal solutions will ultimately be harmful, because they discourage people from actually solving the problem. Prosecuting people because they served you a stream of bytes you consider "harmful" to you, in response to YOUR request to THEM, is an affront to logic as well as free speech.

    For God's sake, man -- web sites are going to the trouble of advertising to us that they're poorly or maliciously designed, and we're COMPLAINING about it? I'd love it if there were an HTML tag that inserted subliminal advertising on my desktop. Junkbuster would start telling me, "IBM is trying to steal your money," and I would know never to buy anything from them again.

  • It never ceases to amaze me (but then again, old versions of Slashdot did the same thing, so who am I to judge?)

    you're someone with experience as a webmaster of a high-profile website. you're under more criticism than any of the companies you criticize. you've learned what people want and what works. (you are missing a few things... why is the search box all the way at the bottom? an empty white box in the left-hand side would break up the menu nicely, adding some white space and some functionality...oh yeah, criticism. right. it keeps you on your toes, though.)

    generally, companies care more about graphic design than function. they like splash, and don't understand the web user's habits... and web use is definitely a habit. capturing the user is the worst thing you can do to someone with the habit.

    it's a young industry, and it's earliest denizens are getting older. there's a major emphasis on young guys who will burn for the big bucks, but there's nothing as valuable as experience.

    so screw 'em. judge. :]

  • In Linux netscape, the middle button opens a link in a new window. In IE, shift-click does it. I open most things with the middle button when I know I'm going to want to come back to the original page. Back doesn't work very well on many pages if you've scrolled to somewhere in the middle (Slashdot stories are a prime example!)
  • I started laughing when I saw that. Like it's some amazingly complicated problem or something, rather than just leaving a 5 second delay with a "click here to enter" link.
  • It's really simple and easy to do this without knowing it... or at least it happed for me.

    For four years, my web site was hosted by the Oregon State University Electrical Engineering Webserver [], at this url [] that was widely linked and in all the search engines' first result page for a number of keywords.

    Well, all good things (actually their server was not very reliable) come to an end, and the university was under a big scare, supposedly because of some lawsuit somewhere, regarding old accounts from former students. I got a message that I would need to move my site.

    I did indeed move the page, to it's new and permanent location [], but even after over a year, the old site still gets lots of hits. Forunately, they have been nice enough to keep my redirector page [] in place all this time.

    At first, I did what seemed like the obvious thing and I set the HTTP-EQUIV meta tag to redirect, in zero seconds. Seemed like a good idea. It was actually like that for months, and I was totally unaware of the problem. I finally got an angry e-mail from someone who was upset that I messed with his back button, but as far as I could tell, nothing on my site would do that. Indeed, nothing on my site was doing anything with the back button.... by that time I hardly gave any though to the old urls anymore, so it didn't even occur to me at the time to try going to the old url and then seeing if the back button still worked. Even if I'd typed the old URL, to experience what an ordinary web surfer got, I would have had to find my url from a link (not hard, since the search engines don't update well anymore, even if you fill out their forms to rescan your url).

    Well, several weeks later, I learned what had happened while reading Jokob Nielsen's Alertbox Column, Top Ten New Mistakes of Web Design []. Breaking the back button was his number 1 offense, and I was guilty... and until that moment I didn't even know it.

    My point in all this, dear reader (and you're still reading after all this rambling), is that it's easy to need to redirect users, because old URLs don't stop getting hits, even after a year.

    Some people have said that the web design should use a location redirect in the HTTP header. I tried this, but the browsers generally don't honor that from within the HTTP-EQUIV meta tag (even though they should), and I have no control over the configuration of the server itself, only the html content.

    It's easy to say the commercial companies are different, since their web servers are for their corporate missing (whatever that is), but I can easily see how the "web designer" only has control over the content within the html file itself, and not the web server config... often times controlled by an admin who isn't helpful, or a third party hosting company.

  • by kris ( 824 )

    Webwasher [] filters all incoming HTML and will remove annoying Javascript as well as ads, and will on request deanimate all animated gifs.

    © Copyright 2000 Kristian Köhntopp
  • ...would be a JavaScript script in index.html that
    1. opens a new window and sends it to the homepage, and
    2. closes this window,
    erasing the Back button's popup menu.
  • The correct way is to send a 301 or 302 HTTP response

    How do I do this with, Geocities, or Tripod?

  • Is there a way to make a free web server (Xoom, Freeservers, Tripod, Geocities, FortuneCity) return a 302? Otherwise, I have to use <script language="JavaScript">window.location.replace('new page.html');</script>
  • Some things I'd like to turn on and off: ... CSS with version selection

    Motion picture studio web sites do not want you to turn off CSS :-)

    Oh, that CSS. But they still don't want you to turn CSS off and make their eye-catching promotional pages look dull.

  • I've seen a few browsers trying to access /index.htm for some reason, /index.shtml is there and the first under Apache's default document list.


    I don't want to use javascript because people use lynx.

    I thought Lynx adhered to the standards. Is Lynx one of the browsers that's going straight to index.htm?

    Contra: ^ ^ v v < > < > b a b a sel sta
  • Salesperson: Well, if you feel you really have to leave, you can climb that ladder into the rafters, walk across that I-beam to the far side of the store, and shimmy down the drainage pipe. But then you'd be missing our sale on OS/4 Impulse for Dishwashers...

    What one does in that situation in the real world, if the exit door is sufficiently difficult to reach, is demand a manager and then begin one's next sentence with "open this fucking door now or..."

    That can be acheived quite nicely in the Internet world with an email, although I recommend leaving out the profanity since email is so easily deleted.

    (Whereas, to delete you in person requires ejecting you from the building, which is what you wanted to acheive anyway.)

  • Sites that sell ad space will do anything to increase their page views. If you hit Back and everything reloads, there's a another page view. Intro screens serve the same purpose. Lots of sites break articles into too small pieces, so you have to look at a dozen pages instead of one or two. And each time you click, there's another banner ad.
  • The correct way is to send a 301 or 302 HTTP response

    How do I do this with, Geocities, or Tripod?, Geocities, and Tripod don't allow user-friendly Web sites. But you don't need root access to be able to send 301 or 302 HTTP responses; most non-free Web space providers allow it.

  • prob is, thats not the only reason it sucks

    windows _and_ NT suck because:
    the metaphor provided to interact with basic OS internals is only a programmatic API. This means that one cannot interact in any meaningful way with the OS w/o programming, and w/o using MS Dev, as any other IDE does not have the APIs precoded, and there is no decent documentation for using those APIs (compare the win32 books to Adv Prog in the Unix Env by Stevens)

    The lack of a metaphor like the Unix file representation also means that there is no consistancy to the interaction w/ the OS. Elegance is the only way to describe the ease with which one can interact with core OS internals in a Unix Environment. To be able to `cat /proc/net/tcp` and get not just a text readout of the network activity of the computer, but the actual kernel's understanding of that activity, is amazing. To be able to `echo 1 > /proc/net/foo/bar` to enable some feature of the networking stack, is pure ease. (yes these are Linuxisms, so sue me)

    Does the open-source nature of Linux mean I read kernel source. Well actually I do from time to time, but leave that aside. Say I don't. I still get the benefit of documentation provided by people who have _who are not the programmers involved_. People always understand their own code too much to document it well.

    Why like windows NT? Because its not based on Unix, a 20+ year old technology? You are right, its not. Its based on _VMS_ the precursor to Unix, a 30+ year old technology, but unlike UNIX, one that was retired (for good reason).

    Apps and ISV support are not a reason to prefer an OS. Perhaps one to use it, but not prefer it.

    We are all in the gutter, but some of us are looking at the stars --Oscar Wilde
  • hmmm

    just tried browsing at +2, and realized, this comment makes no sense unless you read at at least +0. Oh well

    it is a response to someone bitching about Linux advocates, challenging that since apparently the only reason to dislike windows is its crashability, when the NT core is used in the mainstream version of Windows, will we all go back.

    Not all of us came from there, and if one did (as I did), well...

    sometimes there is no going back, obviously for more reasons than I listed, others include

    remote useability
    CLI power (vs NT CLI weakness)

    and more
    We are all in the gutter, but some of us are looking at the stars --Oscar Wilde

Show me a man who is a good loser and I'll show you a man who is playing golf with his boss.