Google wants to change the way pop-ups are being handled by JavaScript
Google wants to change the way JavaScript handles the pop-ups to restrict multiple instances of attacks from hackers. Google Chrome is planning to reengineer pop-ups that work in per window and change it to per tab basis which is written in JavaScript to close potentially malicious pop-ups.
JavaScript contains methods such as alert (), confirm (), and prompt () which contains a synchronous API that will pose a problem for modern browsers.
“ Because the JavaScript engine needs to pause until a user response is obtained, the JavaScript dialogues are app-modal. And because the dialogues are app-modal, they commonly (and unfortunately) are used to harm our users,” says Google. And Google is looking for replacement for these dialogues and is also considering the Notifications API for notifying the user.
The alert (), confirm () and prompt () dialogues are being changed as we speak to tab form. These dialogues rather than being in app-modal will now be dismissed when the current tab is switched to another tab.
These changes are currently happening due to the increasing number of pop-ups that claim to be legitimate and panic people into clicking them that they obviously lead to some sort of malware. To avoid this, micro virtualization can be used for every web page and tab that is launched will be in a fully isolated environment. But experts feel that this is far from a foolproof plan and need to be provided with a better safety net for the users.
Now the pop-ups are transferred to tab form and if the users click on the wrong pop-ups, the use can simply close the tab and whatever malware download that was on process will be completely stopped.