Firefox, Chrome working to ban pop-up 'permission spam'

Chances are that when a website pop-up asks your permission to send you notifications, you don't want to grant it. That's a problem Firefox and Chrome engineers have begun trying to fix.

Website notifications can be useful, for example, when you want your web-based calendar to alert you to an upcoming meeting or when an important message arrives on your web-based chat. But a monthlong Mozilla test found people using the beta version of its Firefox browser denied that request 97 percent of the time.

That's why Mozilla and Google are exploring ways to block notification permission requests until some kind of action on the website offers a better indication that we're likely to be receptive rather than ticked off.

Mozilla's Nightly version of Firefox began a two-week experiment Monday that blocks all notification requests unless the browser user has clicked or typed something into the website, Firefox engineer Johann Hofmann said in a blog post. And Google is "looking into many strategies to tamp down on this," including monitoring our engagement with websites before permitting the request, Chrome standards guru Alex Russell tweeted Sunday.

The moves reflect the difficulties of adapting the web from its initial design as a repository of static documents into a foundation for apps. A dynamic web is great for things like messaging and social networks, but the interactivity means it's harder for websites to strike the right balance between powerful and pushy. That's especially true given the famously aggressive ethos popular in Silicon Valley that it's easier to ask forgiveness than permission.

But while browser makers have been keen to dial up the web's power, they don't like seeing it abused. One website might benefit every now and then when one of us agrees to its notifications or newsletter offer or survey. But overall, those requests are clutter that degrades the web with interruptions between us and what we actually hoped to see when we clicked that link to a site.

Browsers are getting a more explicit ability to run apps -- called progressive web apps, or PWAs -- and notifications are a central part of that technology. But the notification technology predates the PWA movement's effort to avoid spammy website behavior, Russell said. A Chrome crackdown would try to fix that, he said.

"My current starting place is to make push notifications a feature of super high engagement score," Russell tweeted. "Basically [if] it isn't installed as a PWA, [website developers] won't get the ability to ask."

Website developers may not be happy about that, but browsers are getting more assertive these days acting on behalf of us. Reading modes cut website clutter; Safari, Brave and Firefox are blocking technology that publishers and advertisers use to track us around the web; Brave blocks ads by default; and browsers for years have blocked pop-up ads.

And last year, Firefox got an option that allows you to block all requests for website notifications. That option isn't protecting people by default, Hofmann said.

Mozilla also plans a second two-week test that shows Firefox Nightly users an address bar indication that, if clicked, will show the notification permission request.

It's not yet clear how the permission requests will look in the future, but it's a good bet you'll be seeing fewer pop-ups as browsers crack down on what Hoffman called "permission spam." He encouraged website owners to restrain themselves in asking for notification permission for their own benefit.

Not only did Firefox beta users dismiss 97 percent of such prompts, but 19 percent of the time they triggered people to leave the site immediately. That doesn't sound like anybody's idea of user engagement.