Blocking popups from external source

Sir Osis of Liver · March 05, 2024, 05:42:55 PM

Having a recurring problem with Google pushing unwanted ads to a forum running Adsense ads in portal blocks. There are three ads in right column configured in the portal, but sometimes we see popup ads that we don't want. You can see the sidebar ads here, and possibly the popup at bottom. I don't see any of the ads in FF, but see three grey bars in sidebar where ads are displayed. Don't see anything at bottom of page. Been tinkering with Content Security Policy, which allows me to block popups in .htaccess with this -

Code Select


Header add Content-Security-Policy "sandbox allow-popups;"

But it disables forum popups (Login). Is it possible to block popups only from external domain without affecting forum popups or configured ads?

vbgamer45 · March 05, 2024, 06:05:01 PM

I would turn off autoads in adsense for google. That way you control where the placements appear.

Sir Osis of Liver · March 05, 2024, 06:13:26 PM

Don't have access to Adsense account, will see if I can get owner to do it. But I think we did this once before, popups stopped for a few months, now they're back.

Aleksi "Lex" Kilpinen · March 06, 2024, 03:08:33 AM

Even with autoads, you should be able to simply turn off specific ad types per domain.

Arantor · March 06, 2024, 03:38:42 AM

Funny, the login pop up isn't a pop up as per the CSP definition - I'd be checking if you accidentally disabled JavaScript for the site in the process (e.g. whether you can use quoting to quote to quick reply)

Sir Osis of Liver · March 06, 2024, 12:18:27 PM

Autoads has been disabled for a few months, owner confirms it still is. Bottom ads just started appearing recently. I don't see them, but host support confirms they're from google, and screenshots look like popups. CSP blocks login popup in Nightbreeze theme, it's running in 2.0.19.

Are there any popups in 2.0 Curve or responsive Curve? If not I can try using CSP and see if it blocks the bottom ad only.

Quote from: Aleksi on March 06, 2024, 03:08:33 AMEven with autoads, you should be able to simply turn off specific ad types per domain.

Will ask him to look for that.

Arantor · March 06, 2024, 12:49:59 PM

Quote from: Sir Osis of Liver on March 06, 2024, 12:18:27 PMAre there any popups in 2.0 Curve

Quite a few. Especially considering that it uses *actual* popups to do everything, not a div pretending to be a popup like 2.1 does for things.

But again, your code as given looks like it blocks all JavaScript happening, not just the login thing (which is powered by JavaScript) which is why it would also stop ads working. Correlation is not causation.

Sir Osis of Liver · March 06, 2024, 12:55:34 PM

Yeah, if I put the .htaccess on the client forum, it breaks the BCM banner (js) above main index. Dicked around a bit with FF and Ghostery settings, am now able to view the sidebar ads, but still don't see the bottom ad. If I could see it might be able figure a way to block it.

live627 · March 07, 2024, 04:24:12 PM

Quote from: Sir Osis of Liver on March 06, 2024, 12:18:27 PMAre there any popups in 2.0

the help popups (the new window that appears when clicking help icon, of which I think are too many)

2.1 uses the same methodology for showing the stack trace in the error log.

News:

Blocking popups from external source