History Manipulation
Why Doesn't Your Back Button Work?
Posted by Charlie Recksieck
on 2022-08-11
Maybe it's not the worst injustice on the internet but it's a frustrating manipulation on the part of the web designers, annoying to consumers and actually not helpful for the perpetrators in the long run.
Basically, they are keeping you hostage at their website, even when you want to leave and are trying to back out. This is known as "history manipulation" or "back button hijacking", both sounding pretty ominous.
Why They Do It
By and large, these sites do this when they are running ads on their pages. Every time a page is loaded (even if you just pressed Refresh) then that's another page impression AND another recorded impression for the ad. Although internet ads have largely moved to a pay-per-click or commission model, there are still some places that give credit/money to simple impressions. With the back-button hijacker sites, if you hit Back and the site just displays the same page again, they double up on ad revenue - even though this shady practice has done nothing to help the advertiser.
In other cases, managers and designers for the offending site are going rogue with this practice to increase page impressions to simply pump up their numbers to look good either for management or to report to investors.
Whichever the case, this is shady.
Another motivation for a site to do this is to have slightly different content on the previous version of the page that users would be going "back" to with their Back button. Let's say the user wasn't interested in clicking further or doing business with the site, but the "Back" version of the page that comes up a second time could suddenly feature a new discount offer. Still a deceitful practice, but this one could fall into a grey area, given the benefit of the doubt.
The only legitimate reason I could think of for this practice would be a site that has a lot of scripting in it. Take an online mail viewer page. When you click Inbox or a folder or opening an email, those actions display new info in scripting; the browser isn't really going to a new page. As such, users could think that Back should take them back to the previous mail folder, whereas it would take you to the page previous to the whole email experience. So intentional history manipulation could be well-intentioned to help people stay in their mail viewer. That's a pretty rare case, and also a little lazy since there are other ways to deal with that issue. This article is talking more about the bad actors out there with their websites.
Examples
In case you haven't noticed examples of this yourself, should you press the Back button on your browser and hold it, it looks like this image on the left. As you can tell, the page now has a history of this same page being the last several items in your browser history, even though you only clicked once to get to this page.
In the past, I've definitely noticed gross versions of this from Fox Sports and Facebook Marketplace. I've also noticed this on a lot of news sites.
Some of the worst offenders of this outside of porn are online magazines. Esquire, Harper's and Paste Magazine should be ashamed of themselves. Perhaps the dying newspaper and magazine industries are trying to stave off the inevitable with making a few extra pennies with this practice.
How They Do It
There are several methods how web designers make this happen. Make no mistake, all of these are shady and deserve your - and Google's - wrath.
Redirect To Itself - It's very easy to redirect to any page via Javascript or PHP. Especially with an argument or cookie or code tracking how many redirects they've done and shutting it down after 3 or 30 times.
pushState Command - Unfortunately, browsers allow page code to alter their history with a pushState API. Like it or not, this is an easy way for a programmer to insert something into your history that you never clicked on. It's still a head scratcher why browsers allow this, but there it is.
Meta-Refresh - This one isn't even a scripted language command. A valid meta tag, the meta-refresh redirect command is part of basic HTML and has been for a long time. This can be manipulated for the page to redirect to itself at any interval, each one of these adding a new record to the browser history.
Yes, some browsers have some tools to prevent some of these methods, but it's still a little bit of a losing battle at this point.
How To Deal With It
The easiest thing I can recommend is to mouse-down and hold the back button until it displays the recent history. Just mouse down to the last page in the history before this repeating page showed up.
A smart web surfing practice or policy is to routinely open links or new pages by right-clicking links and open them in a new tab. This way when it's time to close, you simple close the tab; no matter how much history hijacking has gone into a page, you close the tab and you're out of there. Sure, you'll end up with lots of tabs open in your browser, but for a lot of reasons I've found this is an efficient way to be working all day anyway. Try it.
As mentioned above in the previous section, there are some browsers that are doing something about it. In Chrome browsers you can follow these instructions to block redirection (in the "Disable Pop-ups and Redirection" section). And there are some other instructions for similar features in Firefox.
This whole practice is even worse when on a smartphone. This page has a great concise summary of what to do on a phone or tablet when this is happening.
When you notice this from a certain site or domain and they've ticked you off enough, block them. There's many effective ways to do this with block lists or a host file. Here's a good page of blocking solutions.
Does Your Website Need To Do Things Like This?
No. How's that for an answer? If you’re having to trick people to visit your site, maybe your site or your business is the problem.
If you're considering doing this, here's some thoughts on why this dishonest practice won't actually even help you, your site or your company.
If people are already leaving the site (which is what the Back button really means), do you think this annoying trap will win you any customers? Not at all. It's only going to engender a lot of bad will.
But if you're still comfortable with being a jerk, then know this: It hurts your SEO. Here's a good article talking about redirect chains hurting SEO.
Lastly, If You Advertise On The Web
If you're running Google Ads out there, this practice is diluting the value of your ad buy. You can report this to the ad service. Or in most online advertising schema, you can explicitly specify domains where you do not want your ads to run.
Yes, it's a pain to track this, which is why these shady actors get away with it. Personally, if it was me, I'd get angry and do something about it.
There's a word for this: "Fraud". Yes, sometimes it's not super nefarious. At the very least it's supremely annoying and helping make the internet a slightly worse place. Don't be that person, and don't give money to that person.