Chrome will soon protect against malicious websites ‘breaking’ your back button

Google Chrome on a laptop

If you’ve ever been in a situation where you’ve visited a website, realized that you’ve made a mistake and navigated to some kind of spammy or malicious page, then hit the back button on your browser to escape – but found that it doesn’t work – you’ll know how frustrating that can be.

Fortunately, Google is working on a solution to defeat these kind of sites, and the Chrome browser will soon be armed with the relevant protection measures to stop this happening.

The nefarious technique of essentially breaking the back button is called ‘history manipulation’ by the Chrome team, and essentially what happens is that the malicious site adds dummy pages to the browsing history, and these effectively fast-forward you back to the dodgy page you were trying to leave.

Baby didn’t get back

So in effect it seems like the back button just isn’t working, which generally leads to the user mashing that button – with unpredictable and frustrating results (sometimes that won’t let you escape, either, and you still end up back on the same page).

So the Chrome developers are taking action. 9 to 5 Google spotted various proposed changes in Chromium’s code which facilitate the detection of these dummy history entries, and flag sites that use them.

The eventual goal will be to allow Chrome to ignore the false history entries entirely, so the grief-giving procedure no longer works, and the back button functions just as normal in the face of attempts to subvert it.

This is still early days, and these countermeasures aren’t even in the pre-release test versions of Chrome yet. But testing should begin within the next few weeks or so, and obviously down the line, the feature should pitch up in the full release version of the web browser (all being well).

And as this is a change to the Chromium engine, it may well eventually benefit other browsers based on that, which as we’ve heard recently, will soon include Microsoft Edge.

Via Ghacks