Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Between GDPR warnings and ubiquitous site notification pop-ups (side question: has anyone ever intentionally clicked "yes" to a site notifications request? can the browsers just admit this was a horrible idea and move on?) out-of-the-box browsers are basically unusable on just about every website. Leading to extensions and situations like this.


I think the original goal, and one I still support, is for websites to realize that they are better off with not showing the banners and just defaulting to "no". It's been surprising to me that an industry that has been somewhat obsessed with click latencies and getting users to content quickly are willing to annoy all their users for the extra income from personalized ads. The difference in value must be a lot.


An org wide policy to disable browser push notifications visibly changed helpdesk load and security incident reports over night.

Non technical, average users hit "yes" in nearly every case, usually ending with opt in to fake tech support popups and porn spam.


Thing is, there are "websites" and "web apps"; the latter replace things that we used to have on the desktop and we want significant permissions for them (notifications, constant updates in the background, copy/paste integration, drag&drop integration, camera and microphone access, etc) and the former should get nothing, as all of these can and do get abused - but from a technical perspective they look the same to the browser.

The way I see it, it would make sense to explicitly whitelist a website (e.g. Gmail or Webex) in a similar manner to installing an app, and all the other websites don't even get to beg for these permissions.


> can the browsers just admit this was a horrible idea and move on?

It wasn't the browsers, it's EU regulation. Most sites choose to operate legally in Europe, so the banner is displayed. Devs don't care about making it so only European users see it, so the rest of the world must suffer too.


The EU should've just mandated websites to follow the Do Not Track header. That would have saved everyone a lot of effort.


I meant the ability to offer desktop notifications. The browsers should just deprecate that.


> has anyone ever intentionally clicked "yes" to a site notifications request?

Yes, for Google Calendar and Slack.


Still thousand times better than the walled garden app stores.

If we want complicated apps to be available on the web we need complicated browsers. The competition situation is troublesome but nothing compared to the complete monopolies Apple and Play store has.


I still believe that cookies consent should be handled by the browser and not by sites. Because all these cookies preferences are temporary in nature and disappear when user decides to clear cache or it gets removed automatically. Not mention that this control via modals applies for device currently in use and doesn't get carried around (not sure if browser synchronization changes anything)

Having this within browser in theory should solve the issue of consent but I frankly doubt that such permanent solution would agree with Microsoft or Google goals. Mozilla - perhaps would roll this but I wouldn't have any big hopes.

And yes, I did intentionally clicked "yes" thinking no 3rd-party cookies will be saved but that was in the early days of GDPR. There are sites that allow users to disable 3rd-party "legitimate interests" cookies under modal submenus and some only show em in enabled state without any options.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: