As much as we’re writers of content, we’re consumers too, and while most of us tolerate ads, the ones that annoy us the most are pop-ups that make it look like our phones are infected with a virus or something. Most tech-savvy people know these are complete junk, but some people – unfortunately – are fooled. These ads shouldn’t be allowed to exist, and because ads on Google’s AdSense platform aren’t especially well vetted, they sneak in from time to time.

We’ve had complaints about them here at Ausdroid, and despite our best efforts to eradicate them, it really requires a change on Google’s end rather than ours. However, there’s now a way for users to prevent these popup-redirect ads from being able to hijack your browser, and it’s as simple as can be.

The feature is already built into Chrome, but it isn’t – as yet – turned on by default. That will change in January/February 2018, but for now, you can enable it manually and enjoy a much nicer browsing experience.

The process only involves toggling a flag in Chrome’s settings to ‘Enabled,’ and it works on both desktop and mobile. Just copy chrome://flags/#enable-framebusting-needs-sameorigin-or-usergesture and paste it in the address bar (you can’t click/tap on it due to security concerns). Then just tap/click the highlighted dropdown menu, change it to ‘Enabled,’ and restart the browser when asked.

With that one setting changed, you’re protected from those rogue ads. You can view a demo here to see it in action. You can enable it on Windows, Mac, Linux, Android, and Chrome OS. We’ve tested it on most of these platforms and it works exactly as it should.

We’d urge you to give it a try, as Google will soon make this a default behaviour.

Inline Feedbacks
View all comments
Philip Clark

Best news I’ve had all week, the browser hijack ads are well overdue to be stamped out. Surprised to hear they’re served up by Google ads, but that probably explains why I can get them pretty much anywhere, even fairly trustworthy sites. Will this fix also work for app-embedded browser instances? E.g. clicking a link from Facebook.