Dealing with "Back Button Hijacking" from 3rd party creatives – how are you guys tackling this?
Hey everyone,
I’m running into a number of back button violations across our sites, and it’s becoming a real "needle in a haystack" situation to track down the specific culprits. I would like to resolve (or at least somewhat manage) this before June, which is Google's deadline for fixing this issue.
From what I’ve gathered up to this point, there are intrusive scam interstitials running on random pages in our sites, hijacking the back button, fingerprinting users, and built specifically to avoid detection.
I have a script logging everything that tries to affect the back button history and it has been very good at isolating the random events. I also tracked a couple of suspect files using a proxy capturing app. They appear to be leaking in through auctions from manually added third-party scripts running on our sites outside of GAM. And figuring out which third-party script brought this so we can let them know in is a pain to track.
Has anyone dealt with this recently? Specifically:
- Detection: Since these are bypassing GAM, how are you identifying which third-party partner or header bidding adapter is letting these through?
- Mitigation: Are there specific SSP-level blocks or sandboxing techniques you’ve found effective for scripts that don't live within the standard ad server frames?
- Verification: Once you've implemented a fix, what's your process for ensuring these "ghost" scripts are actually gone before the deadline hits?
Would appreciate any insights or shared experiences on how to clean this up effectively.
Cheers!