cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
Locked
0
Upvote

Local storage popup that cannot be allowed or denied

Guest
Sep 14, 2016 Sep 14, 2016

My mom's computer which is an iMac running the latest version, started showing this popup last night when she goes onto shockwave.com to play games.  It says something about local storage and gives you the option of allow or deny.  (Sorry that I don't have a screen shot but I am on my computer after working with hers for hours).  The problem is that you cannot click or either allow or deny--it won't do anything.  I tried tabbing through the options and it would move but does nothing if you hit enter or space bar.  The only way to get out of it is to exit the website. 

I really don't know much about Adobe Flash so bear with me please.  She uses Firefox but the same thing happened in Safari when I went to shockwave.com.  It did not happen in Chrome as of right now.  The computer is almost brand new and I checked and the latest version of Flash has been installed.  Just to try it, I uninstalled Flash and reinstalled it and the same exact thing happened when I went to that site.  She says that she has only saw it on that website. 

I do have Firefox configured to always ask before running it.  I changed it to allow it to always run for that particular site but the popup was still there.  I have researched and researched and exhausted all options that I can think of.  It's not just a matter of the popup being annoying, it's the fact that it will not go away or allow you to click on anything on it.  My elderly mother has very limited abilities and understanding when it comes to technology and online security is a huge concern of mine. 

Does anyone have any ideas at all that could possibly help?  I appreciate all help and assistance.  Thank you.

2.7K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

jeromiec83223024 Adobe Employee
Adobe Employee , Sep 19, 2016 Sep 19, 2016

Yeah, it's a symptom of our anti-clickjacking logic being overly cautious.  This typically happens when something animated is moving behind the dialog, or sometimes, it's just resolution/zoom-level specific.

Unfortunately, as a browser plug-in, it's really hard to tell whether or not we're the top-most thing on the screen, and we don't want to accept clicks on security dialogs unless we know that you're actually seeing them, and not something else (e.g. "Click Here To Win!!1!") superimposed over

...
Translate
replies 1 Reply 1
latest latest Jump to latest reply
jeromiec83223024 Adobe Employee
Adobe Employee ,
Sep 19, 2016 Sep 19, 2016
LATEST

Yeah, it's a symptom of our anti-clickjacking logic being overly cautious.  This typically happens when something animated is moving behind the dialog, or sometimes, it's just resolution/zoom-level specific.

Unfortunately, as a browser plug-in, it's really hard to tell whether or not we're the top-most thing on the screen, and we don't want to accept clicks on security dialogs unless we know that you're actually seeing them, and not something else (e.g. "Click Here To Win!!1!") superimposed over the top of it.

Honestly, in 2016, restricting the ability of content from storing data locally doesn't really buy you anything meaningful in terms of privacy or security.  If you want to avoid persistent tracking tokens, your browser's private browsing mode is far, far more effective, and we honor it.  We also clear Flash Player's local shared objects when you clear your browser cookies (as long as your browser tells us that you've done that).  The aversion to Flash Player's Local Shared Objects is largely based in superstition at this point.  The ability for marketers to create resilient, persistent tracking is far more powerful in native HTML and JavaScript.  Feel free to look through my activity feed to find similar posts, where I've pointed to academic research on the subject, etc.

So, here's my pragmatic recommendation:

Go to Settings > Flash Player > Storage and choose Allow sites to save information on this computer


Where you don't want sites to save persistent information, use private browsing mode.


This accomplishes a couple things:

- The content saves data locally, so everything appears to be working normally to the content.

- Neither Flash Player or the Content will throw permission dialogs or errors

- All data is stored in a temporary location, which is destroyed when you exit your private browsing session

This gets you the best possible user experience, and the best defense against tracking both in Flash and HTML/JavaScript.  If you're in the business of uniquely identifying people, it's general practice at this point to use all available technologies for redundancy and resilience, including both local and server-side fingerprinting techniques, so just "solving" the Flash Player vector by disabling LSOs doesn't help in any meaningful way.

Unfortunately, the clickjacking threat requires us to implement some sub-optimal solutions, and the decade or so of experience with very smart people working on it shows that it's a game of whack-a-mole.  It's better to just avoid scenarios where the dialog gets popped by adding domains to the trusted list, or simply by allowing access altogether.  The ideal solution would be to move those dialogs to the browser's native UI, but that requires buy-in from all of the browser vendors involved, etc.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices