A MODAL WINDOW, also known as a Modal Dialog, is a graphical user interface (GUI) that appears as an overlay above the main content window of a page or application. Most people refer to it as a “pop up,” which in a roundabout way, describes the randomness of its occurrence in any given session. In the context of data structures, a modal is said to be the child node of the window, or parent node, that invoked it.
It’s occurrence is based on some type of event. The most discreet of these is a click event which is totally dependent on whether a user clicks (or taps) on a hyperlink or button in the content window. But modals have been used and abused over the years, ranging from tactics which prompt users for their email addresses before exiting a web page, to automated forms of advertising.
A modal window is unique in that its appearance disables the functionality in the main content window beneath it. This forces the interaction of a user to either proceed with a new branch of operation, or return to the application’s normal workflow. These elements were conduits for malicious attacks in the early days of the Web, creating a demand for pop up (and pop under) blockers that are still used in browsers today.
In addition to the aforementioned use cases, a modal window can be used for the following:
To immediately capture a user’s attention. This is idea for Internet ads and time-sensitive events although most users find them annoying. These modal windows make use of scripts that position them over the content in an active window or tab. These are known as pop up ads. Other times, they use a pop under approach and don’t become visible until after a user has closed all instances of their browser window.
To force a user’s input when required. This is good for when an application or website session has expired and it is necessary to prompt the user for their credentials again. It is also effective for when information, both personally-identifiable and non personally-identifiable, is collected. A modal window, or Data Dialog Box, might be displayed to ask their permission for this. Depending on their response, the website may become unusable or cookies may be created for temporarily storing data.
To provide the user with additional information. This normally falls within two (2) categories: Tooltips and Helper Dialog Boxes which appear when a mouse cursor hovers over the appropriate text; and lightboxes that require click events to display larger versions of images. Regardless of what’s being displayed, it should be related to the content in the parent window.
To confirm an intended action or one already taken. These Confirmation Dialog Boxes, as they are known, are employed to get a user to agree to a task, or complete a separate one before any further action can be taken. Here, the only way to remove such a dialog box is to satisfy the prerequisites or abort the intended task all together. A confirmation message might also be displayed when an action that was taken was successful. This would simply require the user to click an “OK” button.
An Error Message in modern operating systems is a type of modal window that displays when an unexpected condition is encountered in an application. Although attempts are made to make this information as relevant and human-readable as possible, this is not always successful. This is particularly true for when errors occur from outside an application, or as a result of malware infection. The anatomy of error dialog boxes involve the following seven (7) buttons: ErrorAbort, ErrorYes, ErrorRetry, ErrorOk, ErrorNo, ErorIgnore and ErrorCancel.
The purpose of a warning dialog box is make users aware of potential repercussions before following through with certain actions. This is most commonly seen with bulk-delete, factory reset and other operations which cannot be undone. Other examples includes low battery indicators which prompt a user to connect their power supply so they don’t lose their work; and sensitive actions, like bestowing the user of a system with administrator rights. But a warning message might also appear when malware and other processes cause runtime errors. Unlike encountering an error message, in which the workflow of an application usually becomes impaired, a warning message will allow the user to proceed at their own risk.
Basic Anatomy of a Modal Window
While the design of a modal window might change with each browser, application or operating system, the following are common elements:
- A title bar which contains the name of the application, software or page that actually launched the dialog box. It might also include the purpose of the dialog box.
- An instruction area which identifies the user and objective in context of the dialog box.
- A content area with descriptive information and controls.
- A command area that houses the “OK” and “Cancel” buttons.
- A footnote area of additional explanations which may or may not always be present.
Preventing Modal Window Malware
As previously mentioned, with the advent of the Web, modal windows have been used for a variety of malicious attacks. This usually occurs when a user encounters a malicious website. A pop up window might be launched which advises the user that their system is infected with malware. Ironically, this strategy only gives the user one option to close the modal, which is by clicking “OK” to install a free antivirus tool. This pop up implementation is a form of Rogueware.
A malicious website might also issue a pop under attack which loads beneath a browser window to keep the user oblivious to its automatic processes. Here, malware is installed before the user can intervene. Other times, a malicious website will simply bombard a system with countless pop up and pop under windows. This is meant to exhaust a system’s memory and computing power and force a hard reboot.
The best way to prevent these attacks is to use a reputable antivirus (AV) product which will not only scan and remove the viruses it detects, but will likely come with “safe browsing” features that block requests to malicious websites altogether. And because most modern browsers already have pop up blockers built inside them, its also a good idea to ensure these features are enabled, too.
A modal window can be adapted for many business cases and will likely remain an important element in web and application development. It’s versatility, however, makes it a stapler for innovations that push the envelope or break the rules altogether. Pop up malware isn’t as effective as it once was, but still poses a threat for ill-advised users who browse the Web with no protection. With the right security measures in place, you can ward off these threats and even remove them should your device become infected.