this post was submitted on 13 Dec 2024
690 points (96.9% liked)

Technology

60112 readers
1966 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] solrize@lemmy.world 132 points 1 week ago (6 children)

We need browser extensions to kill those tags automatically.

[–] UnpopularCrow@lemmy.world 109 points 1 week ago (2 children)

Firefox I believe does. If you right click on a link, it says something like “copy link without tracking”. It should do away with queries in the URL, but I’m not completely sure.

https://www.trishtech.com/2024/10/how-to-disable-copy-link-without-site-tracking-in-firefox/

[–] podperson@lemm.ee 60 points 1 week ago (3 children)

This is definitely what it’s supposed to do (and a great feature) but unfortunately it doesn’t work that well. Have tried this many times, especially with Amazon links, and it seems to be a bit inconsistent in its effectiveness.

[–] UnpopularCrow@lemmy.world 8 points 1 week ago
[–] echodot@feddit.uk 5 points 1 week ago* (last edited 1 week ago) (2 children)

You probably also need to clear your cookies as well. I can't really see this being done only via GET

[–] Voroxpete@sh.itjust.works 9 points 1 week ago (2 children)

Yeah, I cannot imagine any reason they wouldn't use cookies to track this. The moment you arrive via an affiliate link they're going to know that that's how you got to the site for that session.

That's not going to work for links sent by text or whatever.

[–] ivn@jlai.lu 1 points 1 week ago (1 children)

How do you think that would work? Like the site with the affiliate link should drop a third party cookie for gumroad? That's a pretty big requirement.

When you go to the website, it can save that cookie for the session, even if you later remove the parameter.

[–] ivn@jlai.lu 1 points 1 week ago

I don't understand. Cookies and request method are two different things. You can set cookies on GET.

[–] Blackmist@feddit.uk 2 points 1 week ago

If a platform gets traction and is good at removing them, then links will be more obfuscated to deal with it.

[–] solrize@lemmy.world 4 points 1 week ago

Oh nice, that is pretty new, but will have to see if it works on those gumroad links. I have an offline script (not a browser extension, I haven't bothered figuring out how to write those) that edits urls to remove tracking and it's quite a pain, since there are dozens of sites and tracking schemes it has to know about. Also, rather than creating a pasteable url, a suitable browser extension should just rewrite the link automatically before navitation when you click on it.

[–] narc0tic_bird@lemm.ee 46 points 1 week ago (1 children)

uBlock Origin filter or ClearURLs for example.

[–] tb_@lemmy.world 3 points 1 week ago (1 children)

In the case of uBO, just search for "url" in the filter list and you should find it.

[–] ivn@jlai.lu 9 points 1 week ago

The URL tracking filter list is nice but it doesn't seems to include anything related to gumroad domain or parameters.

https://filters.adtidy.org/extension/ublock/filters/17.txt

You need to add it yourself.

[–] ivn@jlai.lu 3 points 1 week ago (1 children)

An uBlock Origin custom filtrer should do.

[–] solrize@lemmy.world 1 points 1 week ago* (last edited 1 week ago) (1 children)

Hmm, I thought ublock origin could only block links, not rewrite them. Am I missing something? I just looked through the docs and only see block/allow/noop rules, and I remember reading something a while back about how the devs didn't want to rewrite. I'd love to have a pointer to the docs about how to do this if I'm wrong. Thanks ;)

Added: https://old.reddit.com/r/uBlockOrigin/comments/b9tdky/rule_for_redirecting_urls_to_cleaner_ones/ points to some github issues related to this.

[–] ivn@jlai.lu 6 points 1 week ago (1 children)

Use removeparam.

The URL tracking protection filter list uses this and is a nice list to enable.

[–] solrize@lemmy.world 1 points 1 week ago

Thanks! I saw the GH issue about that but didn't figure out that it had been deployed.

[–] reddig33@lemmy.world 2 points 1 week ago* (last edited 1 week ago) (2 children)

For those of you with Apple devices, I’m pretty sure current versions of Mac OS and iOS remove tracking arguments from URLs when you use cut/copy/paste/share.

https://9to5mac.com/2023/06/08/ios-17-link-tracking-protection/

[–] ivn@jlai.lu 5 points 1 week ago

This is about removing tracking arguments that identify users, this is not the case here.

The example in your link even show it's keeping campaign tracking arguments. So I'm pretty sure it would keep the one we are talking about here.

[–] stalfoss@lemm.ee 1 points 1 week ago

Also this only applies in private browsing mode, which people usually aren’t in

[–] nieminen@lemmy.world 2 points 1 week ago (1 children)
[–] solrize@lemmy.world 3 points 1 week ago (1 children)

Thanks, I have that too I think. It's great for sharing from my phone. On my laptop I have a python script that is a lot fancier that I'd like to rewrite as a browser extension someday.

[–] gitamar@feddit.org 1 points 1 week ago

For your desktop, you can use https://linkcleaner.app/

[–] douglasg14b@lemmy.world -2 points 1 week ago* (last edited 1 week ago) (1 children)

This the most tech illiterate take....

These are called query parameters. The standard part of the HTTP spec.

A huge part of the internet uses these simply as a way to instruct a page to display certain data or to display a particular view or layout of that data.

Calling for an extension to get rid of these it's like calling for an extension to get rid of headers because websites use them to pass metadata in the same manner.

Edit: that was harsh my apologies.

[–] solrize@lemmy.world 4 points 1 week ago* (last edited 1 week ago) (2 children)

There are in fact many extensions designed to suppress or rewrite headers, most notably cookies, but also proxy headers and other things like that. Stripping out privacy invading (or in this case revenue redirecting) query parameters is another thing that extensions can do, and there are various extensions for that too, including apparently ublock origin (UBO).

UBO is not able to rewrite urls completely (a deliberate decision to protect users from accidental or intentional security breaking rules appearing in rule lists) but there are other extensions that do that too, like changing www.reddit.com to old.reddit.com, or bypassing google redirects and link shorteners that snoop on user activity. The web is a predator-prey ecosystem (users are mostly prey) and it is necessary to respond to new hazards as they appear.

[–] stinky@redlemmy.com 1 points 1 week ago

You were so, so much more polite than I would have been

[–] TheMachineStops@discuss.tchncs.de 1 points 1 week ago* (last edited 1 week ago)

I use this filter in ublock to remove them: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt.

These things are very privacy invading, many of them have information that can identify the users. I don't think douglasg14b knows what he is talking about. Yes they are query parameters, but they are used for many things such as advertisment for example or referrals, I think it is fine to remove query parameters that are not necessary.

https://www.ieee-security.org/TC/W2SP/2014/papers/privacy_query_strings.pdf

Sometimes the website sends sensitive data through query strings which is a common security issue.

https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url