this post was submitted on 13 Dec 2024
690 points (96.9% liked)
Technology
60112 readers
1966 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
We need browser extensions to kill those tags automatically.
Firefox I believe does. If you right click on a link, it says something like “copy link without tracking”. It should do away with queries in the URL, but I’m not completely sure.
https://www.trishtech.com/2024/10/how-to-disable-copy-link-without-site-tracking-in-firefox/
This is definitely what it’s supposed to do (and a great feature) but unfortunately it doesn’t work that well. Have tried this many times, especially with Amazon links, and it seems to be a bit inconsistent in its effectiveness.
Good to know.
You probably also need to clear your cookies as well. I can't really see this being done only via GET
Yeah, I cannot imagine any reason they wouldn't use cookies to track this. The moment you arrive via an affiliate link they're going to know that that's how you got to the site for that session.
That's not going to work for links sent by text or whatever.
How do you think that would work? Like the site with the affiliate link should drop a third party cookie for gumroad? That's a pretty big requirement.
When you go to the website, it can save that cookie for the session, even if you later remove the parameter.
I don't understand. Cookies and request method are two different things. You can set cookies on GET.
If a platform gets traction and is good at removing them, then links will be more obfuscated to deal with it.
Oh nice, that is pretty new, but will have to see if it works on those gumroad links. I have an offline script (not a browser extension, I haven't bothered figuring out how to write those) that edits urls to remove tracking and it's quite a pain, since there are dozens of sites and tracking schemes it has to know about. Also, rather than creating a pasteable url, a suitable browser extension should just rewrite the link automatically before navitation when you click on it.
uBlock Origin filter or ClearURLs for example.
In the case of uBO, just search for "url" in the filter list and you should find it.
The URL tracking filter list is nice but it doesn't seems to include anything related to gumroad domain or parameters.
https://filters.adtidy.org/extension/ublock/filters/17.txt
You need to add it yourself.
An uBlock Origin custom filtrer should do.
Hmm, I thought ublock origin could only block links, not rewrite them. Am I missing something? I just looked through the docs and only see block/allow/noop rules, and I remember reading something a while back about how the devs didn't want to rewrite. I'd love to have a pointer to the docs about how to do this if I'm wrong. Thanks ;)
Added: https://old.reddit.com/r/uBlockOrigin/comments/b9tdky/rule_for_redirecting_urls_to_cleaner_ones/ points to some github issues related to this.
Use removeparam.
The URL tracking protection filter list uses this and is a nice list to enable.
Thanks! I saw the GH issue about that but didn't figure out that it had been deployed.
For those of you with Apple devices, I’m pretty sure current versions of Mac OS and iOS remove tracking arguments from URLs when you use cut/copy/paste/share.
https://9to5mac.com/2023/06/08/ios-17-link-tracking-protection/
This is about removing tracking arguments that identify users, this is not the case here.
The example in your link even show it's keeping campaign tracking arguments. So I'm pretty sure it would keep the one we are talking about here.
Also this only applies in private browsing mode, which people usually aren’t in
In general I use this app before I share or follow any links:
https://f-droid.org/en/packages/com.svenjacobs.app.leon/
Thanks, I have that too I think. It's great for sharing from my phone. On my laptop I have a python script that is a lot fancier that I'd like to rewrite as a browser extension someday.
For your desktop, you can use https://linkcleaner.app/
This the most tech illiterate take....
These are called query parameters. The standard part of the HTTP spec.
A huge part of the internet uses these simply as a way to instruct a page to display certain data or to display a particular view or layout of that data.
Calling for an extension to get rid of these it's like calling for an extension to get rid of headers because websites use them to pass metadata in the same manner.
Edit: that was harsh my apologies.
There are in fact many extensions designed to suppress or rewrite headers, most notably cookies, but also proxy headers and other things like that. Stripping out privacy invading (or in this case revenue redirecting) query parameters is another thing that extensions can do, and there are various extensions for that too, including apparently ublock origin (UBO).
UBO is not able to rewrite urls completely (a deliberate decision to protect users from accidental or intentional security breaking rules appearing in rule lists) but there are other extensions that do that too, like changing www.reddit.com to old.reddit.com, or bypassing google redirects and link shorteners that snoop on user activity. The web is a predator-prey ecosystem (users are mostly prey) and it is necessary to respond to new hazards as they appear.
You were so, so much more polite than I would have been
I use this filter in ublock to remove them: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt.
These things are very privacy invading, many of them have information that can identify the users. I don't think douglasg14b knows what he is talking about. Yes they are query parameters, but they are used for many things such as advertisment for example or referrals, I think it is fine to remove query parameters that are not necessary.
https://www.ieee-security.org/TC/W2SP/2014/papers/privacy_query_strings.pdf
Sometimes the website sends sensitive data through query strings which is a common security issue.
https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url