I think it’s a combination of things, a basic approach of removing the query string (after the question mark) with exceptions for different sites that might need some of the query string.
Hmm, I agree with you 100%, but power of defaults is how big companies get average consumers. Maybe Firefox should make it default with a setting to turn it on?
A setting titled “allow copying of tracking data”, a lot of people won’t allow.
Links support parameters for a reason, and I promise you that the main reason isn’t tracking. They can convey important info like the language, search parameters, a specific comment, etc.
Removing them willy-nilly by default is going to cause issue sooner or later, and then people are going to blame Firefox for “not working” and are just gonna switch to Chrome because “it just works”.
If you wanted to do this and make it default, I believe you should be able to do so using userChrome.css. You won’t be able to change the text, but you can remove the old menu item.
I just want a shortcut for “copy without tracking” on the current tab instead of having to use the context menu. I’m fine with it not being “Ctrl+C,” as long as it’s reasonably easy to remember, like maybe “Ctrl+Shift+C” or even a sequence of commands (i.e. select address bar, then special copy command).
Likewise, there should be an easy way to open a link without trackers, like “Ctrl+shift+click” or something.
Or at least the option to make it the default. I could see some situations where someone may want to test a link with non-identifying parameters (like identifying the campaign source), and not wanting to have that stripped from the URL by default.
But I get you, from a consumer perspective I’d also want it as my default.
In the meantime, there’s ClearURLs or uBlock Origin with filter lists.
Indeed, but it’s true - Brave did bring this feature long ago. It’s a good thing for us, let multiple browsers try to one up each other on privacy focused features.
That’s true, this was one thing that was slightly annoying when I made the move from brave to Firefox. But I mean, I wouldn’t really characterise this as a reliable security feature. If you don’t manually check your URL before hitting return anyway, you’re going to be less secure than without the feature
I removed all but duckduckgo. I not only had to change it back to duckduckgo, but remove it too. This was the first time in years that I had to do anything like that. I used to have to remove them every update, but I think I had a malware copy back then.
Try switching the default before removing the others. If the others get added back, the default should start the same. If you just remove them, it might not update the default. (Because then it’s just showing you whatever is left over when it can’t find the default.)
At my school, firefox on the computers are not updated at all so it’s using the very old firefox. Even then, it’s not that slow. Now the current update is way more modern but it does have the weird stuff like pocket and very weird advertisements bookmarked on the front page. You’ll get a much better experience after you do all the adjustments of removing everything and installing the proper extensions, maybe a little arkenfox too.
That’s interesting to hear. How come they aren’t updating?
Tbh I don’t mind those ‘ads’ you speak of, not sure if we’re talking about the same thing because for me it’s mostly articles, often quite interesting stuff that I wouldn’t have seen elsewhere. Will have a look into arkenfox now as never heard of that
i had i siminular problem in college, they used a program to “freeze” the wi dlws stage, so it reset the state in every boot, but they didn’t updated the pc in years
Here’s an amazon link both without and with that feature being used, for comparison. (The tracking one was created in incognito mode, because I don’t know what sort of things it might reveal about me otherwise)
What do the parts it left on do? The encoding is innocuous enough but I don’t know what it’s doing with ref or th. I usually sanitize links myself and I’d have brought that one down to either
The “ref” param is clearly a tracking breadcrumb, but not sure what the “th” param is. So this is “better” than nothing, but still has room for improvement. “_encoding” is fine, but UTF-8 should be a default for most users anyways.
Not sure what th is, but ref is the referrer’s ID, which gives the referrer a referral / affiliate bonus if you purchase the item using that link. In theory it’s not a bad way to support the referrer and it’s not linked to you as an individual personally. You can remove it of course if you feel like they don’t deserve the money for referring you to a deal. In the end ref or no ref the price of the item remains the same for you.
I opened amazon in incognito then clicked on a random item from their front page, which was advertising their cyber monday deals at the time. In that case would it just be letting amazon know that that’s how I ended up on that page, without serving any other real purpose?
Can someone ELI5 what is the difference with normal link sharing?
Does it change for the end user something or what? I ask because I almost never share stuff from my browsers, but I do from some apps such as social media or Sync for Lemmy/Voyager.
Generally a link tells a browser where to find something on the Web, but you can stuff it with additional information so that when a server receives a request for that something, it will know how the browser got that link.
This feature strip’s out that additional information.
It does look like a really good app and idea, but I’m wondering if it’s really necessary on mobile devices. Usually, I don’t go around clicking on all kinds of links I shouldn’t, so I’m wondering what exact purpose it accomplishes. Genuinely looking for input here.
If anything, URLCheck is even more necessary on mobile devices, particularly iOS where Firefox is just reskinned Safari. On Firefox for Android, you could install the ClearURLs extension, or use uBlock Origin filter lists.
With that said, there are other use cases. For example: Friends or family might share URLs from social media. They often contain unique identifiers that you can strip before clicking the link by using URLCheck.
It prevents apps from opening links in your browser directly, since they have to go through URLCheck first. Let’s say you click a link in your email, and instead it opens a “google.com/url?q=amazon.com” or a “safelinks.outlook.com/?url=…” instead of just taking you to Amazon.com. URLCheck will get rid of the unnecessary redirection and allow you to go directly to the site.
Adding onto that, my pet peeve with email links is them showing you a link that says Amazon.com, but then you go to click the link it opens a bunch of email tracking links before finally taking you to Amazon.com. With URLCheck you can actually stop these links from opening, and go to the website directly in the browser yourself.
If you’re familiar with that issue that popped up regarding “.zip” domain names, and how they can be engineered to look like an official URL, this is a non issue as you’ll get a warning if any link contains malicious unicode characters that could be mistaken for something else
Also, if you have multiple apps that can handle a link (maybe different youtube apps like libretube, newpipe, grayjay), you can pick which one to open after clicking a link. Android does have a stock app picker, but it’s very easy to mistakenly set an app as default.
Android apps can also track what apps triggered them to open - URLCheck can mask this, and even set some advanced flags for how the link handler app should be opened.
To be honest after using it for a while, I really wish there was something similar available for desktop
On Android you can install LinkCleaner as a PWA using a chromium browser, it will show up as an option when sharing a link from Firefox or any other app.
Pretty sure they are asking, “Why would I ever want the tracking copied, why is this relegated to a bespoke option instead of being the default behavior?”
I think it’s good to have a normal copy along with this remove tracking one. In case for some reason removing tracking messes something up with the link and makes it not work. It’s always nice to have options rather than just doing it automatically.
The fact is that there is no surefire way to get rid only of tracking parameters, because they can mix in with other legit ones that if removed would break the website you’re visiting.
Last I heard, Facebook had rolled out some encrypted URL parameters, so the collective mapping efforts to manually identify parameters only used for tracking on each different website could very well be nullified if many implement something evil as that
I don’t see why they should send the URL somewhere. For Googley reasons, most tracking parameters start with “utm_”. You can remove those pretty naïvely, generally without links breaking.
There’s various well-known tracking parameters that can be stripped, like UTM parameters. Stripping all query parameters would break a lot of sites, like anything in the vein of example.com/site.php?id=123
I don't know the relevant programming languages so I don't know what to search for, but generally, if you want to find something in the Firefox source code, supposedly https://searchfox.org is a great way to do that.
Semi-off-topic, but is there anything like a smarter clipboard on Android that can remove tracking details on paste (would be different from a plain paste)?
Not quite the same thing, but if you install LinkCleaner as a PWA using a chromium browser, it will show up as an option when sharing the link. Then you can copy to the clipboard or share it elsewhere.
Add comment