No need to remove the URL tracking parameters manually. 🥳
They should make this the default.
Or a setting that makes it the default.
I don’t like any software I use to destroy data (even tracking data) without my say so.
Hmm, I agree with you 100%, but power of defaults is how big companies get average consumers. Maybe Firefox should make it default with a setting to turn it on?
A setting titled “allow copying of tracking data”, a lot of people won’t allow.
Fight fire with fire.
This just:
-
Encourages companies to try to work around it
-
More importantly, possibly breaks important functionality
It’s like saying GDPR encourages companies to try work around data protection, so it should not be implemented.
It’s not like that at all.
Links support parameters for a reason, and I promise you that the main reason isn’t tracking. They can convey important info like the language, search parameters, a specific comment, etc.
Removing them willy-nilly by default is going to cause issue sooner or later, and then people are going to blame Firefox for “not working” and are just gonna switch to Chrome because “it just works”.
That’s not what we want is it?
As I understand now it removes only limited set of query strings
Yeah but the list is hardcoded. Collisions can happen.
Also, since it’s hardcoded, it’s easily gameable, and it will be gamed if too many people start filtering them out.
It’s a good start but a bad solution overall
-
Opt-out then, the majority won’t care
Or at least the option to make it the default. I could see some situations where someone may want to test a link with non-identifying parameters (like identifying the campaign source), and not wanting to have that stripped from the URL by default.
But I get you, from a consumer perspective I’d also want it as my default.
In the meantime, there’s ClearURLs or uBlock Origin with filter lists.
It’s not the default because it can break links sometimes, like links that have authentication details in the parameters.
There’s an addon I use for the Android version that does this by default.
It does miss some queryparams though but it dramatically reduces the URL size for the big offending sites.
What is it?
Doesn’t it just clean up the link or does Firefox actually know which part of the link to remove?
What do you mean?
How does it know what part of the link is the site tracking?
Looks like it has a list of global and site specific parameters that it is safe to remove.
Generally, most are variables prefixed with
utm_
They likely built an index from most of the Analytics services also.
I think it’s a combination of things, a basic approach of removing the query string (after the question mark) with exceptions for different sites that might need some of the query string.
But default is putting your cursor in the address bar and hitting ctrl-c. How would Firefox clean it like that?
On android anyway, that’s an interceptable action, and you can also monitor and alter the clipboard.
So they could either alter what gets copied before its copied, or scan the copied item after it’d copied and alter it.
If it removes the tracking from the link before the page loads, it could work. So it would already be clean when you copy it.
It doesn’t.
If you think about it though, you’ve already visited that link so why clean it now.
So the person you send it to gets a clean link
Firefox is getting better every day
Can’t wait til the entire extension ecosystem is available on mobile
Does anyone know where the source code for this is?
My c++ is pretty rusty, but I hopped through the changelogs. I think this is the source for it here https://hg.mozilla.org/mozilla-central/file/tip/toolkit/components/antitracking/URLQueryStringStripper.cpp
tbf, out of all the programming languages c++ is the worst in terms of DX and readability. Even worse than java, which I despised so much
I don’t know the relevant programming languages so I don’t know what to search for, but generally, if you want to find something in the Firefox source code, supposedly https://searchfox.org is a great way to do that.
deleted by creator
There’s various well-known tracking parameters that can be stripped, like UTM parameters. Stripping all query parameters would break a lot of sites, like anything in the vein of http://example.com/site.php?id=123
Blanket-removing the query string would break many real links, so I’d imagine it’s more nuanced than that.
I really hope they’re not sending the URL anywhere…
I don’t see why they should send the URL somewhere. For Googley reasons, most tracking parameters start with “utm_”. You can remove those pretty naïvely, generally without links breaking.
There’s also the ClearURLs add-on.
Well yeah but building in privacy-enhancing features like this is a great strategy for FF.
Or uBlock Origin with filter lists. 👍
I’m curious whether this sweet feature alone will decrease data greedy websites revenue in $ millions
It won’t
Is it available for Firefox android ?
As of this writing, it doesn’t look like it.
As @[email protected] here mentioned, URLChecker is a good way to manipulate a URL before opening it.
It does look like a really good app and idea, but I’m wondering if it’s really necessary on mobile devices. Usually, I don’t go around clicking on all kinds of links I shouldn’t, so I’m wondering what exact purpose it accomplishes. Genuinely looking for input here.
If anything, URLCheck is even more necessary on mobile devices, particularly iOS where Firefox is just reskinned Safari. On Firefox for Android, you could install the ClearURLs extension, or use uBlock Origin filter lists.
With that said, there are other use cases. For example: Friends or family might share URLs from social media. They often contain unique identifiers that you can strip before clicking the link by using URLCheck.
More on this here: https://a.lemmy.world/lemmy.world/post/8443034
Good points. I was under the impression, though, that the extension doesn’t exist for mobile Firefox yet.
It prevents apps from opening links in your browser directly, since they have to go through URLCheck first. Let’s say you click a link in your email, and instead it opens a “google.com/url?q=https://amazon.com” or a “safelinks.outlook.com/?url=…” instead of just taking you to Amazon.com. URLCheck will get rid of the unnecessary redirection and allow you to go directly to the site.
Adding onto that, my pet peeve with email links is them showing you a link that says Amazon.com, but then you go to click the link it opens a bunch of email tracking links before finally taking you to Amazon.com. With URLCheck you can actually stop these links from opening, and go to the website directly in the browser yourself.
If you’re familiar with that issue that popped up regarding “.zip” domain names, and how they can be engineered to look like an official URL, this is a non issue as you’ll get a warning if any link contains malicious unicode characters that could be mistaken for something else
Also, if you have multiple apps that can handle a link (maybe different youtube apps like libretube, newpipe, grayjay), you can pick which one to open after clicking a link. Android does have a stock app picker, but it’s very easy to mistakenly set an app as default.
Android apps can also track what apps triggered them to open - URLCheck can mask this, and even set some advanced flags for how the link handler app should be opened.
To be honest after using it for a while, I really wish there was something similar available for desktop
Thanks for the insight!
You can look into URLCheck until it is
On Android you can install LinkCleaner as a PWA using a chromium browser, it will show up as an option when sharing a link from Firefox or any other app.
Can someone ELI5 what is the difference with normal link sharing?
Does it change for the end user something or what? I ask because I almost never share stuff from my browsers, but I do from some apps such as social media or Sync for Lemmy/Voyager.
it just removes all the crap at the end of a link
Generally a link tells a browser where to find something on the Web, but you can stuff it with additional information so that when a server receives a request for that something, it will know how the browser got that link.
This feature strip’s out that additional information.
Try to copy an Amazon link with and without this option and you’ll see
Ok, I’ll try.
Try to copy an Amazon link with and without this option and you’ll see
Try to copy an Amazon link with and without this option and you’ll see
Is there an about:config setting to make this the default action or are we gonna have to be patient for that?
I looked for it in about:config, but I couldn’t narrow it down and see which parameter it was (if it’s even in there at all yet).
Also searching for this answer. https://lemmy.world/comment/5626130
deleted by creator
Sucks, but they do this periodically yes. Google affiliation is a good revenue stream for them.
Did you remove it or just switched the default to a different one?
I think it getting added again might happen in updates, if they change defaults that’s a whole other beast
Switching is enough for me and i didn’t had any weird behavior since years, beside the fullscreen VPN ad they did once
Based Firefox
Semi-off-topic, but is there anything like a smarter clipboard on Android that can remove tracking details on paste (would be different from a plain paste)?
URLCheck: https://github.com/TrianguloY/UrlChecker
Not quite the same thing, but if you install LinkCleaner as a PWA using a chromium browser, it will show up as an option when sharing the link. Then you can copy to the clipboard or share it elsewhere.
Great for desktop/laptop, but I’m waiting for them to release it on mobile as well. At the very least, if they have, Mull hasn’t added it yet.
deleted by creator
I noticed this feature in Brave first.
Mentioning Brave is like subscribing to downvotes. 😅
Indeed, but it’s true - Brave did bring this feature long ago. It’s a good thing for us, let multiple browsers try to one up each other on privacy focused features.
That’s true, this was one thing that was slightly annoying when I made the move from brave to Firefox. But I mean, I wouldn’t really characterise this as a reliable security feature. If you don’t manually check your URL before hitting return anyway, you’re going to be less secure than without the feature
As a Brave user I’m well aware … of all of the above 😅
Why would i ever have a link with tracking?
What do you mean? Tons of links on the web have trackers appended to the URL.
Pretty sure they are asking, “Why would I ever want the tracking copied, why is this relegated to a bespoke option instead of being the default behavior?”
I think it’s good to have a normal copy along with this remove tracking one. In case for some reason removing tracking messes something up with the link and makes it not work. It’s always nice to have options rather than just doing it automatically.
agree with you about having options, but swap it around. have copy without trackers be “copy link”, and then have an option “copy link with trackers”
I disagree. I think the default option should be what users expect, and users expect “copy” to do exactly that: copy without modifying the text.
I think we could have an about:config tweak to make copying links always remove trackers
deleted by creator
account activation links often have tracking required for them to work