[HN Gopher] What does "Copy clean link" mean? ___________________________________________________________________ What does "Copy clean link" mean? Author : gregors Score : 258 points Date : 2023-03-09 18:30 UTC (4 hours ago) (HTM) web link (support.brave.com) (TXT) w3m dump (support.brave.com) | m463 wrote: | Why wouldn't businesses just switch to unique links? | | In other words, like switching an amazon link from: | https://www.amazon.com/dp/<product-id> | | to a shortened tracking url like: | https://amzn.to/<unique-id> | rovr138 wrote: | I feel someone did something like this. | | Maybe facebook? Probably facebook... | | _Edit_ | | It was facebook, https://tidbits.com/2022/07/19/facebook- | change-ensures-track... | | There's a discussion here, | https://news.ycombinator.com/item?id=32129100 | haburka wrote: | BRB going to change all my tracking query strings to get around | this. don't be mad at me my OKR is getting tracking to work 2% | better. | tshaddox wrote: | You should add an extra query param containing a MAC that is | required to be present and correct for the URL to load. Just | kill the normal idea of web URLs altogether. | indymike wrote: | I love the idea of reducing extra paramspam on urls... but this | is easily defeated with a redirect. I.e. somedomain.com/<uid | here> | suddenclarity wrote: | Isn't this more of a convince when sharing a link than removing | the tracking from your own sessions? It kinda assumes that | you're already at the final destination when copying so no | redirect will be of any use. Or I'm just misunderstanding the | purpose. | pphysch wrote: | How does Brave determine what is a necessary query parameter and | what is not? | poisonborz wrote: | Speculation: they have a list of popular sites & tracking tags | paulsmith wrote: | I've always thought those ?v= after YouTube links and ?id= | after HN articles looked sus ... | dymk wrote: | It's how YouTube tracks what videos I watch and how HN | tracks what comments I've read! Dastardly clever of them... | lmkg wrote: | Indeed, a few clicks from the article arrives at the specific | list: | | https://github.com/brave/brave- | core/blob/master/browser/net/... | zamnos wrote: | even just manually putting fbclid on the list would go a long | way to assuaging the paranoid | joe5150 wrote: | Their filters are open source. | | https://github.com/brave/brave-core/blob/master/browser/net/... | pphysch wrote: | Thanks! Seems unlikely to hit any false positives. | jay_kyburz wrote: | Also trivial to bypass if a developer could care less. | sphars wrote: | For Android, I've been using URLCheck[0] for opening any link | system wide, to clean the URL and check for redirects and open in | specific browser. Just have to set it as your default browser | | [0]: https://github.com/TrianguloY/UrlChecker | legrande wrote: | Been using CleanLinks[0] on Firefox for a while now. Nice to know | I have the same feature in Brave now. Sometimes I manually remove | query params from URLs when sharing them. I really need to | automate that though! | | [0] https://addons.mozilla.org/en-US/firefox/addon/clean- | links-w... | ASalazarMX wrote: | Have you tried CleanURLs? It's a recommended extension, and has | 120K users compared to the 154 of Cleanlinks. | | https://addons.mozilla.org/en-US/firefox/addon/clearurls/ | techwizrd wrote: | For those looking for similar functionality in Firefox, Chrome, | and Edge, I've been using ClearURLs[0] for several years in | Firefox and Firefox on Android. It works well. | | 0: https://github.com/ClearURLs/Addon | LorenDB wrote: | You beat me to it :) | atdt wrote: | Reviews on the Chrome Web Store mention that the extension can | break Google OAuth login flow and Amazon checkout. Did you | encounter that at all? | lamontcg wrote: | I don't use Google OAuth much but it works for when I need to | enter YTTV credentials. It has never broken Amazon checkout | for me, smells like FUD. | joe5150 wrote: | For what it's worth I use the FF version and I've never had | this problem as far as I can tell. | techwizrd wrote: | I also use the FF version and have not encountered this | problem (to my knowledge). | BeefySwain wrote: | I used to use this and it did indeed break Amazon checkout. | Took me forever to figure out! | ptaken wrote: | It does break youtrack quite severely and it took me forever | to single out this extension. Afaict there's also no way to | filter URLs so I had to get rid of it on my work browser :/ | jonas-w wrote: | Not OP, and YMMV, but i never had problems with google, | amazon or any other website. ClearURLs is one of those | extensions you install, after you open your browser for the | first time and completely forget about it, because it just | works (TM). As a matter of fact, I had to make sure that it | was even installed, before commenting. | jjordan wrote: | Just be careful with this kind of plugin. Had something similar | installed a few years ago that was breaking some Google links | and I had no idea why until I realized I had this kind of | plugin installed. | morjom wrote: | uBlock Origin works well enough for me with some basic lists. | Recommended reading for firefox users: | | https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-don... | kayson wrote: | What lists are you using for queryparams? | skrowl wrote: | In the default lists, under privacy, just subscribe to | "AdGuard URL Tracking Protection" and it'll do the same | thing for you | kayson wrote: | Thanks! | bhartzer wrote: | When copying or sharing a link, I usually manually strip out | everything after the ? in the URL. | | I've been doing this manually for several years now. | | Is it possible to create a bookmarklet that does the same thing | (i.e., via JavaSript)? | bobbylarrybobby wrote: | I have an app I use to monitor my clipboard and rewrite certain | URLs if sees, placing the clean version back in the clipboard | (being sure not to end up in an infinite loop). | LukeLambert wrote: | javascript:prompt('URL',window.location.origin+window.location. | pathname) | | Edit: But be aware that some sites (like this one) use the | parameters in the query string. | gesman wrote: | Does it follow redirects and removes affiliate links? | enw wrote: | Why is capitalization inconsistent? | | Some use sentence case, some title case. | timvisee wrote: | This is the same browser that did the opposite before: injecting | their own referral parameter in links. | colordrops wrote: | How long ago was this? Is it still the case? And why the flood | of comments like this in every Brave thread, but never on | Chrome threads? Chrome is purely and unapologetically a portal | specifically for supporting an ad network, yet I never see the | same sort of comments. At least Brave is upfront about what | they are doing. | judge2020 wrote: | TLDR: if you typed in binance.us, it autocompleted the | 'suggested site' Binance US, which included a referral link | that netted Brave (or maybe Eich themselves) some sum of | money (not sure how much it was then, but right now it's $100 | USDT when your referral deposits $50). | | The argument is that Brave should be considered referring | users if you get to Binance (or other sites) via the | Omnibox.. but it's disingenuous when it was suggested by the | query "Binance", since the user already had the intention to | visit and likely sign up for Binance. It would've been more | acceptable if the omnibox only injected the referral code if | you clicked 'Binance' when you tried to search "crypto | exchange". | | https://twitter.com/BrendanEich/status/1269289242905042944 | | https://twitter.com/BrendanEich/status/1269423583480082432 | yucky wrote: | Because these are astroturfed responses attacking Brave. You | see it on here anytime the browser is mentioned. Meanwhile, | it's the best browser available by a mile which explains | their attacks. | suprjami wrote: | Got an impartial source for "best"? | | https://privacytests.org/ is created by a Brave employee, | so that doesn't count | GeorgeWBasic wrote: | You're asking someone for a source for their opinion, | instead of understanding what an opinion is? | judge2020 wrote: | "which explains their attacks" implies "they only attack | brave because they know it's objectively better than | other browsers". | crummy wrote: | people are paying hacker news commenters to post this | stuff? | dheera wrote: | > without interfering with coarse-grained campaign-level | tracking | | I often manually scrub campaign-level stuff when sending links | to friends just to have nicer, shorter URLs | dormento wrote: | To be fair, seemed to be by mistake and quickly corrected. They | also issued an apoogy. | | (disclamer: I still use Firefox and recomend you do so as | well). | rovr138 wrote: | That's a really intentional mistake to make. | | Another Firefox user | colordrops wrote: | Firefox does all kinds of shady tracking too unfortunately. | Really the best option is to use forks of chrome or Firefox | if you are concerned with privacy. | harry8 wrote: | [citation needed] | dahdum wrote: | The mistake was getting caught? Eich's initial response was | that was intentional and ethical. Until it went viral and his | view evolved. Granted, I'm not too keen to give him or Brave | much benefit of doubt. | | https://twitter.com/BrendanEich/status/1269289242905042944 | princevegeta89 wrote: | If we're buying in that "by mistake" nonsense we're being so | incredibly naive. How can someone even programatically inject | referral links in your page "by mistake"? | | I've seen too many instances like Google Chrome still | tracking you in incognito where companies just come back with | they were doing it "by mistake" to believe any of them were | really saying the truth. | Arainach wrote: | >Google Chrome still tracking you in incognito | | When was this? | darig wrote: | [dead] | unxdfa wrote: | Eich doesn't seem like the sort of person who makes mistakes, | preferring to do a PR backtrack after misjudging his audience | after comparing them to his own dubious standards. Never the | sort who thinks they did something wrong but likes you to | think they did. | [deleted] | nicce wrote: | Sadly, that is a standard procedure for many current | businesses. Do things until you get caught, then say it was a | mistake and apogolize. | | Of course there are real mistakes, but this one was quite | difficult to make... | throwaway81523 wrote: | I use a python script for this and I constantly have to tweak it | to understand more urls. It's not just stripping out tracking | parameters. There are also redirects to bypass, real urls encoded | in the parameters of the tracked url, and all that. There are | some formats which I haven't figured out, like many of the ones | used in emailed links. I figure that once it converges I'll | rewrite it in Javascript as a browser extension, but even after a | year or two of usage and tweaking, it still misses a lot and | doesn't seem robust. | heyoni wrote: | Give us the gist! | smsm42 wrote: | Awesome, I was this close to making an extension for myself to do | it, it's so tiring to cut out the refspam every time you copy a | link. | superkuh wrote: | The most amazing thing about this link is that the cloudflare | page it shows me before the actual page actually sends me to the | real page instead of just sitting and spinning forever no matter | how many captcha or whatever I do. | | I suppose Brave went out of there way to tweak the cloudflare | options to allow cross browser compatibility. I didn't know this | was possible at all. I guess all the other sites on the web just | don't care. | harry8 wrote: | cloudflare is a real worry, huh? Not talked about much but | their power is quite a bit larger than a de-centralised web | should tolerate. | rafaelturk wrote: | This is great.. Amazing how simple, yeat I've never thought about | this | bonestamp2 wrote: | This is nice, but I wish it would also remove the google tracking | wrapper on URLs in g-suite. | gnicholas wrote: | I wish I could open a link from Messages this way. You can copy | the link, but doing so triggers a "preview", which loads the link | in an inset window. | rozab wrote: | https://github.com/ClearURLs/Addon | mananaysiempre wrote: | By way of idle curiosity: the Amazon example on the CleanURLs | homepage and in the repo README calls __mk_de_DE=AMAZON a | tracking parameter. Is it? Or is it a variation of the | _utf8=[U+2603 SNOWMAN] technique to force ancient IE to use a | reasonable POST encoding[1]? | | [1] https://stackoverflow.com/q/3222013 | racl101 wrote: | Nice! Very nice! | filipmares wrote: | Why not make this the default calling it "Copy Link" and offer a | second option "Copy Link With Potential Tracking!!!"? | netsharc wrote: | Huh, let's not do that. If I chose "Copy link", I'd expect an | exact copy of the string, not a modified (cleaned) one. What | next, an image editor where "Copy image" gives you an enhanced | image where e.g. people in the background and imperfections on | people's skin are removed? | LordDragonfang wrote: | >What next, an image editor where "Copy image" gives you an | enhanced image where [...] imperfections on people's skin are | removed | | Nope, not "next", TikTok did that already | | https://www.technologyreview.com/2021/06/10/1026074/tiktok-m. | .. | codetrotter wrote: | > imperfections on people's skin are removed? | | Why stop there? Why not remove the skin altogether :> | morjom wrote: | because "Copy Link" tells the user they are about to copy the | entirety of the link. | TechBro8615 wrote: | I wish I had this for Twitter links in iOS Safari. It's so | difficult to scroll to the right and delete all the query | parameters. I also wish Apple would give me a way to expand the | URL bar to a word-wrapped input that takes up half the screen. I | can't stand highlighting text in that tiny little box. | gnicholas wrote: | Are there any iOS Safari extensions that do this? Hyperweb | comes to mind, though I don't know if they offer this specific | feature. | VoxPelli wrote: | Safari have it built in for many pages, all that publish a rel- | canonical will see Safari share that URL instead - as a way to | avoid sharing AMP URL:s I believe | | Bad that Twitter isn't publishing such or is publishing it with | tracking | TechBro8615 wrote: | I'm not sure it's even Twitter's fault. Usually it happens | when I click an embedded Tweet from a blog post and then copy | the URL from the URL bar. It's the blog that adds the | tracking data. (Does anyone know why a blog would even care | to do that? Does Twitter offer some kind of analytics | dashboard where you can segment views of your tweets based on | query parameters?) | jaywalk wrote: | Twitter adds some crap on automatically whenever you click | "Copy link to Tweet" | | Also, they do have an analytics dashboard: | https://business.twitter.com/en/help/campaign-measurement- | an... | manwithaplan wrote: | > It's so difficult to scroll to the right and delete all the | query parameters. | | A lot of times, all that's needed is to insert a # character at | the right place in the URL, then load that. | minitech wrote: | If you can _get_ to the right place that conveniently, | Shift+End Delete works without a page load. But getting their | is its own minor inconvenience. | dantle wrote: | I made a Shortcut to strip links. You can add it to the share | sheet. It'll give you a new share sheet with the stripped link. | Much faster than mashing backspace. | | https://www.icloud.com/shortcuts/528c9af856fc46c9a3d164a85e8... | lapcat wrote: | > I wish I had this for Twitter links in iOS Safari. | | [self-promotion] My extension StopTheMadness does this: | https://apps.apple.com/app/stopthemadness-mobile/id158308293... | drcongo wrote: | I can recommend this. Does lots of other useful things too. | kilroy123 wrote: | Nice. I'm a user and I also recommend it. | TechBro8615 wrote: | I actually have this installed! But I disabled it for some | reason that I can't remember; I think the defaults were too | aggressive and I meant to come back and configure it more | precisely when I had the time. I still need to do that... | thanks for making it! | | The other extension I can absolutely recommend is Vinegar, | which replaces hostile video players like the one on YouTube | (which injects JS to close itself if you attempt to use | picture-in-picture) with a native HTML5 video element. | samstave wrote: | FYI/YSK: | | When youre on a video with forced ads where you cannot skip | through them, go PiP on the video and use the arrow keys to | scrub left or right... | | I discovered this, then talked to a buddy at netflix, and | he said that coding for PiP was a pain because PiP doesnt | abide by DRM rules. | | What would be cool is the ability to pipe a PiP to VLC and | then use VLC to save out a video.... | lapcat wrote: | > replaces hostile video players like the one on YouTube | (which injects JS to close itself if you attempt to use | picture-in-picture) with a native HTML5 video element. | | StopTheMadness also does this. ;-) | ezfe wrote: | Does it include a quality picker? Vinegar does more than | just put a <video> tag in | lapcat wrote: | Yes, check out the link above. Auto-select YouTube | highest video quality, show video controls for all sites | (not just YouTube), stop autoplaying videos for all sites | (which also skips YouTube ads), etc. | MonkeyMalarky wrote: | Does something like that exist for Reddit? Whatever it is | they use on their website is a janky piece crap. | voisin wrote: | Looks great! Is the one purchase price for use across iOS and | MacOS? Or two separate purchases? | lapcat wrote: | Separate purchases. | tonylemesmer wrote: | Does it work in firefox ios? (Hoping webview makes it work | but dont really understand extensions on ios) | lapcat wrote: | No, just Safari. | nvahalik wrote: | Love this extension! | kragen wrote: | I want this feature so much, every time I try to copy a link from | Fecebutt or Google and paste it elsewhere. This may be what gets | me to switch to Brave. | jug wrote: | If you get the ClearURLs extension for Chromium or Firefox and | follow a link with junk at the end, it will strip it. But I | couldn't get it to clean what goes into the clipboard and | indeed this would be the best. | codetrotter wrote: | I use this sometimes and I love it. I just wish I could configure | the browser to make this the default always when I copy a link. | 1123581321 wrote: | This is a good feature. Arc has a slightly better implementation | of this. Cmd+shift+C is the copy current tab URL shortcut, and it | removes trackers by default and lets you know it's "a clean URL | without trackers :)" in the flash notification. I'd like to see | Brave similarly make the default copy clean and add a copy with | trackers second option. | andai wrote: | A browser with a waiting list.. now I've seen it all! | jemmyw wrote: | Not just a waiting list. You cannot use this browser without | signing up for an account. | imbnwa wrote: | Hide my Email? TBF, for people who are high-sprawl but | organized, the UI is next-level as it supercedes multiple | windows/bookmarks as org tools and offers a number of | affordances that minimize the 'manual resource management', | if you will, of legacy browser UIs. | xmprt wrote: | It's also your s p a c e to breathe on the internet... | Whatever that means. | presentation wrote: | To be fair I'm using Arc and it's the best browser UX | I've ever experienced, although it's still Chromium. | ASalazarMX wrote: | For the lazy, clicking [Try it for yourself] asks for your | email to notify you when "your spot is ready and waiting!". | | https://arc.net/ | | Must be a responsibly release, don't want too many powerusers | flooding the web at once. | ciwolsey wrote: | All I learned from that mess of a site is that Arc is a | browser of some kind. | throwaway742 wrote: | >the Browser Company of New York | | lol | jklinger410 wrote: | IIRC this is Mac only. Although it is developed on top of | Chromium. | | I guess Power Users only use Mac. | LoganDark wrote: | > I guess Power Users only use Mac. | | Little Snitch and Audio Hijack/Loopback and Sketchapp and | iA Writer and Inklet certainly think so. There are no | Windows/cross-platform analogues for any of these. No | firewall that _suspends_ connections for an interactive | prompt, no way to create virtual audio devices or route | audio in Windows, no equivalent to Sketch (Figma comes | close I guess) and the Windows version of iA Writer is | pretty pathetic. And Inklet simply doesn 't have a | Windows equivalent even when I have an official Apple | Magic Trackpad connected to my computer. | | There's just a lot of cool stuff that isn't available for | other OSes. | jraph wrote: | > No firewall that suspends connections for an | interactive prompt | | Didn't ZoneAlarm do that on Windows in the 2000s? | black_puppydog wrote: | not sure about sketchapp and inklet, but the first | examples are extremely platform specific to the point of | requiring a rewrite for different platforms | jklinger410 wrote: | There is absolutely a form of hipster-ism about | publishing Mac only software. The truth is, it started | because Mac users are more likely to pay for apps and app | subscriptions. | | So the ironic part is that it's not as much about | aesthetic or infrastructure or even ease of development | as it is about economics. | smsm42 wrote: | Finally, the revenge of Windows users for all those years | of "sure we support every platform. I mean every Windows | platform of course!" (jk of course) | 1123581321 wrote: | They're developing a Windows version right now. | jklinger410 wrote: | Very cool. When they finally develop a Linux version of | their Chromium based browser (already cross-platform) I | will consider giving it a shot. | 1123581321 wrote: | Sarcasm acknowledged. :) It's okay if you don't like the | browser I like. | jklinger410 wrote: | Not every query string in a URL is about tracking. This will | break some sites. | | EDIT: Correction, they are very conservative with which strings | are filtered out. See here: https://github.com/brave/brave- | core/blob/master/browser/net/... | dymk wrote: | Where did you read that it removes the whole query string? | jklinger410 wrote: | You're right, after looking in their documentation I found | that they are very conservative with which strings they | filter out. | | They only look for specific KNOWN user-level targeting | strings to strip. This is actually a very nuanced route for | them to take. Other plugins will just filter out everything | following a query. | | Here is the fine details for those interested: | https://github.com/brave/brave- | core/blob/master/browser/net/... | | As a marketer, they do mention that they retain Campaign | level parameters, however the click ID is more than just a | user-level identifier. Many times a click ID is the only | thing that survives different environments in order to | provide any attribution at all. | | In fact, a click ID is much more privacy aware and | anonymous in every circumstance than a website giving you | your own user ID. All good web platforms generate a unique | ID for you, which is not anonymized for the web platform. | Whereas the click ID is always anonymized for the web | platform. When you combine the two, you get a very basic | piece of information: this user clicked this ad. Now those | websites will still know who you are as a user, and still | know which campaign you came from, but not when you | specifically clicked. Wow, what a privacy save! | | Removing it does very little to reduce what Google knows | about you. Google does not need your click ID. The only | time it is used is for conversion attribution, and it is | completely anonymized between the ad platform and the | marketers who run the campaigns. | | So this is mostly just sticking it to the little guy, as | large data platforms don't need ad-level click IDs to track | you. But if you want to make sure that no marketer ever | gets credit for driving you to perform an action, then this | is for you! | 1123581321 wrote: | It doesn't strip every query string. It acts as if it has a | list of known tracking params, but I haven't investigated the | exact mechanism. | shockeychap wrote: | I kinda wish it _did_ remove all querystrings. The vast | majority of querystrings are nothing more than tracking and | marketing garbage, and I can handle the rare situation | where one is needed manually. Stripping from a known list | of values just means that marketers will start using random | identifiers with clever ingestion code, making this | mechanism less useful over time. | QuercusMax wrote: | Stripping all querystrings would break tons of sites, | such as this one we're on right now. | 1123581321 wrote: | It's even worse than using random query strings. Last | year, Facebook, Amazon and some other sites started using | encrypted URLs that can't be decoded and modified before | hitting the server. The good news is that this won't work | with just an analytics JS snippet, but the technology | will get easier to implement and spread over time. | https://www.schneier.com/blog/archives/2022/07/facebook- | is-n... | lxgr wrote: | Unfortunately that won't help as it's perfectly possible | to add tracking parameters in a static-looking portion of | a URL. | | Removing all query parameters might encourage that | practice, and ultimately even push sites towards creating | completely opaque, server-side resolved unique sharing | URLs. | jklinger410 wrote: | Very true. This is a nuclear arms race that I'm afraid | users will ultimately lose. The kind of fingerprinting | that has been used to determine TOR users is what the | end-game ultimately looks like. It's already being done | anyway. It's very difficult to avoid, and you will not be | able to use 90% of the mainstream internet if you do. | pbhjpbhj wrote: | Klipper (KDE's clipboard tool) lets you set up this sort | of thing pretty easily. It can take actions when a | certain type of content is copied. So, you can match on | "^http[^?]*" and "echo %0" (you can call any program, | builtins are provided for MIME types, so you can, for | example, launch a browser when you copy a URL) as the | action will allow you to replace the copied URL | automatically/on-request. | brewdad wrote: | I'll take a second attempt using Ctrl+C over always copying | the tracking garbage for 90% of URLs. ___________________________________________________________________ (page generated 2023-03-09 23:00 UTC)