Comment by jmathai
7 hours ago
Aren't those just the URLs in google search results if you copy from the results page instead of clicking through to the destination?
7 hours ago
Aren't those just the URLs in google search results if you copy from the results page instead of clicking through to the destination?
The reason for the intermediary is because the clickthrough sends the previous URL as a referer to the next server.
The only real way to avoid leaking specific urls from the source page to the arbitrary other server is to have an intermediary redirect like this.
All the big products put an intermediary for that reason, though many of them make it a user visible page of that says "you are leaving our product" versus Google mostly does it as an immediate redirect.
The copy/paste behavior is mostly an unfortunate side effect and not a deliberate feature of it.
I don't understand. They are redirecting to their own S3 bucket, so who would be the recipient of the leak?
Also, isn't this what Referrer-Policy is for? https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/...
Quoting web standards, you are more optimistic than I am, unfortunately, nobody uses them consistently or accurately (look at PUT vs POST for create / update as a really good example of this - nobody agrees) its a shame too, there's a lot of richness to the web spec. Most people don't even use "HEAD" to ensure they aren't making wasteful REST calls if they already have the data.
1 reply →
Blogger predates the existence of this header by many years. Blogger, I believe, has also been in maintenance mode for many years.
2 replies →
Not if you use the ClearURLs addon ;)