Is the Web Heading Toward Redirect Hell? 321
Ant snips from Royal Pingdom this excerpt: "Google is doing it. Facebook is doing it. Yahoo is doing it. Microsoft is doing it. And soon Twitter will be doing it. We're talking about the apparent need of every web service out there to add intermediate steps to sample what we click on before they send us on to our real destination. This has been going on for a long time and is slowly starting to build into something of a redirect hell on the Web. And it has a price."
How do you get offenders to stop? (Score:5, Interesting)
Funny just this morning I noticed that it took at least 5 redirects or more for Google to let me login to Analytics. It felt like my browser had a life of its own!
The real problem though are the link shorteners. I'd like to vote with my feet and never click on them, but for many, they are like drugs, because they let you track your influence (how many people clicked) in real-time. It's especially bad on slower connections such as smartphones. Not everyone has 1MB/s.
Any ideas on how to convince people to stop?
--
Don't work on your startup project without a safety net [fairsoftware.net]
Re:How do you get offenders to stop? (Score:5, Insightful)
Not everyone has 1MB/s.
Any ideas on how to convince people to stop?
Surely it's the latency, not the bandwidth that is the problem with 301s?
They can't be much more than a few hundred bytes!
Re: (Score:2, Interesting)
I agree; but to be fair, I think it is easy for people with a little less knowledge to heuristically lump bandwidth and latency together, especially if they aren't dealing with (say) satellite links, because links with very low latency are in practice somewhat more likely to have high bandwidth. So if it is wrong, it is at least understandably wrong.
Re:How do you get offenders to stop? (Score:4, Interesting)
Not to mention, when a shared medium or statistically multiplexed PtP link of low bandwidth has congestion, latency is higher than on a higher bandwidth link, which has a much shallower queue built up and/or takes less time to wait for the 1500 byte packet that just started being transmitted to get out of the way. The distinction is only really relevant when you're discussing technicals of TCP window scaling and bandwidth delay product. Certainly not to the end user: "slow" is "slow".
Re: (Score:3, Informative)
But it's easy to explain the difference, so it's not entirely understandable.
It's like understanding the difference between top speed and acceleration. Not a terribly hard concept.
The real problem is the "internet" is a magic black box. Most people don't understand it's really just a big network, and works like a network... actually, somewhat similar to a much-quicker-delivery postal system, in simplistic terms. Except that there's a "request" thing, not just a "send" thing.
Re: (Score:2, Informative)
A better analogy is water pipes. Bandwidth is width (the bigger, the bigger throughput), latency is pressure (the higher, the faster "it" travels). /., your almost-car analogy is probably better suited.
Of course, this being
Re: (Score:2, Funny)
So you're saying the internet really is a series of tubes!
Re: (Score:3, Interesting)
If he thought it was actually a physical series of tubes, he was largely correct, as that's in fact what it is. Lots of plastic tubes filled with glass or copper.
Re: (Score:2)
True. I've used that one, too, hehe.
Of course, then they ask what is "it" then? ... ;)
Re: (Score:2)
As the AC parent sibling is getting at, just explain them it's really made of tubes, and try to avoid any questions about why postage around the world still takes at least a few days, "when I can play Farmville with my cousin in China in seconds".
Re: (Score:3, Insightful)
Simple. Same reason latency for packets varies, but in reverse. There's a huge volume of mail that moves from San Francisco to NYC, so they have air mail routes that optimize this. Because the distance from San Francisco to, for example, San Diego is relatively short and relatively low volume, they take it by truck, so it takes longer to get there, and probably stops in LA on the way (which is probably a latency disaster due to the amount of mail they process---going through LA can be like a corrupt BGP
Re: (Score:2)
It's like understanding the difference between top speed and acceleration
More like the difference between a sports car and a truck.
The sports car gets you faster to your destination (low latency), but the truck allows you to haul more stuff (high bandwidth).
Re: (Score:3, Funny)
What an uncharacteristically even-handed Slashdot response!
You must be a noob.
Re: (Score:3, Funny)
Fuck off!
Creds. NOW!!!
Re:How do you get offenders to stop? (Score:4, Insightful)
There's also the added DNS lookups to consider.
Re: (Score:2)
A few hundred bytes ought to be enough for anyone.
Re: (Score:3, Interesting)
This would require a browser plugin to create a dictionary, by converting the short URLs into their long forms, and share that dictionary with others. Ideally, only one person would actually click through the shortened URL to learn what the long URL is, while everyone else would take advantage of that knowledge.
Basically, this amounts to creating a community driven middle man for the URL shortening middle men. The required technology isn't more sophisticated
Re:How do you get offenders to stop? (Score:4, Interesting)
Any ideas on how to convince people to stop?
Create a web service where you can provide a shortened URL and it will respond back with the full URL. Make sure this web service caches the redirect for at least 24 hours. You instantly kill any reason for the redirect to be there (their counts will no longer be accurate).
If someone wants to use this sort of service, I'd be happy to throw it together and provide it for free.
Re:How do you get offenders to stop? (Score:5, Informative)
I just 'thought of' that only to find it was done aages ago...
Re:How do you get offenders to stop? (Score:5, Interesting)
Re:How do you get offenders to stop? (Score:5, Informative)
Close enough: https://addons.mozilla.org/en-US/firefox/addon/9549/ [mozilla.org]
Re: (Score:3, Insightful)
Sounds just as brilliant as the classical idea to preload all links from a page... Addons like this kill the Internet. They're worse than the problem they're trying to solve.
Re:How do you get offenders to stop? (Score:4, Interesting)
Yeah. Load the page as normal, then, in the background, replace the redirects with direct links.
As a bonus, if enough people started using it, it would so bork up the tracking stats (and the load on the redirect servers) that using redirects like that would be less appealing in the first place.
Re: (Score:3, Insightful)
I don't love them either, but this won't happen. For nearly everyone browsing the web, shortened urls aren't a problem. It's a process that has added utility for both parties and "just works".
Or put another way, when people stop liking Twitter AND knowing how many clicks they've gotten through urls... THEN it'll stop.
Re: (Score:2)
Nice. If that got turned into a firefox plugin to realtime decrypt the links...
There is a greasemonkey script to do just that.
Re: (Score:2)
Oh thank god. I already have too much to do.
Re:How do you get offenders to stop? (Score:5, Informative)
Ironically, I was just recently accessing a gmail based email system with an Android phone and suddenly I get the message "too many redirects". So now there's no way my google phone can access my google mail. -1 for that one Google.
Re: (Score:2)
Personally, I'd like to see url shorteners die, because of a number of problems, but realistically I know it's not gonna happen. Things I don't like about shorteners:
There's probably other problems I haven't thought of just yet.
Re: (Score:3, Funny)
Funny just this morning I noticed that it took at least 5 redirects or more for Google to let me login to Analytics. It felt like my browser had a life of its own!
Sure, but you're already saving 2-5 seconds per search with Google instant, so you still come out ahead.
Re:How do you get offenders to stop? (Score:4, Informative)
You know those exploding consoles on Star Trek? Did you ever wonder why someone would invent exploding keyboards? Now you know.
Re: (Score:2)
Well, for Twitter at least, you need link shorteners if you're posting a google map or other generated URL. Some simply won't fit into 140 characters, and most won't fit into that with a description.
Facebook's 400 character limit is much less objectionable, but you definitely bump up against them sometimes.
Re: (Score:2)
Actually, why do people take the 140 character limit as if it's the speed of light anyway? I know it's because of SMS, but this is the freaking 21st century! It's like forcing people to use only 26 letters to write stuff because it has to be compatible with the telegraph, and Morse only has encoding for said letters! Arrrgggghhh!!!
Re: (Score:3, Funny)
Oh, so THAT'S why Slashdot doesn't support a wider Unicode character set.
Re: (Score:3, Funny)
Write in japanese and suddenly you can write a whole novel in 140 characters.
Re: (Score:2)
Re: (Score:2)
message to google.
i use your search engine a lot. quite often i also use it over slow and low latency links. i also like to right click damn urls and save/reuse them.
oh, so, the main message.
these redirect urls on the search result page suck, blow and fucking annoy me. not always, but some good 80% of the time i use your search engine. so, please, get rid of that crap. i don't feel like using bing or whatever, but you are just making it easier for somebody else to provide a better product/service.
It's a shame too... (Score:5, Insightful)
Re:It's a shame too... (Score:5, Informative)
Comment removed (Score:5, Informative)
Re: (Score:2)
You can also stick preview. as the subdomain in a TinyURL to force the preview to show.
Re: (Score:2)
...so that instead of clicking one link, you can copy it, then go to another site, paste it in, _then_ click it and be redirected. Because that's exactly what we need - more intermediate steps.
Re: (Score:2)
I'm the same way. If i must click a shortened link, it's with a throwaway sandbox'd firefox.
Re: (Score:2)
In other news, I now know how many times you have to trigger the content filters before you get a visit...
Re:It's a shame too... (Score:5, Funny)
Re:It's a shame too... (Score:4, Funny)
Myself, I prefer shady urls.
http://www.shadyurl.com/ [shadyurl.com]
http://slashdot.org/ [slashdot.org]
becomes
http://5z8.info/aryanbr0ther00d_l9e5b_malicious-cookie [5z8.info]
Re: (Score:2)
Techie price greater than luser price (Score:5, Insightful)
I know that when I go to a site that can't work unless I allow a half dozen or more other sites to run scripts, I sometimes decide that it's not worth my time. When I click a link that then has to contact several domains, (sometimes ones I have specifically blocked) I might stop right there and close the tab.
The web isn't just headed towards redirect hell - it's turning into a damn sketchy web of tentacles working their way into every page. When I find ones that I'm not comfortable having around, I don't go back.
I'm not sure I like what the web has become. Thanks to NoScript, I at least know what it's become.
Re: (Score:2)
Re:Techie price greater than luser price (Score:4, Interesting)
I've noticed this as well, and just consider it the price I have to pay to avoid losing my nerd credentials along with my tiny bank balance.
But it is becoming more prevalent, and I'm not sure what the solution is. Part of me worries this is one of the setup steps in someone's grand scheme to make the internet "dangerous" enough that the "only solution" is to grant absolute internet authority to agency x. You know. To protect the children from all the sexual predators hiding kiddie porn in bit.ly links.
Re: (Score:3, Interesting)
My university seems to have come up with a plan to advertise themselves to staff and students who already work/study here: provide no direct link to the university e-mail. They want you to go to the front page, to see the latest news you're not interested in and ways to make donations to the university (hint hint), then login, and you'll be taken to more irrelevant news, links for course tools, and another link for e-mail, which will redirect you one or two times before getting to a google mail system.
I ha
Re: (Score:3, Insightful)
Sorry - I meant to say:
https://mail.google.com/a/schoolmaildomain.edu/ [google.com]
Re: (Score:2)
JavaScript has nothing to do with these things, surely. The server sends back a HTTP Redirect or Moved message, and your standards-compliant browser is supposed to go, "Kthx, I'll check there". It was part of the web's protocol from near enough day zero. NoScript won't stop you following them unless the redirect systems are abusing JavaScript for this. Are they? Oh dear god no.
Said the Rich Executive: (Score:2, Funny)
Oh dear God yes! We can abuse JavaScript more to get more clicks!
Re: (Score:2)
Re: (Score:2)
The web is becoming a series of interdependent systems that all interact with each other. You may have one company that serves your ads, another that helps you understand your users better, another that serves extra content, etc. All of these services "tentacle" together to create a modern mature web experience.
That's the nature of things once a system matures. Middleware providers, essentially, move in. They start providing portions of service to web pages from 3rd party servers. This can be as simple
Re: (Score:2)
I'd never realized this was a problem. Sure I've seen Facebook turn my youtube links into facebook.com redirects, but didn't think it was a big deal. It still accesses youtube quickly.
As for for NoScript I've never seen it balk. I have "Temporarily allow to sites by default" and "Allow 2nd level domains (noscript.net)"
www.linuxtoday.com is the champion (Score:4, Interesting)
Folks at linuxtoday.com have been doing this for a long time. It's one reason I fled the site. Instead of taking me to where I wanna go directly, they make me click twice on the same site. This I believe, enables them to collect 'vital information' to present to their advertisers.
The bad thing is that they lost me and many others in the process.
By the way, it's intentional for me not to link to them from Slashdot directly.
And yet, there's no need! (Score:3, Informative)
It would be trivial to do something with javascript - put an onclick handler that does an xmlHttpRequest to save the "needed" information without even needing to worry about header redirects and the like. The link can be something like
<a href="http://www.thesite.com/path/to/page.html" onclick="return notifyBigBrother(this);">
where notifyBigBrother() is a function that sends the click info to the search engine site. Why isn't this done?
To be honest the web was getting a bit fast... (Score:5, Funny)
... so they had to find yet another way to slow things down... so the web could live up to its reputation of "world wide wait" ;)
More ads, again... (Score:3, Insightful)
optimize google (Score:5, Informative)
The Optimize Google add-in for Firefox gets rid of some of their hellish redirects. Sadly, it doesn't update frequently and seems prone to breaking.
My Idea (Score:5, Funny)
Or you could always just make a really long way to get to someone who'll never give you up, never let you down.
Re: (Score:3, Interesting)
http://breakingcode.wordpress.com/2010/01/11/having-fun-with-url-shorteners/ [wordpress.com]
Re: (Score:2)
Nice. Firefox would catch the redirect loop though, as would most modern browsers.
Re:My Idea (Score:4, Interesting)
Done.
http://tinyurl.com/25lsp67 [tinyurl.com]
http://3.ly/2e5g64f [3.ly]
bit.ly adds its own little blab page if it detects multiple redirects, which is entertaining in its own way I guess... never-ending loop:
http://bit.ly/9bV4Re [bit.ly]
The preview feature is fun too...
http://3.ly/RwuW [3.ly]
http://tinyurl.com/k2w9uiz [tinyurl.com]
Re:My Idea (Score:5, Interesting)
Infinite recursion that defeats browser infinite recursion detection:
http://3.ly/3x5qdno [3.ly]
http://tinyurl.com/36n5j5y [tinyurl.com]
(the tinyurl long link is <html><body><script>var t=setTimeout('window.location="http://3.ly/3x5qdno";',50);</script></body></html> encoded in a data: URI)
It's money, not knowledge (Score:3, Informative)
If someone is paying me for the clicks I send to their site, I need to count it so that I know how much I should charge, and they need to count it as well to know I'm not lying. They could make the count on the destination page, but usually it's far more easy to make a special service for it.
A redirect page is usually just a couple of hundred bytes large. Cookies might add some clutter, but probably still less than 1k in each direction, still fits in a single packet. I don't see the problem here.
Sampling can be good (Score:2, Insightful)
Re: (Score:2)
Google and Facebook could just as easily filter malware out of the hyperlinks before they present them to you in the first place. I know Facebook in particular doesn't even let you post such links to your wall in the first place, let alone allow anyone to click them.
Not all that new (Score:5, Informative)
Jeff Atwood hit on this issue in a blog post last year: http://www.codinghorror.com/blog/2009/06/url-shorteners-destroying-the-web-since-2002.html [codinghorror.com]
Feature or bug? (Score:2)
This used to be considered something that was potentially a Good Thing. To help prevent link rot and redesigns from breaking links, people thinking a lot about Hypertext came up with initiatives like PURL's: http://purl.oclc.org/docs/ [oclc.org]
Now that the primary usage of these redirects are simply to shorten links to something more convenient, we're using the same tech (a 301) and using it in different ways. One question is, how many people use the "custom link name" feature of tinyurl.com vs, simply let a random s
Why it has to be so technically impractical? (Score:4, Interesting)
Less fragile and less of an unnecessary intermediary on this Web 2.0 (or whatever) age would be to catch the click of a link with onclick, set a cookie, and open the original, intended link. When user would again come back to the site, this cookie would be dumped to the site that so much wanted the information it was clicked. Even if the user would have some sort of embedded resource from this site open somewhere else, it could harvest the information and send it back.
Instead, we seem to be ending up with endless chains of redirectors and opaque identifiers that are bound to organizations that don't necessarily exist in a year. What a joy to use technology which is driven by needs of utter morons and greed of those interested to press most information out of the morons...
advertising funds nothing serious (Score:4, Insightful)
and there is no useful (i.e. non-light-entertainment) content created primarily through advertising revenue. Slashdot developers who have made their money over the last decade producing tat by not overestimating the intelligence of the general public cannot bear to admit this, but you simply cannot produce high-calibre content when your primary aim is to suck in as many as possible of the kind of people who take notice of adverts.
Murdoch, often maligned for his lack of business sense but mysteriously still richer than all of us, seems to have tried and failed at pushing the subscription model. Obviously there are other viable models for producing information on the web such as government sponsorship (BBC, academia) and well organised groups of hobbyists (e.g. ham radio), but how will the sites who do not already have a dedicated subscription base through off-line heritage sustain themselves? Or maybe the answer is that they will not, the moment they take their eye off the advertiser as customer and start worrying directly about satisfying the desire for the reader to intellectually advance himself.
Tracking (Score:2)
Not only do you not know where you're going to end up, but also the service can track your behaviour. Obviously this latter reason is why all the companies want to do it.
So, how do you get around it? I don't even think we can. I think we're screwed, to be honest. It's just going to be like that, perhaps until the day an exploit comes out and re-targets all of a services re-directs (i.e. tinyurl) to some hostile domain. Then, and perhaps only then, would it get enough attention to bring it to the "mainstream
It hasn't bothered me so far. (Score:2)
I didn't even know this was occurring. Guess it hasn't bothered me so far.
Facebook (Score:5, Informative)
To play the devil's advocate - facebook's redirects started as a way to filter out all the spam links.
The AJAX Solution (Score:2)
As I commented on TFA:
So we have jQuery, and we have AJAX. Why don’t they just attach an onClick to their links that sends a quick POST to Google before sending the user on their way, directly to the site in question? It won’t work for people without Javascript on, but that’s such a small percentage that I doubt it matters to them much. The important thing is that they could get their statistics, while still avoiding a redirect. The service providers could argue that they need the trackin
Re: (Score:3, Insightful)
your browser's SOP (same origin policy) prevents you from doing this. scripts aren't allowed to make net connections to sites outside the domain of the current page. this is to reduce XSS (cross-site scripting) attacks.
i understand there are standards in the making to allow such things, securely.
Redirect Remover for Firefox (Score:2, Informative)
(ok, RDR is not that good, but it helps, and I'm sure as this becomes even more prevalent, people will work around it)
Redirects don't get you link love (Score:2)
On the other side of this are the search engines. They may not follow the chain of links, especially if it involves "cookies". So a reference that uses a redirection service may not be credited as an inbound link for ranking purposes.
Then there's the firewall/proxy issue. Firewalls need to see where you're really going, so they have to run down the link chain. This may result in bogus hits on the end site, if both the firewall and the browser separately do this.
Minor issue, not Hell (Score:2)
Redirects are a minor inconvenience on the net. Much more insidious is the enormous number of sites that have to be accessed to get all the content on many webpages. Add to that the layers and layers of CSS needed to render them. And the massive, often buggy stack of scripts they bring. Not to mention the server-side scripting that slows down fetching the pages and embedded content and CSS pages and scripts before you get them.
It'd be interesting to see the average number of bytes transacted to render o
wasn't there a time.... (Score:4, Interesting)
when it was considered a security hole if you DIDN'T use a redirect on your page? IIRC there used to be an attack vector where malicous sites used links from freemail pages to steel session IDs from the referer-headers.
Re:wasn't there a time.... (Score:5, Informative)
To be fair, that is nothing more than a workaround for several other major security issues:
1. The referrer header itself. This header serves no useful purpose, and leaks information that the destination website has no need to know. There is no way to use the referrer information securely, since it can be trivially forged, but it does serve as an invaluable tool for malicious attacks and unwanted tracking.
2. Session IDs should be validated to prevent hijacking. At the very least the session ID should be ignored if it comes from a different IP address than the one which created the session. It's not a perfect solution, given dynamic IPs, NAT, and proxies, but it would block most attacks without inconveniencing normal users.
3. No private information, including session IDs, should ever go in the URL. HTTP POST requests or cookies are a better solution here. (Naturally, cookies should be valid only until the end of the session unless the user explicitly indicates otherwise.)
Infinite loop (Score:2, Funny)
...Redirect hell? (Score:2)
Twitter Redirect ... (Score:2)
links you to Jap Porn.
HTTP redirects (Score:2)
I'm going to assume that most of these use HTTP redirects. This is where the server returns a 3xx result that tells the browser where to go, as opposed to rendering a full page and using Javascript to redirect.
The nice thing about HTTP redirects is that a service like Twitter can just follow the HTTP redirects for you and cut all of the middlemen out of the chain. Even forthcoming server-side Javascript interpreters could parse out Javascript-based redirects.
Shady URL's (Score:5, Funny)
Personally, I find the trend of redirecting to innocent sites via shady URL's much more alarming: http://5z8.info/foodporn_e0g0l_taliban-meetup [5z8.info]
(I promise I'll get modded "troll" by someone who glanced at the link and assumed the worst. Hard to blame them, but I do love using those links whenever possible...)
The ones I hate most... (Score:3, Informative)
...are those that come in perfectly legitimate email, stuff that I actively subscribed to. They already know where I came from, their own damned email. Why does it need to go through a redirecting clicktracker?
Furthermore, it lets even legit emails send me somewhere not only unanticipated but also a pain in the ass, like links that unexpectedly open a whopping great PDF.
Many thanks to folks who posted links to two URL de-obfuscator services, which are now permanently on my toolbar.
http://unshorten.com/index.php [unshorten.com]
http://www.longurlplease.com/ [longurlplease.com]
Re: (Score:2)
Where are you seeing this? I just looked the the html source for the results of a google search and the target url is the target hfre with no google middleman. Am I missing something?
It's called onmousedown! (Score:4, Informative)
Yes you are really missing something! Just by viewing source you should notice on the a tag
onmousedown="return rwt(this,'','','','3','AFQjCNElSuk8pqYMVk5pKG9sycYfDSh7zg','UsteGasJKDRPW0uis7I9Ig','0CCsQFjAC')"
class="l"
href="http://example.com/the/original/URL"
So on mouseover you see the original URL, but on click, function rwt ("rewrite"?) sends you to Google first with all that tracking crap, which then redirects you on your way.
If I right-click and Copy Link Location, I get a Google URL in Firefox with this tracking crap. If I feed that to curl, I don't get a status 301 redirect, I get a small piece of HTML back containing both a script that changes the window.location and a meta http-equiv refresh tag.
Disable JavaScript to disable all this.
Re: (Score:3, Interesting)
Hmm, it varies. In Firefox if I'm logged in to Google a search result has an href with a plain URL but the onmousedown rewrites as I described above. If I log out the href is a Google URL and there's still an onmousedown rewrite. But in Konqueror where Google knows nothing about me, I get a plain href and no onmousedown handler.
So maybe another way to avoid Google tracking is use an obscure browser?
Re: (Score:2)
I am constantly irritated when I copy a link, only to paste a wall of text in my little IM window.
Re: (Score:2)
Re: (Score:2)
That sound you hear is the point, zooming at mach 5 over your head.
Re: (Score:2)
That's not the kind of URL hiding the OP is talking about. If you did this to URLs pointing to external sites, ones not controlled by you or your company, *then* you'd be contributing to redirect hell.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Moderators, thought this redirection is written to go to goatse.cx
TinyURL does a preview of it and experience surfers will avoid it.
I was thinking of trying this myself but looks like TinyURL is already on the ball to prevent goatse.cx abuse.
Re: (Score:2)
Exactly. I don't even think advertising should exist in its current form. If capitalism is supposed to be about delivering the best goods and services to people at the best price, then what's needed to facilitate that is an independent directory of goods and services, that doesn't allow any bullshit about what the goods and services really offer for the money.