this post was submitted on 13 Dec 2024
690 points (97.3% liked)
Technology
60024 readers
3374 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are in fact many extensions designed to suppress or rewrite headers, most notably cookies, but also proxy headers and other things like that. Stripping out privacy invading (or in this case revenue redirecting) query parameters is another thing that extensions can do, and there are various extensions for that too, including apparently ublock origin (UBO).
UBO is not able to rewrite urls completely (a deliberate decision to protect users from accidental or intentional security breaking rules appearing in rule lists) but there are other extensions that do that too, like changing www.reddit.com to old.reddit.com, or bypassing google redirects and link shorteners that snoop on user activity. The web is a predator-prey ecosystem (users are mostly prey) and it is necessary to respond to new hazards as they appear.
I use this filter in ublock to remove them: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt.
These things are very privacy invading, many of them have information that can identify the users. I don't think douglasg14b knows what he is talking about. Yes they are query parameters, but they are used for many things such as advertisment for example or referrals, I think it is fine to remove query parameters that are not necessary.
https://www.ieee-security.org/TC/W2SP/2014/papers/privacy_query_strings.pdf
Sometimes the website sends sensitive data through query strings which is a common security issue.
https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url
You were so, so much more polite than I would have been