-
-
Notifications
You must be signed in to change notification settings - Fork 379
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Option to remove metadata from URL #681
Comments
This comment has been minimized.
This comment has been minimized.
Related: #85 |
Up, I'm really interested by this. :) I personally use au-revoir-utm to remove utm data and it works pretty well, but I'm interested by having only one privacy add-on. I found recent merge-requests about anti link-tracking, like #2016, but AFAIU this doesn't remove utm data. |
I think stripping UTM parameters in particular would be an easy win. They're widely used, and afaik exclusively used for tracking. @roipoussiere if you're interested in working on a PR for this feature, I'll review it. Otherwise I'll get to it after catching up on some other backlogged stuff. |
I want to start working on this, building off au-revoir-utm, but we'll have to watch out for conflicts with HTTPS Everywhere and other url-rewriting extensions (jparise/chrome-utm-stripper#13). This is a problem with browsers in general; webextensions should really allow multiple extensions to rewrite the same URL in sequence. Since they don't, we need to work around the conflicts, especially since there's a lot of overlap between ours and HTTPSE's users. We have a few options:
|
Brave has a query string filter: https://github.com/brave/brave-browser/wiki/Query-String-Filter |
Read more: https://medium.com/@jeremyrubin/caution-copy-pasting-urls-from-google-search-can-leak-previous-searches-11940508e79
Some URLs have metadata in them and when sharing them they can leak sensitive data. 3 exemples:
If you search from the address bar in Chrome and then search again on Google your old search is still in the URL as metadata!
Imdb also have metadata, in my example I searched(nv_sr = navigate searchbar)
If you click on a youtu.be-link the full link will tell you so(&feature=youtu.be)
There are more examples of course. I think this would be a great feature in Privacy Badger. The best option would be to rewrite the URL even before you visit it because then would none see the metadata, not the server, someone behind you nor the person you're sharing the link to.
Regards,
Chloe
The text was updated successfully, but these errors were encountered: