Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
data-saferedirecturl defeats URL stripping
See original GitHub issueI see that Gmail are doing something really evil with hyperlinks within emails:
<a href="https://link.to.other.site" target="_blank" data-saferedirecturl="https://www.google.com/url?q=link.to.other.site&source=gmail&ust=1534942837200000&usg=AFQjCNH3Pzb1Mq6zL847zzh6iqd4g1B3IA">here</a>
This is also described here:
- Rob–W/dont-track-me-google#2
- security - Why do links in gmail redirect? - Stack Overflow
I really don’t want google tracking which links I click on. I’m sure Google would claim that they’re doing the user a favour by hiding referrer data from the target web server, but only because they’re stealing that data for themselves!
So I think it would be great if this project stripped these data-saferedirecturl links.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:3
- Comments:10 (2 by maintainers)
Top Results From Across the Web
How to remove data-saferedirecturl from email which is added ...
I am sending email using php with download link to an exe file. But gmail adds data-saferedirecturl attribute to anchor tag which does...
Read more >Gmail/G Suite now editing URLs in mail message bodies to ...
Btw the data-saferedirecturl attribute is not found in the email bodies ... or iOS with the gsuite account/user set to type "Google" vs....
Read more >Stop Gmail click tracking - Jeff Johnson
However, Gmail uses another attribute of the anchor, called data-saferedirecturl , to hide the original tracking URL, then hijacks the link ...
Read more >Facebook Change Ensures Tracking by Preventing URL ...
More important, Brave has automatically stripped tracking parameters from URLs since 2020, and Mozilla just added URL stripping to Firefox ...
Read more >Some codes added to URL when accessing Wikipedia from ...
... <a> tag has a data-saferedirecturl property containing this link. There are various tools to remove it, e.g. the URL tracking stripper ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Also worth noting that this creates the exact opposite effect of the problem described in #68: the stripped URL is shown on mouse-over, but the hijacked URL is actually used on click.
TLDR: It does skip Google and does not pass through its servers. Please let me know if you can show otherwise and how to reproduce it, and I will certainly investigate @YesThatAllen. This will be the last time I comment on this thread. If there still turns out to be some issue, please open another ticket as this one has gotten quite useless.
Details: Let me see if I can put this to bed once and for all:
data-saferedirecturls all exist in Gmail and wherever you encounter them - I do not change them on the webpages and if you look at the HTML they will still be there. This extension is not intended to change the URLs on the page for you, so this is expected behavior. But it also doesn’t mean that it’s not going to skip those redirects for you…307 Internal Redirect.data-saferedirecturlfirst with the extension enabled, and second without it enabled:Here’s an image as well.