Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the Web Heading Toward Redirect Hell?

Posted by timothy on from the here-let-me-bounce-you-a-few-times dept.

Ant snips from Royal Pingdom this excerpt: "Google is doing it. Facebook is doing it. Yahoo is doing it. Microsoft is doing it. And soon Twitter will be doing it. We're talking about the apparent need of every web service out there to add intermediate steps to sample what we click on before they send us on to our real destination. This has been going on for a long time and is slowly starting to build into something of a redirect hell on the Web. And it has a price."

32 of 321 comments (clear)

  1. How do you get offenders to stop? by alain94040 · · Score: 4, Interesting

    Funny just this morning I noticed that it took at least 5 redirects or more for Google to let me login to Analytics. It felt like my browser had a life of its own!

    The real problem though are the link shorteners. I'd like to vote with my feet and never click on them, but for many, they are like drugs, because they let you track your influence (how many people clicked) in real-time. It's especially bad on slower connections such as smartphones. Not everyone has 1MB/s.

    Any ideas on how to convince people to stop?

    --
    Don't work on your startup project without a safety net

    1. Re:How do you get offenders to stop? by duguk · · Score: 5, Insightful

      Not everyone has 1MB/s.

      Any ideas on how to convince people to stop?

      Surely it's the latency, not the bandwidth that is the problem with 301s?
      They can't be much more than a few hundred bytes!

    2. Re:How do you get offenders to stop? by TooMuchToDo · · Score: 3, Interesting

      Any ideas on how to convince people to stop?

      Create a web service where you can provide a shortened URL and it will respond back with the full URL. Make sure this web service caches the redirect for at least 24 hours. You instantly kill any reason for the redirect to be there (their counts will no longer be accurate).

      If someone wants to use this sort of service, I'd be happy to throw it together and provide it for free.

    3. Re:How do you get offenders to stop? by tom17 · · Score: 5, Informative

      Like this? http://unshorten.com/

      I just 'thought of' that only to find it was done aages ago...

    4. Re:How do you get offenders to stop? by religious+freak · · Score: 4, Informative

      There is an RFC out there (I forget the number off the top of my head) which limits redirects to five. IE6 went above spec and allowed ... 20... I think. IE8 has shortened to allow 10 redirects. FF and Chrome allow the same or less. There is a limit on redirects by RFC, but many websites don't follow the rule and many browsers are forced to compensate because of this.

      Ironically, I was just recently accessing a gmail based email system with an Android phone and suddenly I get the message "too many redirects". So now there's no way my google phone can access my google mail. -1 for that one Google.

      --
      If you can read this... 01110101 01110010 00100000 01100001 00100000 01100111 01100101 01100101 01101011
    5. Re:How do you get offenders to stop? by dyingtolive · · Score: 4, Interesting

      Nice. If that got turned into a firefox plugin to realtime decrypt the links...

      --
      Support the EFF and Creative Commons. The war is coming, and they're supporting you...
    6. Re:How do you get offenders to stop? by skids · · Score: 3, Interesting

      Not to mention, when a shared medium or statistically multiplexed PtP link of low bandwidth has congestion, latency is higher than on a higher bandwidth link, which has a much shallower queue built up and/or takes less time to wait for the 1500 byte packet that just started being transmitted to get out of the way. The distinction is only really relevant when you're discussing technicals of TCP window scaling and bandwidth delay product. Certainly not to the end user: "slow" is "slow".

      --
      Someone had to do it.
    7. Re:How do you get offenders to stop? by Anonymous Coward · · Score: 4, Insightful

      There's also the added DNS lookups to consider.

    8. Re:How do you get offenders to stop? by shog9 · · Score: 5, Informative

      Close enough: https://addons.mozilla.org/en-US/firefox/addon/9549/

    9. Re:How do you get offenders to stop? by kurokame · · Score: 3, Informative

      You know those exploding consoles on Star Trek? Did you ever wonder why someone would invent exploding keyboards? Now you know.

    10. Re:How do you get offenders to stop? by eth1 · · Score: 3, Interesting

      Yeah. Load the page as normal, then, in the background, replace the redirects with direct links.

      As a bonus, if enough people started using it, it would so bork up the tracking stats (and the load on the redirect servers) that using redirects like that would be less appealing in the first place.

  2. It's a shame too... by bziman · · Score: 4, Insightful

    I refuse to click on any "shortened" link, because I want to know PRECISELY where I'm going to end up. Thank you Slashdot and goatse.cx. If it's important enough to go visit, it's important enough to spell out properly. And thank you, but I don't live my life via SMS, so the few extra characters is worth my piece of mind.

    1. Re:It's a shame too... by The+MAZZTer · · Score: 4, Informative

      TinyURL has a cool feature to help with this. For TinyURLs, of course.

    2. Re:It's a shame too... by piquadratCH · · Score: 4, Informative

      With bit.ly, you can simply append a "+" to the URL and get an information page showing, between other information, which URL hides behind it, e.g. http://bit.ly/cTGasX+. I don't know if they have a setting to always display this info page, but I'm sure there are usersrcipts and bookmarklets out there that automatically append a "+" to every bit.ly link.

    3. Re:It's a shame too... by mpicker0 · · Score: 5, Funny

      I prefer to use "lengthened" URLs: http://hugeurl.com/.

    4. Re:It's a shame too... by zerocool^ · · Score: 3, Funny

      Myself, I prefer shady urls.

      http://www.shadyurl.com/

      http://slashdot.org/
      becomes
      http://5z8.info/aryanbr0ther00d_l9e5b_malicious-cookie

      --
      sig?
  3. Techie price greater than luser price by apoc.famine · · Score: 5, Insightful

    For those of us who use things like NoScript, the price can be that we don't get there. Ever.

    I know that when I go to a site that can't work unless I allow a half dozen or more other sites to run scripts, I sometimes decide that it's not worth my time. When I click a link that then has to contact several domains, (sometimes ones I have specifically blocked) I might stop right there and close the tab.

    The web isn't just headed towards redirect hell - it's turning into a damn sketchy web of tentacles working their way into every page. When I find ones that I'm not comfortable having around, I don't go back.

    I'm not sure I like what the web has become. Thanks to NoScript, I at least know what it's become.

    --
    Velociraptor = Distiraptor / Timeraptor
    1. Re:Techie price greater than luser price by Spazntwich · · Score: 3, Interesting

      I've noticed this as well, and just consider it the price I have to pay to avoid losing my nerd credentials along with my tiny bank balance.

      But it is becoming more prevalent, and I'm not sure what the solution is. Part of me worries this is one of the setup steps in someone's grand scheme to make the internet "dangerous" enough that the "only solution" is to grant absolute internet authority to agency x. You know. To protect the children from all the sexual predators hiding kiddie porn in bit.ly links.

  4. www.linuxtoday.com is the champion by bogaboga · · Score: 3, Interesting

    Folks at linuxtoday.com have been doing this for a long time. It's one reason I fled the site. Instead of taking me to where I wanna go directly, they make me click twice on the same site. This I believe, enables them to collect 'vital information' to present to their advertisers.

    The bad thing is that they lost me and many others in the process.

    By the way, it's intentional for me not to link to them from Slashdot directly.

  5. To be honest the web was getting a bit fast... by youn · · Score: 5, Funny

    ... so they had to find yet another way to slow things down... so the web could live up to its reputation of "world wide wait" ;)

    --
    Never antropomorphize computers, they do not like that :p
  6. optimize google by emkyooess · · Score: 4, Informative

    The Optimize Google add-in for Firefox gets rid of some of their hellish redirects. Sadly, it doesn't update frequently and seems prone to breaking.

  7. My Idea by wbav · · Score: 5, Funny

    I want to create a redirect loop. Just imagine, google to tinyurl to bit.ly to dilv.it back to google.

    Or you could always just make a really long way to get to someone who'll never give you up, never let you down.

    --

    =================
    Unix is very user friendly, it's just picky about who its friends are.
    1. Re:My Idea by clone53421 · · Score: 3, Interesting

      Done.

      http://tinyurl.com/25lsp67
      http://3.ly/2e5g64f

      bit.ly adds its own little blab page if it detects multiple redirects, which is entertaining in its own way I guess... never-ending loop:

      http://bit.ly/9bV4Re

      The preview feature is fun too...

      http://3.ly/RwuW
      http://tinyurl.com/k2w9uiz

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
    2. Re:My Idea by clone53421 · · Score: 5, Interesting

      Infinite recursion that defeats browser infinite recursion detection:

      http://3.ly/3x5qdno
      http://tinyurl.com/36n5j5y

      (the tinyurl long link is <html><body><script>var t=setTimeout('window.location="http://3.ly/3x5qdno";',50);</script></body></html> encoded in a data: URI)

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  8. Not all that new by shoptroll · · Score: 4, Informative

    Jeff Atwood hit on this issue in a blog post last year: http://www.codinghorror.com/blog/2009/06/url-shorteners-destroying-the-web-since-2002.html

    --
    Insert Sig Here
  9. Why it has to be so technically impractical? by Anonymous Coward · · Score: 4, Interesting

    Less fragile and less of an unnecessary intermediary on this Web 2.0 (or whatever) age would be to catch the click of a link with onclick, set a cookie, and open the original, intended link. When user would again come back to the site, this cookie would be dumped to the site that so much wanted the information it was clicked. Even if the user would have some sort of embedded resource from this site open somewhere else, it could harvest the information and send it back.

    Instead, we seem to be ending up with endless chains of redirectors and opaque identifiers that are bound to organizations that don't necessarily exist in a year. What a joy to use technology which is driven by needs of utter morons and greed of those interested to press most information out of the morons...

  10. advertising funds nothing serious by FuckingNickName · · Score: 4, Insightful

    and there is no useful (i.e. non-light-entertainment) content created primarily through advertising revenue. Slashdot developers who have made their money over the last decade producing tat by not overestimating the intelligence of the general public cannot bear to admit this, but you simply cannot produce high-calibre content when your primary aim is to suck in as many as possible of the kind of people who take notice of adverts.

    Murdoch, often maligned for his lack of business sense but mysteriously still richer than all of us, seems to have tried and failed at pushing the subscription model. Obviously there are other viable models for producing information on the web such as government sponsorship (BBC, academia) and well organised groups of hobbyists (e.g. ham radio), but how will the sites who do not already have a dedicated subscription base through off-line heritage sustain themselves? Or maybe the answer is that they will not, the moment they take their eye off the advertiser as customer and start worrying directly about satisfying the desire for the reader to intellectually advance himself.

  11. Facebook by Xacid · · Score: 5, Informative

    To play the devil's advocate - facebook's redirects started as a way to filter out all the spam links.

  12. wasn't there a time.... by bickerdyke · · Score: 3, Interesting

    when it was considered a security hole if you DIDN'T use a redirect on your page? IIRC there used to be an attack vector where malicous sites used links from freemail pages to steel session IDs from the referer-headers.

    --
    bickerdyke
    1. Re:wasn't there a time.... by JesseMcDonald · · Score: 5, Informative

      To be fair, that is nothing more than a workaround for several other major security issues:

      1. The referrer header itself. This header serves no useful purpose, and leaks information that the destination website has no need to know. There is no way to use the referrer information securely, since it can be trivially forged, but it does serve as an invaluable tool for malicious attacks and unwanted tracking.

      2. Session IDs should be validated to prevent hijacking. At the very least the session ID should be ignored if it comes from a different IP address than the one which created the session. It's not a perfect solution, given dynamic IPs, NAT, and proxies, but it would block most attacks without inconveniencing normal users.

      3. No private information, including session IDs, should ever go in the URL. HTTP POST requests or cookies are a better solution here. (Naturally, cookies should be valid only until the end of the session unless the user explicitly indicates otherwise.)

      --
      "The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
  13. Shady URL's by sirrunsalot · · Score: 5, Funny

    Personally, I find the trend of redirecting to innocent sites via shady URL's much more alarming: http://5z8.info/foodporn_e0g0l_taliban-meetup

    (I promise I'll get modded "troll" by someone who glanced at the link and assumed the worst. Hard to blame them, but I do love using those links whenever possible...)

  14. It's called onmousedown! by spage · · Score: 3, Informative

    Yes you are really missing something! Just by viewing source you should notice on the a tag

      onmousedown="return rwt(this,'','','','3','AFQjCNElSuk8pqYMVk5pKG9sycYfDSh7zg','UsteGasJKDRPW0uis7I9Ig','0CCsQFjAC')"
      class="l"
      href="http://example.com/the/original/URL"

    So on mouseover you see the original URL, but on click, function rwt ("rewrite"?) sends you to Google first with all that tracking crap, which then redirects you on your way.

    If I right-click and Copy Link Location, I get a Google URL in Firefox with this tracking crap. If I feed that to curl, I don't get a status 301 redirect, I get a small piece of HTML back containing both a script that changes the window.location and a meta http-equiv refresh tag.

    Disable JavaScript to disable all this.

    --
    =S