Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the Web Heading Toward Redirect Hell?

Posted by timothy on from the here-let-me-bounce-you-a-few-times dept.

Ant snips from Royal Pingdom this excerpt: "Google is doing it. Facebook is doing it. Yahoo is doing it. Microsoft is doing it. And soon Twitter will be doing it. We're talking about the apparent need of every web service out there to add intermediate steps to sample what we click on before they send us on to our real destination. This has been going on for a long time and is slowly starting to build into something of a redirect hell on the Web. And it has a price."

11 of 321 comments (clear)

  1. Re:How do you get offenders to stop? by duguk · · Score: 5, Insightful

    Not everyone has 1MB/s.

    Any ideas on how to convince people to stop?

    Surely it's the latency, not the bandwidth that is the problem with 301s?
    They can't be much more than a few hundred bytes!

  2. Techie price greater than luser price by apoc.famine · · Score: 5, Insightful

    For those of us who use things like NoScript, the price can be that we don't get there. Ever.

    I know that when I go to a site that can't work unless I allow a half dozen or more other sites to run scripts, I sometimes decide that it's not worth my time. When I click a link that then has to contact several domains, (sometimes ones I have specifically blocked) I might stop right there and close the tab.

    The web isn't just headed towards redirect hell - it's turning into a damn sketchy web of tentacles working their way into every page. When I find ones that I'm not comfortable having around, I don't go back.

    I'm not sure I like what the web has become. Thanks to NoScript, I at least know what it's become.

    --
    Velociraptor = Distiraptor / Timeraptor
  3. To be honest the web was getting a bit fast... by youn · · Score: 5, Funny

    ... so they had to find yet another way to slow things down... so the web could live up to its reputation of "world wide wait" ;)

    --
    Never antropomorphize computers, they do not like that :p
  4. Re:How do you get offenders to stop? by tom17 · · Score: 5, Informative

    Like this? http://unshorten.com/

    I just 'thought of' that only to find it was done aages ago...

  5. My Idea by wbav · · Score: 5, Funny

    I want to create a redirect loop. Just imagine, google to tinyurl to bit.ly to dilv.it back to google.

    Or you could always just make a really long way to get to someone who'll never give you up, never let you down.

    --

    =================
    Unix is very user friendly, it's just picky about who its friends are.
    1. Re:My Idea by clone53421 · · Score: 5, Interesting

      Infinite recursion that defeats browser infinite recursion detection:

      http://3.ly/3x5qdno
      http://tinyurl.com/36n5j5y

      (the tinyurl long link is <html><body><script>var t=setTimeout('window.location="http://3.ly/3x5qdno";',50);</script></body></html> encoded in a data: URI)

      --
      Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  6. Facebook by Xacid · · Score: 5, Informative

    To play the devil's advocate - facebook's redirects started as a way to filter out all the spam links.

  7. Re:It's a shame too... by mpicker0 · · Score: 5, Funny

    I prefer to use "lengthened" URLs: http://hugeurl.com/.

  8. Re:How do you get offenders to stop? by shog9 · · Score: 5, Informative

    Close enough: https://addons.mozilla.org/en-US/firefox/addon/9549/

  9. Re:wasn't there a time.... by JesseMcDonald · · Score: 5, Informative

    To be fair, that is nothing more than a workaround for several other major security issues:

    1. The referrer header itself. This header serves no useful purpose, and leaks information that the destination website has no need to know. There is no way to use the referrer information securely, since it can be trivially forged, but it does serve as an invaluable tool for malicious attacks and unwanted tracking.

    2. Session IDs should be validated to prevent hijacking. At the very least the session ID should be ignored if it comes from a different IP address than the one which created the session. It's not a perfect solution, given dynamic IPs, NAT, and proxies, but it would block most attacks without inconveniencing normal users.

    3. No private information, including session IDs, should ever go in the URL. HTTP POST requests or cookies are a better solution here. (Naturally, cookies should be valid only until the end of the session unless the user explicitly indicates otherwise.)

    --
    "The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
  10. Shady URL's by sirrunsalot · · Score: 5, Funny

    Personally, I find the trend of redirecting to innocent sites via shady URL's much more alarming: http://5z8.info/foodporn_e0g0l_taliban-meetup

    (I promise I'll get modded "troll" by someone who glanced at the link and assumed the worst. Hard to blame them, but I do love using those links whenever possible...)