UrlHosted Experiment: Host Content Within the URL

New submitter graphicore writes to point out an experimental "unhosted" app that challenges the concept of the URL. By putting the post data after the # mark, the URL is (mis-)used as the data storage. You can store your data within your bookmarks list, host it via a URL-shortener(!) like here: http://goo.gl/DYxr5m or attach it directly to a tweet I also attached the full-url to this slashdot post :-) This raises the question about who is hosting the content and it will probably break the internet. This is a quote from Google's shortener policy: "Please remember that goo.gl directs you to content that is already in existence on the internet. This is not content hosted by Google." It could also become a storage strategy for any other web app. The app is GPL v3, no strings attached. And there's always DNS, too.

It will break the Internet!!?!?!?!?!

[QuietLagoon]

... it will probably break the internet...

Oh no Mr. Bill. The Internet will be broken.

.
Give me a friggin' break. Get real.

Re:It will break the Internet!!?!?!?!?!

Did you even bother to read the rest of the summary? This actually causes real potential issues if someone stores copyrighted information in a URL-shortener's database. Because in that case, it ISN'T just a link to information - it is the information itself.

So, yes, this sort of thing can potentially open ISPs and hosting companies up to all sorts of unexpected liability. If upheld that way, when the courts get involved, it could, in fact, break the internet.

Re:It will break the Internet!!?!?!?!?!

[ArmoredDragon]

I think it's more likely they'd just issue DMCA takedown notices to the URL shortener providers.

Re:It will break the Internet!!?!?!?!?!

Add a layer: Instead of posting content, post random strings. Only if XORed with another random string do you get content. At the same time, Alice posts string A, Bob posts string B, Carol posts string C, Dan posts string D, Eve posts string E. None of these strings have discernible content. A XOR B is a cat picture, A XOR C is a Beatles song, C XOR D is a PDF of the bible, D XOR E is a tarball of the Linux kernel. What do you take down?

Re:It will break the Internet!!?!?!?!?!

[davester666]

The website, of course.

Re: It will break the Internet!!?!?!?!?!

C.

(Your idea won't lead to a good way of distributing copyrighted content, but it might lead to a fascinating series of logic puzzles!)

Re: It will break the Internet!!?!?!?!?!

Why C? That's Carol's bible. Carol doesn't even know that A XOR C is a Beatles song.

Re: It will break the Internet!!?!?!?!?!

Give a dork the chance to prove how smart they are and they sing like a canary... thanks for your assistance, citizen! The interview is over. Would you tell Alice to come in for a chat?

Re: It will break the Internet!!?!?!?!?!

Alice has posted a picture of her cat. She doesn't even know that A XOR C is a Beatles song.

Re:It will break the Internet!!?!?!?!?!

[arglebargle_xiv]

Did you even bother to read the rest of the summary? This actually causes real potential issues if someone stores copyrighted information in a URL-shortener's database.

Heck, my movie-warez site has been doing that for years. Sure, you have to click on 800 distinct URLs to get the content of a single frame of Game of Thrones in HD, but it's a small price to pay for thumbing your nose at the man.

Re:It will break the Internet!!?!?!?!?!

[znrt]

Did you even bother to read the rest of the summary? This actually causes real potential issues if someone stores copyrighted information in a URL-shortener's database. Because in that case, it ISN'T just a link to information - it is the information itself.

no, copyright is causing issues.

So, yes, this sort of thing can potentially open ISPs and hosting companies up to all sorts of unexpected liability. If upheld that way, when the courts get involved, it could, in fact, break the internet.

this very same technique has been used for ages in several tools to store and propagate user data.

if abused it could break url shortener services for a short while (*), which aren't essential at all. i actually never liked them, i want to know where i'm clicking to.

(*) i guess i would take any service just minutes to impose size limits.

Re: It will break the Internet!!?!?!?!?!

God save us from bugs in the URLs.

Re:It will break the Internet!!?!?!?!?!

[ceoyoyo]

Yeah sure, the same issues you'd have if you put some copyrighted material into a Slashdot comment, or on any of the rest of those comment systems that infest websites. It's a problem that's been dealt with.

Besides, I expect that a URL shortener would reject your URL if you tried to put anything substantial (like a song) in the URL. It's not magic: all you're doing is attaching the data to the end of a URL.

Re:It will break the Internet!!?!?!?!?!

[ubrgeek]

I thought only my grandparents could manage that.

Re: It will break the Internet!!?!?!?!?!

[tepples]

Because there are plenty of other PDF Bibles on the Internet lawfully available without charge. There's the Project Gutenberg edition of the KJV, the World English Bible (an update to the ASV), the NET Bible, the New World Translation at JW.org, etc.

Re: It will break the Internet!!?!?!?!?!

I should have known better than to click that link. It's been a few months since I last saw that image, so I suppose it was about time.

Re:It will break the Internet!!?!?!?!?!

[priyasehgalbolt]

UrlHosted Experiment is successful and that will never broken the internet connection. if you used this url = http://www.locksmithsinscottsd... + # By putting the post data after the # mark. and you use google url-shorter then URL will look like this : http://goo.gl/D1n9cG That will redirect to this URL not broken the internet connection.

Re: It will break the Internet!!?!?!?!?!

A XOR D XOR a PDF of the bible is still a Beatles song.

Re:It will break the Internet!!?!?!?!?!

[morgauxo]

It would suck to lose URL shorteners. I'm not sure I would equate that with 'breaking the internet' though.

Question

What's a # sign for at the end of some URLs? I've always wondered that since not all have them! Thanks for the answer.

Re:Question

[bistromath007]

I usually see it used to make you jump down to a particular heading in, e.g., a wiki article. I think it also activates stuff in scripts sometimes?

Re:Question

[Qzukk]

Not sure if serious, but I'll bite. The default action for URLs ending in #~~~~ is for the browser to find a tag named ~~~~ and scroll to that. It's used to link to a specific part of the page. Originally the tag needed to be an <a name="~~~~"> tag, but modern browsers will find any tag with id="~~~~" and use that.

It's used here because the browser does not send the #~~~~ part of the URL to the server, so you're not limited by the URL length limits in certain browsers*cough*IE*cough*. Instead, the webpage includes javascript that reads the window location variable to find the #~~~~ and parse it.

Re:Question

What's a # sign for at the end of some URLs? I've always wondered that since not all have them! Thanks for the answer.

Javashit developers abusing the structure of a URL.

It was supposed to go to an anchor tag - so that if index.html says [A NAME=foo] you could have a URL of the form index.html#foo that would go to the correct part of index.html.

Like everything else, it got ruined by Javashit when someone discovered you could manipulate things with it that had nothing to do with anchor tags.

And since Javashit "programmers" presume that everyone wants to run third-party executables within their browser, if they have nothing to supply their Javashit framework they just include the "#" and leave the rest of the URL blank.

Remember kids, without Javashit, it'd be a lot harder to have pop-ups, pop-unders, and interstitials, so always make sure your web page renders absolutely nothing without it active. The best and most portable web pages are single line obfuscated Javashit functions that load six typefaces and twenty scripts before rendering a single byte of the static HTML content that the user came from.

/even fucking nasa.gov has succumbed. Sigh.

Re: Question

It's an anchor.

Re: Question

[I'm+New+Around+Here]

Wait a sec. It's gonna let illegals invade your webpage? Who thinks up these stupid policies?

Re: Question

If you were trying to be funny, you failed and you're a moron. If you weren't trying to be clever, you're a moron. So pretty much any way you look at it, you're a moron.

Re:Question

I just want to offload the CPU usage of rendering a page from template to your computer.

But I can add a disclaimer if you want. Maybe that's good service?

Otherwise I'd had to render server-side, which is costly. No thanks :-)

I don't use anchors though. I only use links when a link is needed, and it is real. However, it all gets routed through one small piece of static HTML that loads a bunch of javascript, css and fonts, and routes to the desired resource by use of script. The static page just says that you cannot run the website without javascript if you don't load the libraries :-)

Re:Question

The smileys don't make your position any less smarmy. If you want the client to render something complex, a web browser is the wrong tool. You should write a client application. Of course this hasn't stopped legions of braindead idiots from including megabytes of javascript in their sites that does fuck knows what...

Re: Question

[mSparks43]

Have you ever written such an application?

How that work out?

Re:Question

[hughbar]

It's really scary to see people asking this, apparently seriously, we've drifted so far from simplicity and standards back into a very specific world with lots more potential lock-in. This is the case for 'apps' too, they provide direct connection between the company and consumer, apart from snarfing up any data that they possibly can. Of course, I'm old, I do do apps and a lot of javascript, but I'm a big fan of open standards and KISS.

Re:Question

Further, it is a bit of a lie to say that the app is not sending your data to the server. It still does an http request or two to get the empty document and the javascript . That already sends all your metadata to the server. It would be trivially easy for the hoster ( or even a third party if the hoster isn't on ssl) to simply post the url string back to the hoster ( or anybody else). In other words, you still have to trust the hoster.

Of course, you could save the document locally to you computer, but then you are using a browser as a application runtime, which is an exceptionally poor choice.

Re: Question

He basically described smart phone apps. Seems to be working great there.

Re:Question

[mrvan]

You know what's scary?

(1) That someone on friggin' slashdot has no clue what the # in a url is, and thinks that asking it is easier than just friggin' googling it

(2) That another poster on slashdot answers in apparent earnest with "I usually see it used to make you jump down to a particular heading in, e.g., a wiki article. I think it also activates stuff in scripts sometimes?"

For crying out loud, where did all the nerds go? Reddit?

Re: Question

Yes, I have. 3 million downloads. Thanks for asking.

Re:Question

[Hognoxious]

If you want the client to render something complex, a web browser is the wrong tool. You should write a client application.

Wasn't that what Java was supposed to be for (after it was supposed to be for set-top boxes, but before it was supposed to be the new C0807)?

Re: Question

Absolutely. Someone yesterday said something like "hah you just asked a technical question on /. ... I think you want 20-years-ago /. Looks like that poster was right.

Note that still no one has answered, just to show how smart they are, even though Google is a few keystrokes away. This place is full of people desperately trying to win the Internet and nobody will answer this relatively simple question. That further confirms my sense that most posters some here for self-gratification rather than learning anything or having interesting conversations about topics that ought to be of interest to this audience. I'm no longer sure what audience it is anymore.

I've been reading /. since just after it launched and since then, I've had friends ask "why the fuck do you still read that old thing" and I ask what they use. Usually Reddit or some absolute shitcan mixed links and screaming. Slashdot is still (somewhat) moderated, but the discussions are mostly awful. Maybe I just don't have my comment settings done right. This site will basically be Reddit by the end of the decade, but as for now, it's better than any other news aggregator that I've used. /. plus my local newspaper and I'm good.

Posting as AC because I've never bothered in the past 17 years to sign up for an account. I'm not trying to make a name for myself with Internet posts.

Re: Question

Maybe you have changed? 17 years is a long time, and with time, we tend to become more reflected, set in our ways or cynical, depending on who you ask...

Right from the start in the late 90s I noticed the general discussions on /. was relatively immature. With time, I've learnt to ignore 80% of the trolls, and savour the 5-10% of insightful comments. Just like the media and most every person, people will often spend most their energy reinforcing what they've already learnt, instead of constantly reassessing their assumptions. Or different people will be interesting in doing that in different areas and arenas.

Even though 80/20 rule apply here as most everywhere else, if you're not in the 20 that might appreciate such a site as this, all the articles and posts with either seem crazy or too technical. The world is complex and relative.

Funny enough, one of the first posts I read on /. was someone complaining that they needed to read -1 to 0 to get to the really interesting posts. This is an old song, but maybe that can be a solution?

Anyways, lately I've been reading http://spectrum.ieee.org/ quite alot. There are other sites out there. However, not much beats /. for moderation and taking the "temp" on technical opinions.

Re:Question

[elgatozorbas]

You know what's scary? That someone politely asks a question -which is completely on topic- and gets so much condescending flak about this. Not all nerds are html/scripting/ coding wizards.
And maybe, maybe, sometimes non-nerds stroll here accidentally. Let's quickly chase them away!

Re:Question

You know what's scary?

(1) That someone on friggin' slashdot has no clue what the # in a url is, and thinks that asking it is easier than just friggin' googling it

(2) That another poster on slashdot answers in apparent earnest with "I usually see it used to make you jump down to a particular heading in, e.g., a wiki article. I think it also activates stuff in scripts sometimes?"

For crying out loud, where did all the nerds go? Reddit?

They left when all of the radical SJWs moved in

Re:Question

[drooling-dog]

Software/web development is the only field I can think of where practitioners delight in ridiculing people outside of their specialty for not knowing everything that they do. I don't see that with medical doctors or lawyers or pharmacists or physicists. Every profession seems to have its own standards for basic maturity.

Re:Question

[Intron]

A browser is a client application.

Re:Question

[Kjella]

Plain HTML/CSS is fine for read-only sites. If you make your navigation dependent on Javascript you should be taken out back and shot. On the other hand if you want a form with even a moderate level of validation, date pickers, chained selects, chosen filters, basic HTML editing (in my case, an email template) or whatever then AJAX is pretty much the only way to go. The whole "put everything in a POST and rerender the whole page on every change" method is just terrible, both from a user and developer perspective. I must admit I haven't looked terribly hard at alternatives since I'm experimenting on an intranet site but even without trying very hard I needed jQuery, jQuery.UI and TinyMCE to fulfill the requirements. And at that point you're really there where you need Javascript anyway, so if another script or library can solve a problem well...

Not that I really want to include every library under the sun, but there's so much basic functionality for a web application I feel is missing. Sort of like being back at plain C++ without the Qt library, sure you could reinvent the wheel but why? Not that I really should expect it to, I mean originally it was just a bit of text mark-up with linking. Unfortunately it's not the 90s anymore, we don't want plain text sites and thick applications. We expect the apps to live in the browser unless they have some really special needs. Mostly it's a good thing, the Javascript sandbox is pretty strong. It's Java, Flash, ActiveX and all the other plug-ins that have been the huge exploit vectors. I guess you could go all RMS on this, but whether the server sends me "x=4" or "x=2+2, you do the math" doesn't really concern me.

Re:Question

Look how angry you are. Angry about JavaScript.

Re:Question

[fisted]

Way to miss the point.

Re:Question

/even fucking nasa.gov has succumbed. Sigh.

I noticed the switch a while back and think its a travesty. Wonder if there's someone to complain to? Doubt it would do much good though.

Re: Question

[Will.Woodhull]

Slashdot is always at its worst this time of year. It's a seasonal thing, related to the start of the academic year and the great number of wannabee clever-than-thous who are suddenly thrust into new environments and forced into searching for new sources of ego food. It will get better around the Fall Quarter midterm exams.

Until then, us graybeards must suffer the little children and their antics. Some of them will mature into tomorrow's hope; others will drop out or flunk out.

Re:Question

[Will.Woodhull]

While there are definitely Javashit programmers, Javascript has evolved into a solid programming language with some interesting pieces of elegance.

As to the Javashit programmers, that is a case of the 99% giving the rest of the Javascript programmers a bad name.

Re: Question

Software/web development is the only field I can think of where practitioners delight in ridiculing people outside of their specialty for not knowing everything that they do. I don't see that with medical doctors or lawyers or pharmacists or physicists. Every profession seems to have its own standards for basic maturity.
Interesting point. I would posit it is largely because those software people
  1) communicate mostly in ways that are not in person
  2) unlike doctors and lawyers, or even plumbers... Software enthusiasts do not have serious legal matters to consider resulting from their trolling, and as corollary they need a real name and businesses name attached to their image to continue to make a living. See the buggy state of software products today for direct consecutive of these "benefits"

Re: Question

Parent here. Besides accountability differences between us and doctors, lawyers, engineers, plumbers and regular meat space workers thanks to online contexts we need to add that a vacuum is usually the environment where we are grown.

  To practice their trade legally the docs, lawyers and engineers cannot be made with just years of tinkering and googling as we do. Only twenty percent of CS degrees comprised people working in information science trades including but not limited to help desk and programming about a decade ago. The docs, et al. actually need to learn from established programs and extensive training and interactions with prefers in person. Only then can they get state accreditations or some form of degree and thesis work to actually get started. It inculcates values and prevents trolling

Re: Question

[I'm+New+Around+Here]

Oh no! An anonymous coward on a webpage called me names! How will I ever sleep tonight? You are a mean man, mr ac.

Re: Question

These people seem too have found Slashdot though... God help us all.

Re: Question

Client side input validators LOL.

Where do you work?

Re:Question

[Oligonicella]

..the only field I can think of where practitioners delight in ridiculing people outside of their specialty for not knowing everything that they do.

It's a pan-field nerdish thing. Just watch The Big Bang Theory.

medical doctors or lawyers or pharmacists or physicists

Oh yeah they do and with some frequency.

Re: Question

[Oligonicella]

Link or lie, AC.

Re: Question

Oh dear. You really are new around here if you're responding to an AC calling you names. Really, get over it.

(I'm a different AC BTW)

Re: Question

I think he means prevalidating, does not imply that you are not doing a proper validation job on the server too.

Re: Question

I am the same AC as the previous two. Disregard those messages. I suck cocks! (and the hens don't appreciate it much)

Re:Question

Oh yeah they do and with some frequency

I'm pretty sure HIPAA was passed sometime after that xray of a guy with lightbulbs shoved up his ass got passed around on the internet.

Still need a base URL "player"

[SuperKendall]

You still need to point to a base URL that knows how to unwrap the URL hosted content...

So who who host those, knowing that any URL directed there might be mistakenly attributed to content they are hosting? You could make it appear as if such a site is saying ANYTHING... it's like you pre-hacked yourself.

Re:Still need a base URL "player"

[im_thatoneguy]

Yes and no. You could fit a bittorrent tracker into it. Then you're hosting your bit torrent tracker files into a short URL.

It doesn't break the internet but it does dramatically shift the question of who is "Hosting" content and who is "just sharing a link". There is a lot of legal uncertainty about what constitutes for instance copyright infringement. If you post a link to a tweet with a serial number are you committing piracy? If the website has a widget which then embeds the tweet are you worse or better off? If you post a URL which has the serial number in the URL... are you then just sharing a link or are you sharing the content? Does Google's URL shortener bare any legal responsibility under safe harbor for taking down URLs that contain copyrighted material?

Re:Still need a base URL "player"

[lgw]

OK, now it makes sense, thanks. I was wondering what this was for, but "bit torrent tracker" makes it clear. Very nice hack indeed.

It won't break the internet, but it will perplex and confuse MAFIAA lawyers, and that's something.

Re:Still need a base URL "player"

[SuperKendall]

That is true, it still lets you store arbitrary data in a URL, but you could perform the same trick just by putting any ascii encoded data into a query param attached to any valid hostname, which a URL shortener would happily store and feed back.

I'm saying that when you give a link like this to someone else that has something like an article in the example, that site has to know how to parse the whole blob of data after the "#" to display. That opens the site that is willing to parse and display the encoded data to accusations they are saying anything I want to pretend they are saying - Swastikas or whatever.

I don't think it really creates any complication about who is sharing and storing content, because the content is in the link - it's plain someone storing that URL is also storing the content, just as it's pretty clear by sharing that link you are sharing any data inside the link also. Certainly a court would have no issue seeing it that way.

Does Google's URL shortener bare any legal responsibility under safe harbor for taking down URLs that contain copyrighted material?

Yes, if reported to them they absolutely do.

Re:Still need a base URL "player"

[Noah+Haders]

i dont get it.

Re:Still need a base URL "player"

[Fwipp]

And even if they aren't malicious enough to hack you, it's not a hard decision for google to say "Oops, we no longer support URLs longer than 200 characters," or just drop everything after the anchor tag, so they aren't stuck storing some million cat gifs in their database.

Re:Still need a base URL "player"

[phantomfive]

If you post a link to a tweet with a serial number are you committing piracy? If the website has a widget which then embeds the tweet are you worse or better off? If you post a URL which has the serial number in the URL... are you then just sharing a link or are you sharing the content? Does Google's URL shortener bare any legal responsibility under safe harbor for taking down URLs that contain copyrighted material?

Sometimes geeks think they can get around laws with this kind of 'clever' trickery, but the answer is no, if you are purposely sharing copyrighted material in the URLs, then you are still liable.

Re: Still need a base URL "player"

It's not the site that decodes the block, it's the users browser. Browsers do not send the anchor text to the server, so this is a hack that puts the legal focus on the URL shortening service and the user, but not the "server" where the URL points. That server never touches the tainted content.

Re:Still need a base URL "player"

[Intron]

Most sites, /. for example, say anything you post is owned by you. That would include links that you post.

Re:Still need a base URL "player"

Sometimes geeks think they can get around laws with this kind of 'clever' trickery, but the answer is no, if you are purposely sharing copyrighted material in the URLs, then you are still liable.

No kidding. If the link is the data, then it's not a link anymore. It's the data. Case in point:

This raises the question about who is hosting the content and it will probably break the internet. This is a quote from Google's shortener policy: "Please remember that goo.gl directs you to content that is already in existence on the internet. This is not content hosted by Google."

No.... this wouldn't break the internet. It would just mean Google's statement is incorrect.

Pretty clever idea, though, and pretty funny to think that after years of breaking the internet, URL shorteners might finally break the internet by not breaking the internet.

Re:Still need a base URL "player"

[im_thatoneguy]

Simply linking to data though is not copyright infringement. So if the public rightfully believes that simply sharing a link is legal they may not spend the necessary time nor have the technical knowledge to discern the difference from copying a URL and sharing it and copying actual copyrighted works and sharing them.

URLs are already a loop hole in copyright law in many countries. This would widen that hole since the entire copyrighted work could even theoretically be contained within a very long URL. Although a very long URL would obviously be far more noticeable.

So if you posted a URL that contained a torrent tracker to your Facebook your friends could continue to share that "Post" (w/ embedded and even concealed URL) without realizing that they are even committing copyright infringement by directly sharing the tracker not simply a link to the tracker.

Re:Still need a base URL "player"

[phantomfive]

Simply linking to data though is not copyright infringement

This is not "simply linking to data" and you know it.

So if the public rightfully believes ....

"Belief" doesn't enter into copyright law.

URLs are already a loop hole in copyright law in many countries. This would widen that hole since the entire copyrighted work could even theoretically be contained within a very long URL.

This is like a nerd dream that lacks understanding of how the law works.

Re:Still need a base URL "player"

[Rob+Riggs]

That "Anonymous Coward" dude is going to be in a world of hurt.

data://

[LiENUS]

Now he just needs to get the javascript powering this to fit in a data:// uri and it can be entirely hosted in the url.

Re:data://

[Tablizer]

Write Linux in tight Perl, it'll fit.

Data URI Scheme

How is this different from the Data URI Scheme?

https://en.wikipedia.org/wiki/Data_URI_scheme

Re:Data URI Scheme

It's different because you have to go to some random website to decode it instead of relying on your browser to do the work.

A little disappointed

[Qzukk]

All this stuff about non-hosted content, and the image tag points to a wikimedia picture of a kitten instead of a data: URI?

Cool

I tried it out.

Re:Cool

[Noah+Haders]

OO

pretty cool, let's do it local

[Noah+Haders]

i think this is kind of cool. it's clear that there's some sort of server thing that interprets the URL and spits back friendly HTMLs. it would be cool if this could be done locally, so alls you would need is a shortened URL and you would get a page of content. it would work well for wikipedia.

Re:pretty cool, let's do it local

[driblio]

That's what it is. You need a server to download the JavaScript, but that runs locally, and generates the html/content.

Re:pretty cool, let's do it local

[Lennie]

Just run a 100k webserver with an embedded single HTML file running on 127.0.0.1

Re:pretty cool, let's do it local

[Noah+Haders]

huh i thought that it took the URL, read it, and then sent back the plaintext. with the message you suggest there wouldn't be any plaintext transfer over the internet. that's a cool idea! also, the summary said "break the internet", which doesn't refer to KimK but rather to the fact that this method would prevent both search engine bots and hyperlinking. Kind of the fundamental cornerstone of the internet!

Re:pretty cool, let's do it local

[Noah+Haders]

what is 100k webserver. is that an OS like apache?

Malware

[fragMasterFlash]

How many of these URLs already exist and how much malware are they hosting?

Because that does not trick shorteners

[SuperKendall]

Something like :

data:text/html,<html><body>Hello</body></html>

Will not be "shortended" by a url shortener like bit.ly, whereas the "#" embedding technique will (but then you need to know how to decode it)

Re:Because that does not trick shorteners

[Lennie]

I like how you can do both too (doesn't work with shortners):

data:text/html,onload=function () { document.write (document.location.hash) }#whatever

Re:Because that does not trick shorteners

Indeed. Still, far too much buzz in OP. Anchors and query strings have been used to store random data for a very long time, and there is notably the data scheme. It's just a basic combination of the two, and I'm pretty sure it's already been done in many forms before... It's also very easily filtered with a simple length limit, which probably is already in effect on many URL-shortening websites, reducing interest.

Plus you still do have to post the data online, leaving as much traces as posting anything else. The shortened link can be discovered and reported/filtered just as easily (they have been used for years, the industry knows all about them already).

And this will of course make a "great argument" for the industry to push for even more deep packet inspection, and to attack websites only linking to content even more ("the short URL is a synonym for the longer one, there is a strict equality between the two, so the short URL is just as illegal and anyone publishing it should be considered just as infringing, and we should really take this as an opportunity to generalize and consider any mention of illegal content as a crime against humanity").

Wow

[JustAnotherOldGuy]

My, what an exciting new way to fuck shit up and break all sorts of standards!

I just see an empty screen...

[fatquack]

and that's all. Why should I allow some unknown host to execute javascript?

Re:I just see an empty screen...

Why should you allow a known host to execute javascript?

Re:I just see an empty screen...

Congratulations on being better than us. Do you need to be at the gym in 26 minutes?

Your-Buddy's-Name-Here Article Generator

Cute concept.
Reminds me of gag websites where you'd put some text in the url and it would generate a fake news article condemning $name_in_url.
That, but more.

CGI?

Didn't CGI teach us that this is stupid?

WebSphere

[Tablizer]

Seems IBM WebSphere did something like that. Their default URL's were often longer than a Giraffe's intestines.

http://stackoverflow.com/quest...

Re:WebSphere

How many congressional football fields is that equivalent to?

WTF

First time I read the summary I was like WTF is this, an advertisement?

Second time, I'm still wondering WTF. Someone needs to go back and read what a URL (ahem, URI, excuse me) actually is. It's a LINK: connecting things... not storing app preferences and shit. That's like, real, old school... before sessions, and cookies!

Re:WTF

but but app preferences need apps to preference the apps!!

Re:WTF

[Intron]

First time I read the summary I was like WTF is this, an advertisement?

Second time, I'm still wondering WTF. Someone needs to go back and read what a URL (ahem, URI, excuse me) actually is. It's a LINK: connecting things... not storing app preferences and shit. That's like, real, old school... before sessions, and cookies!

At one time it was. Then on the second day Tim Berners-Lee said "Let there be forms"

So anyone can just submit their github project

[h33t+l4x0r]

And that gets to the front page now?

Re:So anyone can just submit their github project

[ThatsMyNick]

It the github/content is interesting, why not. Your question is like asking "So anyone can just write a few words in English, and that gets to the front page now?". Yes, and no. It depends on what those words are, and if they are interesting to the readers.

Re:So anyone can just submit their github project

[h33t+l4x0r]

Everyone thinks their own content is interesting. If it really *is* interesting, someone else will submit it.

Re:So anyone can just submit their github project

[ThatsMyNick]

But in this case, the users that browse the firehose and recommend stories, and the editors have found it interesting, so I dont see the problem.

Re:So anyone can just submit their github project

[h33t+l4x0r]

The link goes to a 2 day old undocumented and messy looking repo. So clearly those guys are asleep at the wheel.

Re:So anyone can just submit their github project

[ThatsMyNick]

People using the firehose. click a button to recommend stories. Obviously enough people recommended it. If they are a sleep, the story would like have been buried.

Re:So anyone can just submit their github project

But in this case, the users that browse the firehose and recommend stories, and the editors have found it interesting, so I dont see the problem.

The editors constantly post bullshit propaganda articles about climate change that have nothing to do with tech. So, clearly they're not doing their jobs.

Re:So anyone can just submit their github project

[Oligonicella]

What they do and what they *tell you* they do can be two entirely different things. This is after all, SlashDot, home of "don't give a shit about the users". You know, Beta, serial posts by favored buddies, etc.

would be slightly more impressive

...if the kitten image data was stored in the URL also.

This is a stupid idea

[ModernGeek]

This is against everything we know about cross site scripting. It is like having ?errormessage=text at the end of a URL. We know the security implications of this, and we know not to do it. The potential for abuse is way too high.

Re:This is a stupid idea

[Lennie]

If you are worried about that, add some CSP (Content Security Policy) headers to the hosted HTML file.

And there's always nginx rewrite, too — mdoc

[ConstantineM]

I might be subjective as I'm the author of it, but this somewhat remind me of my http://mdoc.su/ project, which is what I call a deterministic URL shortener, or, perhaps, better yet, a semantic URL provider.

The whole source code is an nginc.conf configuration file, and is just a bunch of regular expressions and `rewrite` and `location` rules, available under an BSD/ISC licence, of course -- that's the one that comes with "no strings attached", BTW!

http://mdoc.su/
http://mdoc.su/FreeBSD-10.2/fs
http://mdoc.su/f102/resolvconf
http://nginx.conf.mdoc.su/mdoc...
https://github.com/cnst/mdoc.s...

Old news

Google "bookmarklet"

Pointless

So after about 1 day all the URL shorteners will only store the first 8 characters or so after the # in a URL, ensuring that most actual links to articles scroll to the correct location, but stupid tricks like this don't work.

Re:Pointless

You can put the data in a URL parameter (?...) instead of the fragment identifier (#...). Then they would have to limit the length of the URLs they will shorten, which kinda defeats the purpose of a URL shortener.

Try ascii art

Get creative, like this.

Strong caching

They could use an insanely high max-age header or the HTML5 Application Cache to make this truly server-less. Each browser would contact the server only once.

Ingenious

[Jo+Inge+Arnes]

I love this idea! Also, I have to add something: If the URL-shortner uses 302 to redirect to the full URL, the content part behind the anchor/hash will not be sent to the server. It will still available to the JavaScript returned from the server that is run in the browser. So the server will not know about the content. (This feature is already used by e.g. OAuth2) In addition, instead of accessing a remote server, the URL could point to localhost, and the user could run the "content unpacking" webserver locally (and maybe automatically prevent any unwanted cross-site requests, since this is the default behaviour of the browser)

Re: Ingenious

[Jo+Inge+Arnes]

The important part is of course the legal questions it raises.

Google already did it!

Image search thumbnails are all in the url.

At the very least it's an unethical hack

[mariox19]

A person could use this app to run a blog of sorts, and as popular as it became the blogger would be hosting it on the cheap. You host the app and tweet the shortened URL's. The content is hosted, but not by you. The URL shortener hosts the content. But unlike LiveJournal or Wordpress.com, the URL shortener never agreed to hosting your content. You've essentially repurposed its functionality and subverted its intent.

I'm guessing the various URL shorteners will respond to this very quickly. The hack will end up being as short-lived as it is cool.

Re:At the very least it's an unethical hack

[narcc]

I have a different prediction: This "hack" will continue to function unabated as it won't generate enough interest to warrant action.

Da farq....

[Zanadou]

Jesus fa... what the fuck did I just read???

It reads like it's being said by an eight year old girl who's just been given two double espressos and a new kitten.

Re:Da farq....

Oh good, it's not just me.

But on the upside, KITTENS!

Congratulations

Dear Mr Fister,

You pretty much stole this from http://hashb.in/ and tweeted it for recognition.

Now you will be known as the smarmy jerk that got Javashitheads excited about breaking conventions.
Further, you just made it so url shorteners are going to get stringent and check if url parameters are obvious encoded (base64, etc).
As others have said, this will be short lived.

I really hope you enjoy these 5 minutes of fame. I will be sure to never hire anyone like you.

BTW, great last name. you make terrible typefaces.

Re:Congratulations

[sims+2]

Someone mod parent up.
Hashb.in has been around for several months longer.

Mr fister may have not known about it tho.

Re:For the love of god...

Overreact much?

T-shirt business?

[CanEHdian]

This will break the T-shirt business! All those whose living depends on selling t-shirts with DeCSS source code, "09 F9" AACS key, etc. as all we need now is a shortened url (white t-shirt + that marker that you have still have from freeing CDs from Sony's key2audio protection).

data URI

There are some examples of URIs that contain their data using the "data" URI scheme.

Mobile Gaming application of concept

[Cruciform]

Since getting at game saves is not something the average user can easily do in most cases on mobile platforms, would this be a useful method for sharing save games?
Just drop a URL to the desktop and now anyone can have full hearts, the champion sword, and the unobtainium underpants.

This raises the question about who is hosting

[wisnoskij]

This raises the question about who is hosting the content and it will probably break the internet.

No, absolutely not. No on both those assertions. In fact, it really clears up who is responsible for the content of the link. As the same host contains both the "link" and the data. People have been converting data to text and embedding it directly into HTML pretty much since HTML has existed. It is neat if often the wrong way to go about it, but also very useful for userscript developers.

Re: For the love of god...

No.

Not a Broken the Internet issue !

[andy+carrol]

As i felt that is the ISP related issue. if you don't getting internet properly. So try some other internet connection. Host it via a URL-shortener is the some old way technique to saturate the internet connection and redirect according to Google's shortener policy.

It's kind of hard to Google punctuation

[tepples]

That someone on friggin' slashdot has no clue what the # in a url is, and thinks that asking it is easier than just friggin' googling it
# is punctuation, and general-purpose web search engines have historically choked on queries not for letters or digits.

Client application for which platform?

[tepples]

You should write a client application.

If this client application is developed for Windows, good luck running it on a Mac. Or if this client application is developed for OS X, good luck running it on a Lenovo. Not everybody has the money to maintain 14 different client applications, one for each platform, even if they do share some of the code.

Validate input on both client and server

[tepples]

Client side input validators LOL.

Where do you work?

Presumably somewhere that realizes the value of validating input once quickly on the client and again securely on the server.

Collapsing a subtree

[tepples]

If you're so dead-set against JavaScript, would you rather have to reload all comments to a Slashdot article every time you expand or collapse a subtree?

On which platform?

[tepples]

Three million downloads across how many different platforms' app stores? How do you normally reply when someone asks about wanting to use your client application on a platform for which your client application is not currently available?