I’ve noticed a rise in people sharing links to YouTube, Instagram, Twitter, TikTok, and reddit that include tracking parameters in the URL.
It might largely be harmless for now, but it’s not good to let companies build a web of links between users of this site, and to link the usernames of users on this site to their off-site accounts, which may include sensitive info.
SM | URL Part | Appearance in URL | Filtration technique |
---|---|---|---|
Youtube | Query | ?si=* | Remove query string |
Query | ?igshid=* | Remove query string | |
Query | ?t= | Remove query string | |
Tiktok | Subdomain and path | (vm/vt).tiktok.com/(random_string) | Block |
Path | /(sub_name)/s/(random_string) | Block |
This site should only allow canonical links to the content to limit the information exposed.
For users submitting links in the meantime, on Android there’s URL sanitizing apps that add “share providers”, like “URLCheck” (fdroid, github), so if you’re generating share links on Android you can send them to that app first or make it your default URL handler and let it sanitize the links on your clipboard.
Probably worth going to upstream Lemmy, though I guess ultimately federated links should be subjected to the same sanitization as as links submitted here directly.
There’s code out there that can be implemented, probably best as some updateable list of regex filters per domain that instances can be maintained in between backend updates.
This seems useful. I have a redirect extension on my computer but still do a lot of link sharing with friends on discord. Always hated how modern links are 98% tracking data. I’ve occasionally manually stripped out all the extra shit when I realized I posted a link that is a wall of text but having an app do that on the go sounds great.
Most of my friends don’t really do tech and don’t really care about this stuff but I try to avoid metadata spam or affiliate linking where I can.