Hacker News new | past | comments | ask | show | jobs | submit login

I fail to understand how you'd "unmask" a backend-obfuscated URL (where you just have an ID, and there's no way to get the target URL by just looking at the URL) without opening the URL, defeating the purpose of improving privacy we're discussing here.

Or maybe you and OP don't care about the privacy part of the problem, and you just want to automate getting the "canonical" / "non-personal" one from the "masked" one?




a service expanding that link one time to give you the underlying static url without tracking before sharing is far better than even one real person clicking it, wouldnt you agree? the trackers would know at least one person clicked it but thats about it?


To you and sibling comment: oooookay, you're thinking from the position of an obfuscated link sharer/sender, not receiver.

You want ClearURLs (or something else) to always resolve to a canonical link, so that you're easily able to share this canonical URL, and to never have a tracked URL in your URL bar so that you don't share it by mistake. Makes sense.


Precisely. Just because we can't stop unique URLs from being created doesn't mean we should just keep using them ourselves.


This works if the sender of the shortened link wants to protect other's privacy preemptively. Then they could certaintly follow the link, log a single click, then grab the final url and share that.

But the average person isn't going to do that. They will share the nice, short, pretty url that tiktok gives them. But once someone gives you that shortened url, there is no way for you to view the video on the other end of that URL without being tracked. You would need to follow the link, tiktok would track you, only after they have logged the data will they send your browser a redirect to the proper url.


Unless your computer looks up the Url from a service.


I can think of two ways of doing this:

1. When I go to share a link, automatically trace it and remove all tracking so I get the final URL without any tracking parameters attached.

2. When I am sent a link with tracking parameters as a part of it, or a shortened link, send it to a remote server which will follow the links until it finds the final destination and removes tracking parameters, then send it back to me.

Both approaches have downsides. The first is nice for when I send a link to a friend but not when I get a link in an email from a company. This happens to me all the time and since I use NextDNS to block trackers I often can’t even get to the final website because of the various trackers I would have to go through to get to it which are blocked at the DNS level. I am still trying to figure out a good solution to this.

The second has the obvious privacy problem: who is watching the watchers?


because the service accesses the link and follows the redirects and then returns the final link to you, with tracking removed




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: