Re: [whatwg] getting rid of anonymizing redirects

On Tue, Oct 7, 2014 at 8:28 AM, Peter Lepeska <bizzbyster@gmail.com> wrote:

> Looks like this is already supported:
> https://html.spec.whatwg.org/multipage/semantics.html#link-type-noreferrer
> .
>
> Just need to educate web developers to you use it.
>

It's a bit more complicated. The redirector use case has many dimensions:
a) site wants to anonymize the referrer (and do so reliably across all UAs)
b) site wants to log the navigation for analytics (sync XHR = bad, <a ping>
has limited support, Beacon is FF/Chrome only)
c) site wants to log native-app visits and add "attribution" to their
native app - e.g. G+ app clicks are shown as plus.google.com in referrer
logs.

In theory, (a) and (b) are addressed by new APIs. In practice, due to old
UAs + implementation differences, redirector is *way* easier - don't have
to perform UA detects, etc. (c) is a whole different story.. and the reason
many teams like the redirector route is that it allows them to reuse the
same path for web and native.

To be clear, I'm not endorsing the pattern.. I'd love get rid of it. That
said, just want to relay the feedback I've received in the past.

- we need referrer logic implemented consistently.
- we need Beacon available in all browsers.

Also, preconnect support can also help speed things up for redirector case:
http://w3c.github.io/resource-hints/#anonymizing-redirect-preconnect

ig

Received on Tuesday, 7 October 2014 22:14:23 UTC