outbound link wrapper
This article is a stub. You can help the IndieWeb wiki by expanding it.
outbound link wrapper is a domain and service used by a site (like a social media silo) to create links from that site to other sites, using that domain for such links instead of the URL to the actual link to another site.
Some outbound link wrapper are also link shorteners.
When use of a link wrapper also hides the actual outbound link (not displayed or easily inspectable by users), itβs also considered link obfuscation, and the mechanism itself a link obfuscator.
Purpose
Link wrappers are used for the following ostensible purposes by the sites that operate them:
- Analytics on outgoing link clicks
- Removing HTTP referrers to prevent receiving websites from knowing the origin of the incoming visit
- Quickly preventing users from following links that go to harmful/malicious webpages
Examples
- href.li used by Tumblr and WordPress.com
- l.facebook.com/l.php used by Facebook
- lnkd.in used by LinkedIn
- t.co used by Twitter
Criticism
Adds an additional point of failure to the web
Some of the link shorteners, such as href.li, tend to go down fairly often, or are blocked by privacy-preserving browser extensions, causing people to be unable to easily follow those links.
Not actually necessary for analytics
Outgoing link tracking would be better-served with a simple JavaScript library that tracks link-clicking behavior; this would prevent spurious clicks from being detected by search agents (e.g. web crawlers), and would also make it much easier for users to disable these unwanted intrusions into their privacy.
Not necessary for referrer removal
Standard HTML provides rel="noreferrer"
for this purpose, as a standards-based mechanism which the vast majority of browsers support at this time.
Makes link-sharing much more difficult
Adding a wrapper to an outgoing link means that a user trying to copy a destination URL will end up needing to clean up the link in order for it to actually be readable, and if the link isn't cleaned up, then it ends up affecting the analytics anyway.
Not necessary for threat mitigation
A JavaScript library could be used to change the browser behavior to consult a link for safety before trying to visit it, and this isn't even strictly necessary as every major browser has built-in link threat protection at this point anyway.
Breaks Webmention and rel="me"
Webmention and RelMe both require that the link from the source page be exact, to simplify the validation of the link. It would be a major burden to require the validating endpoint to query every link on the source page to verify that it redirects properly.
Outbound link wrappers enable silos to selectively block or slow down access to sites they dislike for any reason.
For example, in 2023 August, Twitter/X added a five-second wait to resolving t.co links to specific websites like the New York Times, Facebook, Instagram, Threads, Substack, Bluesky, and Reuters:
- 2023-08-15 WaPo: Elon Muskβs X is throttling traffic to websites he dislikes / The site formerly known as Twitter added a five-second delay when a user clicked on a shortened link to the New York Times, Facebook and other sites Musk commonly attacks, a Washington Post analysis found
- 2023-08-15 X, formerly Twitter, slowed down access to Threads, The New York Times, Bluesky and more