• Buffalobuffalo@reddthat.com
    link
    fedilink
    English
    arrow-up
    39
    arrow-down
    2
    ·
    edit-2
    1 year ago

    Edit, looks like Firefox is smarter than me, ignore this.

    I don’t know what the link was doing, but just because FF thought it was “tracking info” does not mean it was nefarious. It could be used for authentication or security. I have not tested it, but I presume this would break a “reset your password” email link.

    • Knusper@feddit.de
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      I’m rather certain, the way it works is that it removes parameters that are named like well-known tracking parameters. For example, most webpages use Google Analytics, so you see UTM parameters everywhere.

      A “reset your password” link could theoretically use a parameter that’s named utm_content, then it would presumably get removed by this feature, but I see no sane reason why one would name their password-reset parameter like that.
      In general, such tracking parameters are usually named in a way that it will rarely clash with other parameters a webpage may want to use, so for example they may have a prefix like utm_.

        • Knusper@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Stripping all GET parameters would break many, many legitimate webpages. 🫠

      • Buffalobuffalo@reddthat.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Looking at some comments on the linked post, I think you are right, and it would probably be fine for things like a password reset. I could play around with it, but my laptop is in the other room.