XF 2.2 Is there any built-in feature or addon that prevent link masking?

Kacee

Kacee

Active member
For example, one could post a link like this https://google.com and trick people into thinking that will lead to google, but in fact it leads to bing...

Is there any built-in feature or addon that check to see if the link text is an URL and use it as the real destination URL instead of the provided one?
 
Sort by date Sort by votes
while this is not what you are looking for but it does help me in a lot of scenarios.

xenforo.com

Unmaintained - [rellect] Favicon For Links

This version compatible with xenforo 2.x. For the xenforo 1.x version click here. What's a Favicon A favicon is a graphic image (icon) associated with a particular website. Browers display them as a visual reminder of the Web site identity in...
xenforo.com xenforo.com
 
Upvote 0 Downvote
Kacee said:
trick people into thinking that will lead to google, but in fact it leads to bing
Click to expand...
And that's different than "spoofed emails" how?
There is a method for the users to manually check when using desktop... simply hovering over the link.


Screen Shot 2023-07-01 at 11.09.10 PM.png

With the iPhone, simply press on the link and hold and you get a preview. Takes a few extra seconds... but if security is a concern then the user will already know about this and utilize it.

Since you can link any text to a URL, I doubt there's going to be an easy way to prevent it from happening. If you have users doing this, then moderation is the appropriate venue to handle it.
 
Upvote 0 Downvote
Tracy Perry said:
And that's different than "spoofed emails" how?
There is a method for the users to manually check when using desktop... simply hovering over the link.


View attachment 287934

With the iPhone, simply press on the link and hold and you get a preview. Takes a few extra seconds... but if security is a concern then the user will already know about this and utilize it.

Since you can link any text to a URL, I doubt there's going to be an easy way to prevent it from happening. If you have users doing this, then moderation is the appropriate venue to handle it.
Click to expand...
So you have to do that and told your user to do that with every links on your forums? It is not a security concern, it is an inconvenience and I would like to find a way to help my users avoid it.

A simple way is to check to see the link text is an proper URL and use it instead of the provided URL, I can't see any legitimate reason for anyone to do that.

Thanks.
 
Upvote 0 Downvote
Kacee said:
So you have to do that and told your user to do that with every links on your forums? It is not a security concern, it is an inconvenience and I would like to find a way to help my users avoid it.
Click to expand...
As long as you can enter text, then link that text to a URL it is going to happen. The users simply need to have some responsibility for their own safety.
As for the issue I give you:
https://whitehouse.gov
It is a classic example.. it's text that I entered.. then used the link button to link to a URL. Anyone familiar with simple BBCode can do that even if you remove the Insert Link option from the editor menu.
All it takes is entering this directly into the editor
Code: 
[URL='https://thepipestand.com']https://whitehouse.gov[/URL]

What you are wanting to do is confirm that the text that the user sees is the exact link that is utilized.... and as I've explained, by the very nature of the editor and use of BBCode, that cannot easily be done. Pretty sure this issue is present in ANY online editor that allows use of BBCode and/or html to be created.
You may be able to engage a 3rd party developer to code an add-on that replaces the Link URL BBCode and put in validation/match checking.
 
Last edited:
Upvote 0 Downvote
Chromaniac said:
Honestly. He can just use this.

xenforo.com

Unmaintained - [XTR] External Links Redirect Warning

[XTR] External Links Redirect Warning This addon allows you to show a warning block with the countdown timer before redirecting to users targeted external urls. Options Style Properties Advertising Permissions Result Fluid Boxed...
xenforo.com xenforo.com

Should work for his purpose.
Click to expand...
Think at one time for the 1.x line there was also an add-on that warned you when you were going to an outside source....
Pity that it's not a built in feature.
At around $40USD a year to keep it "updated"... rather expensive for what it offers. I pay slightly more than that for one of Bob's add-ons.
 
Last edited:
Upvote 0 Downvote
Tracy Perry said:
You may be able to engage a 3rd party developer to code an add-on that replaces the Link URL BBCode and put in validation/match checking.
Click to expand...
that is EXACTLY what I am asking, and I'm pretty sure it can be done, easily I might add. In fact I will take a look, it's been 10 years or so since I did any serious coding but I'm having some free time at the moment.
 
Upvote 0 Downvote
And yet another paid "solution" to a simple thing that in todays era should actually be built in... but with the lack of concern from the @XenForo developers we see for such simple improvements... odds are they'll continue to push this type of stuff off to third parties at the continued further cost for their license holders. Seems such simple stuff as this is "to much of a hassle" for them.
And in case you can't tell.. yes, I'm somewhat exasperated with the XF "plan" for their continued existence... honestly, if it wasn't for the many third party developers... they'd be having severe issues with their continuing financing. For many things.. they are WAY to dependent on outside resources to provide basic (and expected) features.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Jashugan
  • Question Question
XF 2.2 Are "similar threads" a built-in feature, or an addon?
Replies
1
Views
486
Paul B
P
Rom
  • Question Question
XF 2.1 Is there feature or add-on that will read another website's rss feed and create threads for each item? thanks for any info
Replies
2
Views
355
Rom
Rom
Back
Top Bottom