Lack of interest Links in private forums

This suggestion has been closed automatically because it did not receive enough votes over an extended period of time. If you wish to see this, please search for an open suggestion and, if you don't find any, post a new one.
Spenser

Spenser

Active member
Hi!

I would really appreciate to hide links in private/hidden forums from appearing in the referer.
In some circumstances it would be better if the link target doesn't get to know from where the visitor was coming.
Links in public areas don't bother, they can be viewed anyway. But links in hidden areas should stay hidden.
 
Upvote 1
This suggestion has been closed. Votes are no longer accepted.
Just an FYI, but all links are no follow, except those posted by Administrators and Moderators.

I believe there is already a suggestion to allow for no follow links to be configured for those too.
 
It's not about "no follow", which (if I got this right) is for search engines.

What is needed from my point of view is a de-referer for outgoing links that are used by users in private forums.

An example: I made a thread name "Something stupid" (also could say "legal claim" or something like that). In the first post there is a link to some website.
If I click on this link, that's what is written to target server's log about me:
Code: 
http://forum.computerbetrug.de/threads/something-stupid.35336/
So they see that
a) we have a non-public area
b) we consider their website to be stupid (or: want to go to court against them or something else)
c) the exact address of the page that contains the link

This is not the best way to include links in private areas...
 
Basically you wish to hide the referrer URL information.

I would make the suggestion that you do not want to do this, but you seem to know what you want.

On a page level you can modify the PAGE_CONTAINER template. You would wrap the code in a conditional statement so only the private forums are affected.

Your request is a very unique customization that simply would not be provided by any mainstream software.

As a thought, if the forums are indeed private then it shouldn't matter. If the target website sees your site contains the referring page, they can't access your private forums unless you grant them access.
 
Spenser has a very good point actually. I never thought of that myself either, in all the years of running a forum. Maybe this would be best as a plugin?
 
Ryan Kent said:
Your request is a very unique customization that simply would not be provided by any mainstream software.
Click to expand...
As this was included in vb, I don't think that this is so unique and thus it was included in some mainstream software.
vb provided a de-referer for links in private forums. I don't think this would be a great deal in xenForo.
 
Spenser said:
BTW: why do you think that I should not want this?
Click to expand...
Because it adds customized code to your site which does not offer you or your members any value except to increase your perceived privacy. It's a step above disabling right-click on your forum. You already said your forums were private so THAT is your privacy protection.

If you desired to hide this information, a better approach would be rewriting it on outbound request to be the same as the HTTP_REQUEST URL. This approach offers the privacy you seek, and provides an valid response so bad server scripts which use this data will still work, and it maintains the idea that no data coming from the client should be depended upon.

There a so many important issues with creating a website and life in general, that this item seems like an absolutely silly way to invest your time and energy. It's my personal view. You are welcome to yours.
 
Spenser said:
BTW: why do you think that I should not want this?
Click to expand...
I agree, this is a standard feature with VB and I'm pretty sure all the other ones as well.

I'd have thought it would have been common sense that a private forum is private and that you don't want to go leaking thread titles to external sites.
 
Ryan Kent said:
Because it adds customized code to your site which does not offer you or your members any value except to increase your perceived privacy. It's a step above disabling right-click on your forum. You already said your forums were private so THAT is your privacy protection.
Click to expand...

There are many forums out there that have to deal with legal problems. We get sued every now and then by people who do not like what we do (we offer information about internet related fraud and different kinds of internet related crime).
When getting sued we have to discuss our strategy and lots of different things to get prepared. Many times we collect evidence and information by adding links to our articles. I consider it to be important to keep as much of these private until we get to court. It is not impossible to do this without links, but it's uncomfortable.

OK, there are lots (probably most) forums out there, that don't have to care about things like referrer data in HTTP requests. But for some it is essential. Everything is "customized code" from some point of view, no matter what you do. I really don't think the integration of a de-referrer is a huge problem (especially others have it, too).

I wish I could say it was a "nice to have", but in fact for some customers this may be an essential function.
 
akia said:
I'd have thought it would have been common sense that a private forum is private and that you don't want to go leaking thread titles to external sites.
Click to expand...
I must admit that I was a little bit suprised when I saw that this was not included in xenForo. Not a big deal in this state of development, but I think it's important to talk about such a privacy function for later releases.
 
I have to admit that I'm scratching my head about saying this is included in other software as I simply haven't seen it - though maybe I've missed it. It's a fundamental element of browsers, so it's not something that software itself can just turn off.

The issue may not be as obvious in other software if that software doesn't include anything other than a thread ID. You can turn off titles in links in XenForo, though that's probably too aggressive.

Another way is to use SSL (https), as browsers don't send outside referrers then.

Otherwise, the only real method is to rewrite links through an anonymizer service (which really just sends you to a particular page and shows that as the referrer). This is probably the only generally applicable way.
 
Interesting, I always thought everything inside a private forum would be "private". I never considered "follow / no follow" an issue. I could definitely see how this could be beneficial. In fact, I would think the toggle would be reversed as something you could turn on if you wanted and not off.
 
Mike said:
It's a fundamental element of browsers, so it's not something that software itself can just turn off.

(...)

This is probably the only generally applicable way.
Click to expand...

To your first point: that is partly wrong. You can't tell a browser from a forum software's point of view not to give a referrer to the link target. But you can rewrite the referrer by directing links through a de-referrer. That is - in the simplest way - a quite neutral looking web page.

You can apply it globally, that is right. vb does it only in private forums. I think that this is done while loading the articles from the database (as it changes while moving articles). The links in the article are rewritten as they are displayed, I think.
Instead of www.target.com they say www.myforum.com/dereferrer/www.target.com. So the target server only sees www.myforum.com/dereferrer/www.target.com in the logs.

Doing this globally is a to hard way as normally a referrer is an important information and it belongs to the internet as it works. But in some circumstances referrers can be a danger. And this is why I am posting this.
 
Spenser said:
This is an issue, but the smaller one in the context.
Click to expand...
How can this be a privacy related issue in any way?

Follow / Nofollow is specifically a search engine metric. It's sole purpose is to determine whether you are endorsing the link's target. That tag doesn't offer any form of privacy.
 
Spenser said:
That depends on the search spider and whether it makes use of referrer headers.
Click to expand...
That is not correct.

All major search engines follow the link regardless of the "follow/nofollow" tag. The difference between search engines is whether they provide page ranking value to the linked page.
 
When a spider follows a link and provides a referrer header to the target server, this IS a threat to privacy.
When a spider follows a link and does not provide referrer information, this is no threat to privacy.

What is wrong about that? There is/can be a privacy issue.

Passing referrer information is subject to the client - in this case the spider. The client decides, what information it delivers to the target.
 

Similar threads

Hausmeista
  • Question Question
Allow hiding attachment thumbnails from guests
Replies
3
Views
241
Hausmeista
Hausmeista
TheStoryTeller
  • Question Question
MG 2.2 Pictures pasted from private forums don't show in posts.
Replies
5
Views
333
TheStoryTeller
TheStoryTeller
CavySpirit
  • Question Question
XF 2.2 Member "Update Status" -- color me confused
Replies
2
Views
670
CavySpirit
CavySpirit
ArtG
Growing a forum community in 2023
3 4 5
Replies
81
Views
8K
⭐ Alex ⭐
⭐ Alex ⭐
A
  • Suggestion Suggestion
Lack of interest Add rel="nofollow" to the links in the insert media pop-up window
Replies
1
Views
634
Chromaniac
Chromaniac
Top Bottom