URL shortening: Difference between revisions

For information about human generated short URLs on Wikipedia, see WP:WP and mw:Manual:Short URL.

URL shortening is a technique on the World Wide Web in which a Uniform Resource Locator (URL) may be made substantially shorter in length. This involves using an HTTP Redirect on a domain name that is short to link to a web page which has a long URL. For example, the URL http://en.wikipedia.org/wiki/URL_shortening can be shortened to http://goo.gl/Hsxsn and http://goo.gl/m0GwG

Purposes

There are several reasons to use URL shortening:

Avoid URL garbling

Some web developers tend to pass descriptive attributes in the URL to represent data hierarchies, command structures, transaction paths and session information. This may result in a URL that is aesthetically unpleasant and difficult to remember. Copying a URL that is hundreds of characters long can make the URL garbled. Thus a short URL is more useful to copy from an e-mail message or forum post.

Use the smallest space possible

On Twitter and some instant-messaging services, there is a total character limit to messages. Using a URL shortener can enable users to include a URL that would not fit. Tinyarro.ws and qoiob.com use Unicode characters to achieve the shortest URLs possible, since more shortened URLs are possible with a given number of characters compared to those using a standard Latin alphabet.^[1]

A QR Code that stores a URL can be more readable by using a URL shortener to minimize a URL it encodes.^{[citation needed]}

Reading aloud

To accomplish this objective, any URL-shortening service can be useful. However, those which let the user choose the URL are more suited for this task. Some shortening services, such as tinyurl.com and bit.ly, can generate URLs that are human-readable, though the resulting strings are longer than those generated by a length-optimized service.

Manipulating visitors

URL shortening is a special kind of URL redirection, which is sometimes used in pranks, phishing, or affiliate hiding. For example, a TinyURL link could redirect to a well-known shock site. Some of these services (such as the now-defunct br.st) have started filtering all shortened links through services like Google Safe Browsing.

Linking to blacklisted domains

Many sites that accept user submitted content block links to certain domains to cut down on spam. Linking to a URL shortener that redirects to a blacklisted domain allows spammers to bypass this restriction. For this reason, known URL redirection services are often themselves added to spam blacklists.

Unsupported schemes

Most URI schemes are supported by URL shorteners, including http:, https:, ftp:, pop:, imap:, nntp:, news:, ldap:, gopher:, dict:, dns:, etc.

However, data: and javascript: URLs are not typically supported for security reasons.

Techniques

Every long URL is associated with a unique key, which is the part after http://domain.tld/. For example http://tinyurl.com/m3q2xt has a key of m3q2xt.

There are several techniques to implement a shortening.

• Keys can be generated numerically in base 36 assuming 26 letters and 10 numbers. The keys in order would be 0, 1, 2, ..., 9, a, b, ..., z. If uppercase and lowercase letters are accepted then the number should be in base 62 (26 + 26 + 10).
• A hash function can be made or a random number can be generated so that key sequence is not predictable
• Users can propose their own keys. For example, http://en.wikipedia.org/w/index.php?title=TinyURL&diff=283621022&oldid=283308287 can be shortened to http://tinyurl.com/w1k1t1ny.

For redirection techniques, see URL redirection.

History

The idea of URL shortening dates to at least 2001.^[2] The first notable URL-shortening service, TinyURL, was launched in 2002. Its popularity influenced the creation of at least 100 similar websites^[3] Most are simply domain alternatives.

Initially Twitter automatically translated long URLs using TinyURL. As of 2009, it began using bit.ly.^[4]

In May 2009 .tk, which previously was used to generate memorable domains via URL redirection, launched tweak.tk,^[5] which generates very short URLs such as http://mxtux.tk/.

On 10 August 2009, tr.im, a notice shortening service announced that "[s]tatistics can no longer be considered reliable, or reliably available going forward" and that it was shuttering the generation of new shortened URLs, but assured that existing tr.im short URLs would "continue to redirect, and will do so until at least December 31, 2009". A blog post on the site attributed this move to several factors, including the lack of suitable revenue generation mechanisms to cover ongoing hosting and maintenance costs, lack of interest among possible purchasers of the service, and Twitter's default use of the bit.ly shortener.^[6] This blog post also questioned whether other shortening services can successfully monetize URL shortening in the longer term. A few days later, tr.im reversed itself on this move, announcing it would resume all operations "going forward, indefinitely, while we continue to consider our options in regards to tr.im's future"^[7]

On 14 August 2009, WordPress announced the wp.me URL shortener for use when referring to any WordPress.com blog post.^[8]

In November 2009, shortened links on bit.ly were accessed 2.1 billion times.^[9] Around that time, bit.ly and TinyURL were the most widely used URL-shortening services.^[9]

In December 2009, the URL shortener TO./ NanoURL was launched by .TO. The service creates a URL address which looks like http://to./xxxx, where xxxx represents a combination of random numbers and letters. NanoURL currently generates the shortest URLs of all URL-shortening services, because it is hosted on a top-level domain (the one of Tonga). This rare form of URL may cause problems with some browsers, which interpret this as a search term and look it up on a search engine, instead of opening it.^[10]

On 14 December 2009, Google announced a service called Google URL Shortener at goo.gl, which originally was only available for use through Google products (such as Google Toolbar and FeedBurner.)^[11] It does, however, have two extensions (standard and lite versions) for Google Chrome.^[12] Since September 2010 it has become available via a direct interface. On 21 December 2009, Google also announced a service called YouTube URL Shortener, youtu.be^[13]

Criticism and problems

The convenience offered by URL shortening also introduces potential problems, which have led to criticism of the use of these services.

International law

Shortened web links typically use foreign country domain names, and are therefore under the jurisdiction of that nation. The nation of Libya, for instance, exercised its control over the .ly domain to shut down vb.ly in October 2010 for violating Libyan pornography laws. This precedent may pose a threat to bit.ly, the most widely used URL shortener, which is also under Libyan jurisdiction. As a general matter, the use of URL shorteners and investment in URL shortening companies may reflect a lack of due diligence.^[14]

Linkrot

Short URLs are subject to linkrot. In case the service stops working, all URLs related to the service will become broken. This problem is emphasized by the concern that many existing URL-shortening services may not have a sustainable business model in the long term, which was highlighted by the statement from tr.im in August 2009 (see above)^[9] In Fall 2009, the Internet Archive started the "301 Works" projects, together with twenty (initially) collaborating companies, whose short URLs will be preserved by the project.^[9]

Closure by Internet service provider

URL-shortening sites are sometimes shut down by their hosting Internet service provider (ISP) because of links being used for illicit purposes. For example, upon closing operations, "u.nu" announced^[15]:

The last straw came on September 3, 2010,

when the server was disconnected without notice by our hosting provider in response to reports of a number of links to child pornography sites. The disconnection of the server caused us serious problems, and to be honest, the level and nature of the abuse has become quite demoralizing. Given the choice between spending time and money to find a different home,

or just giving up, the latter won out.

Other issues

Users may be exposed to privacy issues in that the URL-shortening service is in a position to track a user's behavior across many domains.

Short URLs add an additional layer of complexity, that is, every access requires more requests (at least one more DNS lookup and HTTP request), thereby decreasing overall reliability (as the shortening service may become unavailable), and increasing latency. Another operational limitation of URL-shortening services is that browsers do not resend POST bodies when a redirect is encountered. This can be overcome by making the service a reverse proxy, or by elaborate schemes involving cookies and buffered POST bodies. However, these techniques present both security and scaling challenges, and are therefore not used on extranets or Internet-scale services.^{[original research?]}

A short URL obscures the target address, and as a result it is sometimes used to redirect to an unexpected site. Examples of this are rickrolling, redirecting to scam and affiliate websites, or shock sites and redirecting to malware and XSS attacks. ZoneAlarm has given the warning "TinyURL may be unsafe. This website has been known to distribute spyware." TinyURL has countered this problem by offering an option to present a link when using TinyURL, instead of redirection.^[16] In addition, even if the link does not include a preview, the preview may still be accessed by simply prefixing the word "preview" to the front of the URL (Ex: http://tinyurl.com/8kmfp could be retyped as http://preview.tinyurl.com/8kmfp) to see where the link will lead. Not all protocols are shortened. Services such as Protocol Free URL Shortener made a difference in the way protocol- based URLs were being accessed. Protocols including http|https|ftp|ftps|mailto|news|mms|rtmp|rtmpt|e2dk started to be shortened by such services. Opaqueness is also used by spammers, who use such links in spam to bypass URL blacklists. TinyURL, in turn, disables spam-related links from redirecting.^[17]

Some URL-shortening services support forwarding of mailto URLs, as an alternative to address munging, to avoid unwanted harvest by web crawlers or bots.

Blocking

TinyURL is reported to be blocked in Saudi Arabia.^[18]

In addition, some websites have responded by blocking short, redirected URLs from being posted:

• In 2006, MySpace banned posting TinyURLs^{[citation needed]}
• Yahoo! Answers blocks postings that contain TinyURLs^{[citation needed]}
• In 2009, the Twitter network replaced TinyURL with Bit.ly as its default shortener of links longer than twenty-six characters^[4]
• Panera Bread blocks access to TinyURL within its free Wi-Fi network^[19]
• Craigslist does not appear to accept Bit.ly links in its posts.^{[citation needed]}
• Wikipedia does not appear to accept links by any of the common (and less common) URL-shortening services in its articles.^{[citation needed]}
• Facebook blocked TinyURL and Bit.ly links in July 2010 as part of what it called a "temporary spam prevention measure." ^{[citation needed]}

Security professionals are also suggesting users to always preview the short URLs before accessing it, especially after the shortener service cli.gs got hacked, exposing millions of users.^[20]

See also

• Link rot
• URL redirection

References

1. TinyArro.ws - FAQ page
2. "Comment thread 8916". Metafilter. 10 June 2001; Announcement of URL shortening service available at makeashorterlink.com
3. "URL Shortening Services" shortenurl - Supported URL-shortening services
4. Wortham, Jenna (7 May 2009) "Bit.ly Eclipses TinyURL on Twitter" Bits (blog at The New York Times). Retrieved 1 January 2011.
5. "TweaK is the Shortest URL". TweaKdotTK - Twitter.
6. [blog.tr.im/post/159369789/tr-im-r-i-p Blog]^{[dead link]}
7. [blog.tr.im/post/160697842/tr-im-resurrected Blog]^{[dead link]}
8. "WP.me — Shorten Your Links" WordPress. 14 August 2009.
9. Ahmed, Murad (7 December 2009). "New Project in Scramble To Save Vanishing Internet Links — The Internet Archive Is Fighting To Preserve Shortened Web Links Created by Free Online Services That May Be Running Out of Money". The Times. Retrieved 1 January 2011.
10. ".TO ccTLD Becomes Worlds Shortest URL Shortener" DomainNameNews. 3 March 2009.
11. "Making URLs Shorter for Google Toolbar and FeedBurner". Official Google Blog. 14 December 2009.
12. goo.gl "URL Shortener — Google Chrome Extension Gallery".
13. "Make Way for Youtu.be Links" YouTube Blog. 21 December 2009.
14. Staff writer (14 October 2010). "Law, Politics and Internet Addresses — Tough.ly/Treated — Shortened Web Links Are Convenient, But They Come at a Price". The Economist. Retrieved 1 January 2010.
15. http://u.nu/unu-discontinued "u.nu :: discontinued"
16. "Preview a TinyURL". TinyURL.
17. Krebs, Brian (13 June 2006). "Spam Spotted Using TinyURL". Security Fixes (blog at The Washington Post). Retrieved 1 January 2011.
18. "TinyURL Blocked in Saudi Arabia". Committee to Protect Bloggers. 16 April 2009.
19. "TinyURL.com Blocked by Panera Bread". Technology Evangelist.
20. [blog.cli.gs/news/cligs-got-hacked-restoration-from-backup-started "Updated: Cligs Got Hacked — Restoration from Backup Started"] Blog at Cli.gs.

External links

• URL redirection and shortening at Curlie
• "Comparison of URL Shortening Services" SearchEngineLand. April 2009.
• Nesbitt, Scott (7 February 2010). "Shorter Is Sweeter: A Look at URL Shorteners". Geeks.com.