This article needs additional citations for verification .(July 2014) |
URL shortening is a technique on the World Wide Web in which a Uniform Resource Locator (URL) may be made substantially shorter and still direct to the required page. This is achieved by using a redirect which links to the web page that has a long URL. For example, the URL "https://en.wikipedia.org/wiki/URL_shortening" can be shortened to "https://w.wiki/U". Often the redirect domain name is shorter than the original one. A friendly URL may be desired for messaging technologies that limit the number of characters in a message (for example SMS), for reducing the amount of typing required if the reader is copying a URL from a print source, for making it easier for a person to remember, or for the intention of a permalink. In November 2009, the shortened links of the URL shortening service Bitly were accessed 2.1 billion times. [1]
Other uses of URL shortening are to "beautify" a link, track clicks, or disguise the underlying address. This is because the URL shortener can redirect to just about any web domain, even malicious ones. So, although disguising of the underlying address may be desired for legitimate business or personal reasons, it is open to abuse. [2] Some URL shortening service providers have found themselves on spam blocklists, because of the use of their redirect services by sites trying to bypass those very same blocklists. Some websites prevent short, redirected URLs from being posted.
There are several reasons to use URL shortening. Often regular unshortened links may be aesthetically unpleasing. Many web developers pass descriptive attributes in the URL to represent data hierarchies, command structures, transaction paths or session information. This can result in URLs that are hundreds of characters long and that contain complex character patterns. Such URLs are difficult to memorize, type out or distribute. As a result, long URLs must be copied and pasted for reliability. Thus, short URLs may be more convenient for websites or hard copy publications (e.g. a printed magazine or a book), the latter often requiring that very long strings be broken into multiple lines (as is the case with some e-mail software or internet forums) or truncated.
On Twitter and some instant messaging services, there is a limit to the number of characters a message can carry – however, Twitter now shortens links automatically using its own URL shortening service, t.co , so there is no need to use a separate URL shortening service just to shorten URLs in a tweet. On other such services, using a URL shortener can allow linking to web pages which would otherwise violate this constraint. Some shortening services, such as goo.gl , tinyurl.com , and bit.ly can generate URLs that are human-readable, although the resulting strings are longer than those generated by a length-optimized service. Finally, URL shortening sites provide detailed information on the clicks a link receives, which can be simpler than setting up an equally powerful server-side analytics engine, and unlike the latter, does not require any access to the server.
URLs encoded in two dimensional barcodes such as QR code are often shortened by a URL shortener in order to reduce the printed area of the code, or allow printing at lower density in order to improve scanning reliability.
Some websites create short links to make sharing links via instant messaging easier, and to make it cheaper to send them via SMS. This can be done online, at the web pages of a URL shortening service; to do it in batch via bulk upload with tools like CSV importer or on demand may require the use of an API.
A few well-known websites have set up their own URL shortening services for their own use – for example, Twitter with t.co, [3] Telegram with t.me, Google with g.co, [4] and GoDaddy with x.co. [5]
In URL shortening, every long URL is associated with a unique key, which is the part after its top-level domain name. For example, https://tinyurl.com/m3q2xt has a key of m3q2xt, these keys are case-sensitive most of the time and using the wrong case may lead to a different destination URL. Not all redirection is treated equally; the redirection instruction sent to a browser can contain in its header HTTP response status codes such as 301 (moved permanently), 302 (found), 307 (temporary redirect) or 308 (permanent redirect).
There are several techniques to implement URL shortening. Keys can be generated in base 36, assuming 26 letters and 10 numbers. In this case, each character in the sequence will be 0, 1, 2, ..., 9, a, b, c, ..., y, z. Alternatively, if uppercase and lowercase letters are differentiated, then each character can represent a single digit within a number of base 62 (26 + 26 + 10). In order to form the key, a hash function can be made, or a random number generated so that key sequence is not predictable. Or users may propose their own custom keys. For example, https://example.com/product?ref=01652&type=shirt can be shortened to https://tinyurl.com/exampleshirt.
Not all URI schemes are capable of being shortened as of 2011, although URI schemes such as http, https, ftp, ftps, mailto, mms, rtmp, rtmpt, ed2k, pop, imap, nntp, news, ldap, gopher, dict and dns are being addressed by such services as URL shorteners. Typically, data: and javascript: URLs are not supported for security reasons (to combat attacks like cross-site scripting and session hijacking). Some URL shortening services support the forwarding of mailto URLs, as an alternative to address munging, to avoid unwanted harvest by web crawlers or bots. This may sometimes be done using short, CAPTCHA-protected URLs, but this is not common. [6]
Makers of URL shorteners usually register domain names with less popular or esoteric Top-level domains in order to achieve a short URL and a catchy name, often using domain hacks. This results in registration of different URL shorteners with a myriad of different countries, leaving no relation between the country where the domain has been registered and the URL shortener itself or the shortened links. Top-level domains of countries such as Libya (.ly), Samoa (.ws), Mongolia (.mn), Malaysia (.my) and Liechtenstein (.li) have been used as well as many others. In some cases, the political or cultural aspects of the country in charge of the top-level domain may become an issue for users and owners, [7] but this is not usually the case.
Services may record inbound statistics, which may be viewed publicly by others. [8]
While many providers claim their shortened URLs won't expire for as long as the service is provided, they may decide to discontinue the service at any time.
A permanent URL is not necessarily a good thing. There are security implications, and obsolete short URLs remain in existence and may be circulated long after they cease to point to a relevant or even extant destination. Sometimes a short URL is useful simply to give someone over a telephone conversation for a one-off access or file download, and no longer needed within a couple of minutes.
Some providers offer expiration on shortened URLs. This may include URLs that expire after a certain amount of time, on a certain date or after a certain number of usages.[ citation needed ]
A Microsoft Security Brief recommends the creation of short-lived URLs, but for reasons explicitly of security rather than convenience. [9]
An early reference is US Patent 6957224, which describes
...a system, method and computer program product for providing links to remotely located information in a network of remotely connected computers. A uniform resource locator (URL) is registered with a server. A shorthand link is associated with the registered URL. The associated shorthand link and URL are logged in a registry database. When a request is received for a shorthand link, the registry database is searched for an associated URL. If the shorthand link is found to be associated with a URL, the URL is fetched, otherwise an error message is returned. [10]
The patent was filed in September 2000; while the patent was issued in 2005, US patent applications are made public within 18 months of filing.
Another reference to URL shortening was in 2001. [11] The first notable URL shortening service, TinyURL, was launched in 2002. Its popularity influenced the creation of at least 100 similar websites, [12] although most are simply domain alternatives. Initially, Twitter automatically translated URLs longer than twenty-six characters using TinyURL, although it began using bit.ly instead in 2009 [13] and later developed its own URL shortening service, t.co.
On 14 August 2009 WordPress announced the wp.me URL shortener for use when referring to any WordPress.com blog post. [14] In November 2009, shortened links on bit.ly were accessed 2.1 billion times. [15] Around that time, bit.ly and TinyURL were the most widely used URL-shortening services. [15]
One service, tr.im, stopped generating short URLs in 2009, blaming a lack of revenue-generating mechanisms to cover costs and Twitter's default use of the bit.ly shortener, and questioning whether other shortening services could be profitable from URL shortening in the longer term. [16] It resumed for a time, [17] then closed.
The shortest possible long-term URLs were generated by NanoURL from December 2009 until about 2011, associated with the top-level .to (Tonga) domain, in the form http://to./xxxx, where xxxx represents a sequence of random numbers and letters. [18]
On 14 December 2009 Google announced a service called Google URL Shortener at goo.gl, which originally was only available for use through Google products (such as Google Toolbar and FeedBurner) [19] and extensions for Google Chrome. [20] On 21 December 2009, Google introduced a YouTube URL Shortener, youtu.be. [21] From September 2010 Google URL Shortener became available via a direct interface. The goo.gl service provides analytics details and a QR code generator.[ citation needed ] On 30 March 2018 Google announced that it is "turning down support for goo.gl over the coming weeks and replacing it with Firebase Dynamic Links" (although existing goo.gl links will continue to function). [22] On July 18, 2024, Google announced that existing Google URL shortener URLs will stop working as of August 25, 2025. Google will add an interstitial page to warn users about this starting August 23, 2024. [23]
The main advantage of a short link is its brevity. Depending on the transcription used, it might be more easily communicated and entered without error. To some extent it can obscure the destination of the URL; this may be advantageous, disadvantageous, or irrelevant.
Short URLs often circumvent the intended use of top-level domains for indicating the country of origin; domain registration in many countries requires proof of physical presence within that country, although a redirected URL has no such guarantee.
URL shortening may be utilized by spammers or for illicit internet activities. As a result, many have been removed from online registries or shut down by web hosts or internet service providers.
According to Tonic Corporation, the registry for .to domains, it is "very serious about keeping domains spam free" and may remove URL shortening services from their registry if the service is abused. [24]
In addition, "u.nu" made the following announcement upon closing operations:
The last straw came on September 3, 2010, when the server was disconnected without notice by our hosting provider in response to reports of a number of links to child pornography sites. The disconnection of the server caused us serious problems, and to be honest, the level and nature of the abuse has become quite demoralizing. Given the choice between spending time and money to find a different home, or just giving up, the latter won out. [25]
Google's url-shortener discussion group has frequently included messages from frustrated users reporting that specific shortened URLs have been disabled after they were reported as spam. [26]
A study in May 2012 showed that 61% of URL shorteners had shut down (614 of 1002). [27] The most common cause cited was abuse by spammers.
The convenience offered by URL shortening also introduces potential problems, which have led to criticism of the use of these services. Short URLs, for example, will be subject to linkrot if the shortening service stops working; all URLs related to the service will become broken. It is a legitimate concern that many existing URL shortening services may not have a sustainable business model in the long term. [15] In late 2009, the Internet Archive started the "301 Works" projects, [28] together with twenty collaborating companies (initially), whose short URLs will be preserved by the project. [15]
Shortened internet links typically use ccTLD domains, and are therefore often under the jurisdiction of a nation other than where the service provider is located. Libya, for instance, exercised its control over the .ly domain in October 2010 to shut down vb.ly for violating Libyan pornography laws. Failure to predict such problems with URL shorteners and investment in URL shortening companies may reflect a lack of due diligence. [29]
Some websites prevent short, redirected URLs from being posted.
In April 2009, TinyURL was reported to be blocked in Saudi Arabia. [30] Yahoo! Answers blocks postings that contain TinyURLs,[ citation needed ] and Wikipedia does not accept links by any URL shortening services in its articles. [31] The Reddit community strongly discourages— and in some subreddits, outright bans— URL shortening services for link submissions, because they disguise the origin domain name and whether the link has previously been submitted to Reddit, and there are few or no legitimate reasons to use link shorteners for Reddit link submissions. [32]
A short URL obscures the target address and can be used to redirect to an unexpected site. Examples of this are "rickrolling", and redirecting to shock sites, or to affiliate websites. The short URL can allow blocked URLs to be accessed, bypassing site blocklists; this facilitates redirection of a user to blocked scam pages or pages containing malware or XSS attacks. TinyURL tries to disable spam-related links from redirecting. [33] ZoneAlarm, however, has warned its users: "TinyURL may be unsafe. This website has been known to distribute spyware." TinyURL countered this problem by offering an option to view a link's destination before using a shortened URL. This ability is installed on the browser via the TinyURL website and requires the use of cookies. [34] A destination preview may also be obtained by prefixing the word "preview" to the URL of the TinyURL; for example, the destination of https://tinyurl.com/8kmfp is revealed by entering https://preview.tinyurl.com/8kmfp. Other URL shortening services provide a similar destination display. [35] Security professionals suggest that users check a short URL's destination before accessing it, [36] following an instance where the shortening service cli.gs was compromised, exposing millions of users to security uncertainties. [37] There are several web applications that can display the destination URL of a shortened URL.[ citation needed ]
Some URL shortening services filter their links through bad-site screening services such as Google Safe Browsing. Many sites that accept user-submitted content block links, however, to certain domains in order to cut down on spam, and for this reason, known URL redirection services are often themselves added to spam blocklists.
Another privacy problem is that many services' shortened URL format is small enough that it is vulnerable to brute-force search. Many people use URL shorteners when they share links to private content, and in fact many web services like Google Maps have offered automatic generation of shortened links for driving directions that reveal personal information like home addresses and sensitive destinations like "clinics for specific diseases (including cancer and mental diseases), addiction treatment centers, abortion providers, correctional and juvenile detention facilities, payday and car-title lenders, gentlemen's clubs, etc." [38] [39]
Short URLs, although making it easier to access what might otherwise be a very long URL or user-space on an ISP server, add an additional layer of complexity to the process of retrieving web pages. Every access requires more requests (at least one more DNS lookup, though it may be cached, and one more HTTP/HTTPS request), thereby increasing latency, the time taken to access the page, and also the risk of failure, since the shortening service may become unavailable. Another operational limitation of URL shortening services is that browsers do not resend POST bodies when a redirect is encountered. This can be overcome by making the service a reverse proxy, or by elaborate schemes involving cookies and buffered POST bodies, but such techniques present security and scaling challenges, and are therefore not used on extranets or Internet-scale services.[ original research? ]
Site | Company | Type | Custom URL | Comment |
---|---|---|---|---|
bit.ly | Bitly | general public | yes | |
goo.gl | general public | — | Replaced by FDL (uses Bitly [40] ) | |
g.co | internal | — | Google's link service [41] | |
ow.ly | Hootsuite Media | general public | yes | Now inside the Hootsuite dashboard |
t.co | internal | — | Twitter's link service [42] | |
TinyURL | TinyURL | general public | yes | |
w.wiki | Wikimedia Foundation | internal | — | Users can generate links to Wikimedia Foundation projects only. |
youtu.be | YouTube (Alphabet) | internal | — | Announcement of youtu.be Links [43] |
Open source and commercial scripts are also available for redirecting and shortening links, usually written in PHP as a web application or a plugin for one of the popular applications such as WordPress. Such scripts avoid many issues with shortening services, keep the domain name as part of the shortened link, and can be made private.
Spamming is the use of messaging systems to send multiple unsolicited messages (spam) to large numbers of recipients for the purpose of commercial advertising, non-commercial proselytizing, or any prohibited purpose, or simply repeatedly sending the same message to the same user. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social spam, spam mobile apps, television advertising and file sharing spam. It is named after Spam, a luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in almost every dish in which Vikings annoyingly sing "Spam" repeatedly.
Spamdexing is the deliberate manipulation of search engine indexes. It involves a number of methods, such as link building and repeating related and/or unrelated phrases, to manipulate the relevance or prominence of resources indexed in a manner inconsistent with the purpose of the indexing system.
In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.
A bookmarklet is a bookmark stored in a web browser that contains JavaScript commands that add new features to the browser. They are stored as the URL of a bookmark in a web browser or as a hyperlink on a web page. Bookmarklets are usually small snippets of JavaScript executed when user clicks on them. When clicked, bookmarklets can perform a wide variety of operations, such as running a search query from selected text or extracting data from a table.
goatse.cx, often spelled without the .cx top-level domain as Goatse, is an internet domain that originally housed an Internet shock site. Its front page featured a picture entitled hello.jpg, showing a close-up of a hunched-over naked man using both hands to stretch open his anus and expose his red rectum lit by the camera flash.
.tk is the Internet country code top-level domain (ccTLD) for Tokelau, a territory of New Zealand in the South Pacific.
URL redirection, also called URL forwarding, is a World Wide Web technique for making a web page available under more than one URL address. When a web browser attempts to open a URL that has been redirected, a page with a different URL is opened. Similarly, domain redirection or domain forwarding is when all pages in a URL domain are redirected to a different domain, as when wikipedia.com and wikipedia.net are automatically redirected to wikipedia.org.
.la is the Internet country code top-level domain (ccTLD) for Laos.
.ly is the Internet country code top-level domain (ccTLD) for Libya.
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers.
TinyURL is a URL shortening web service, which provides short aliases for redirection of long URLs. Kevin Gilbertson, a web developer, launched the service in January 2002 as a way to post links in newsgroup postings which frequently had long, cumbersome addresses. TinyURL was the first notable URL shortening service and is one of the oldest still currently operating.
A domain hack is a domain name that suggests a word, phrase, or name when concatenating two or more adjacent levels of that domain. For example, ro.bot and examp.le, using the domains .bot
and .le
, suggest the words robot and example respectively. In this context, the word hack denotes a clever trick, not an exploit or break-in.
nofollow is a setting on a web page hyperlink that directs search engines not to use the link for page ranking calculations. It is specified in the page as a type of link relation; that is: <a rel="nofollow" ...>
. Because search engines often calculate a site's importance according to the number of hyperlinks from other sites, the nofollow
setting allows website authors to indicate that the presence of a link is not an endorsement of the target site's importance.
The McAfee SiteAdvisor, later renamed as the McAfee WebAdvisor, is a service that reports on the safety of web sites by crawling the web and testing the sites it finds for malware and spam. A browser extension can show these ratings on hyperlinks such as on web search results. Users could formerly submit reviews of sites.
In HTTP, "Referer" is an optional HTTP header field that identifies the address of the web page from which the resource has been requested. By checking the referrer, the server providing the new web page can see where the request originated.
Typosquatting, also called URL hijacking, a sting site, a cousin domain, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser. A user accidentally entering an incorrect website address may be led to any URL, including an alternative website owned by a cybersquatter.
Kevin Gilbertson is an American web developer best known as the creator of TinyURL launched in January 2002. TinyURL is a URL shortener, a web service that provides short aliases for redirection of long URLs.
Bitly is a URL shortening service and a link management platform. The company Bitly, Inc. was established in 2008. It is privately held and based in New York City. Bitly shortens 600 million links per month, for use in social networking, SMS, and email. Bitly makes money by charging for access to aggregate data created as a result of many people using the shortened URLs.
Google URL Shortener, also known as goo.gl, is a URL shortening service owned by Google. It was launched in December 2009, initially used for Google Toolbar and Feedburner. The company launched a separate website, goo.gl, in September 2010.
Shortens URLs written to a specified Cloud Firestore collection (uses Bitly).