Robby Russell wrote:
If you're blocking stuff, you should probably block other common
redirect sites like makeashorterlink and tinyurlmartin
I could spend days adding filters. I guess at some point, you just have
to trust the public a little bit.
Had you considered a scheme in which the original
domain name is part of the shortened URL?
http://rubyurl.com/www.yahoo.com:ajZkXDls
That way we could at least confirm what domain we
were directed to.
Just a random idea.
Hal
Well, that's an interesting idea. It doesn't quite chop the size down as
much as I would like though..as some domains are much longer than just
www.yahoo.com. What if when you clicked a rubyurl.. it showed a 'you are
being redirected to a site on the following domain... 3..2...1 redirect'
-Robby
On Wed, 2005-03-16 at 14:55 +0900, Hal Fulton wrote:
Robby Russell wrote:
>>
>>If you're blocking stuff, you should probably block other common
>>redirect sites like makeashorterlink and tinyurl
>>
>>martin
>
> I could spend days adding filters. I guess at some point, you just have
> to trust the public a little bit.
>Had you considered a scheme in which the original
domain name is part of the shortened URL?http://rubyurl.com/www.yahoo.com:ajZkXDls
That way we could at least confirm what domain we
were directed to.Just a random idea.
--
/***************************************
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | robby@planetargon.com
* 503.351.4730 | blog.planetargon.com
* PHP, Ruby, and PostgreSQL Development
* http://www.robbyonrails.com/
****************************************/
+1 - slashdot has had great success in cutting down on shock site
trolling by annotating every link with its domain in cleartext.
martin
Hal Fulton <hal9000@hypermetrics.com> wrote:
Had you considered a scheme in which the original
domain name is part of the shortened URL?http://rubyurl.com/www.yahoo.com:ajZkXDls
That way we could at least confirm what domain we
were directed to.
As I mentioned in a previous post. I could have it wait for a few
seconds, show the destination URL and provide the person with a link to
cancel the redirect (maybe have it go back to where they came
from?)..just a back button.
..just a thought. Would that address your concerns? If so, how long
would you be willing to wait for it to redirect?
Cheers,
-Robby
On Wed, 2005-03-16 at 15:24 +0900, Martin DeMello wrote:
Hal Fulton <hal9000@hypermetrics.com> wrote:
>
> Had you considered a scheme in which the original
> domain name is part of the shortened URL?
>
> http://rubyurl.com/www.yahoo.com:ajZkXDls
>
> That way we could at least confirm what domain we
> were directed to.+1 - slashdot has had great success in cutting down on shock site
trolling by annotating every link with its domain in cleartext.martin
--
/***************************************
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | robby@planetargon.com
* 503.351.4730 | blog.planetargon.com
* PHP, Ruby, and PostgreSQL Development
* http://www.robbyonrails.com/
****************************************/
It could be optional. When your app gets a request, check for
"domain:key" vs "key" format, and verify the domain from the database.
If it matches, forward to the retrieved link, and if it doesn't,
display an error page: "This link's domain doesn't match, still follow
it?"
cheers,
Mark
On Wed, 16 Mar 2005 15:07:23 +0900, Robby Russell <robby@planetargon.com> wrote:
On Wed, 2005-03-16 at 14:55 +0900, Hal Fulton wrote:
> Robby Russell wrote:
> >>
> >>If you're blocking stuff, you should probably block other common
> >>redirect sites like makeashorterlink and tinyurl
> >>
> >>martin
> >
> > I could spend days adding filters. I guess at some point, you just have
> > to trust the public a little bit.
> >
>
> Had you considered a scheme in which the original
> domain name is part of the shortened URL?
>
> http://rubyurl.com/www.yahoo.com:ajZkXDls
>
> That way we could at least confirm what domain we
> were directed to.
>
> Just a random idea.Well, that's an interesting idea. It doesn't quite chop the size down as
much as I would like though..as some domains are much longer than just
www.yahoo.com. What if when you clicked a rubyurl.. it showed a 'you are
being redirected to a site on the following domain... 3..2...1 redirect'
There are already sites that do that, though, and it's less elegant than
Hal's idea IMO. Plus this would make a nice differentiator for rubyurl
martin
Robby Russell <robby@planetargon.com> wrote:
As I mentioned in a previous post. I could have it wait for a few
seconds, show the destination URL and provide the person with a link to
cancel the redirect (maybe have it go back to where they came
from?)..just a back button..just a thought. Would that address your concerns? If so, how long
would you be willing to wait for it to redirect?
I can probably live with something like that. Was considering having a
few options on the create page. Checkboxed for things like "keep
private"... meaning that I won't display it on the rss feeds/most
popular links, etc. I could add one for 'use domain in url method' or
something.. I'm open to suggestions for proper wording.
http://www.robbyonrails.com/articles/read/12
Cheers,
Robby
On Thu, 2005-03-17 at 01:32 +0900, Mark Hubbart wrote:
On Wed, 16 Mar 2005 15:07:23 +0900, Robby Russell <robby@planetargon.com> wrote:
> On Wed, 2005-03-16 at 14:55 +0900, Hal Fulton wrote:
> > Robby Russell wrote:
> > >>
> > >>If you're blocking stuff, you should probably block other common
> > >>redirect sites like makeashorterlink and tinyurl
> > >>
> > >>martin
> > >
> > > I could spend days adding filters. I guess at some point, you just have
> > > to trust the public a little bit.
> > >
> >
> > Had you considered a scheme in which the original
> > domain name is part of the shortened URL?
> >
> > http://rubyurl.com/www.yahoo.com:ajZkXDls
> >
> > That way we could at least confirm what domain we
> > were directed to.
> >
> > Just a random idea.
>
> Well, that's an interesting idea. It doesn't quite chop the size down as
> much as I would like though..as some domains are much longer than just
> www.yahoo.com. What if when you clicked a rubyurl.. it showed a 'you are
> being redirected to a site on the following domain... 3..2...1 redirect'It could be optional. When your app gets a request, check for
"domain:key" vs "key" format, and verify the domain from the database.
If it matches, forward to the retrieved link, and if it doesn't,
display an error page: "This link's domain doesn't match, still follow
it?"cheers,
Mark
--
/***************************************
* Robby Russell | Owner.Developer.Geek
* PLANET ARGON | www.planetargon.com
* Portland, OR | robby@planetargon.com
* 503.351.4730 | blog.planetargon.com
* PHP, Ruby, and PostgreSQL Development
* http://www.robbyonrails.com/
****************************************/
