-
Notifications
You must be signed in to change notification settings - Fork 84
On privacy
[under construction: there is so much to cover..]
I became aware about "hyperlink-auditing" after reading this post.
Reference: http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing.
Starting with version 0.9.9.0, it is possible to block requests which purpose is to serve hyperlink-auditing information. The default setting is to block all hyperlink-auditing requests -- as there are no benefit to the users to have their browsing activity tracked.
On the technical side, I originally observed that hyperlink-auditing requests are reported as request of type other, in the behind-the-scene matrix. However, with version 0.9.9.0, HTTPSB will try to find out on which page the request occurred and if it is able to do so, the request will be reported on the page's matrix.
So this means that hyperlink-auditing requests will be reported in the other column of the matrix, and may be reported on the matrix of the page where the request originate, or in the behind-the-scene matrix if HTTPSB does not have enough information to bind the request to the page where it occurred.
In any case, for each hyperlink-auditing attempt, the request log will contain an entry with a synthetic URL:
http://tracker.example.com/{Ping-To:the-url-you-clicked}
So that you can fully informed about hyperlink-auditing attempts.
The Statistics tab in the dashboard will also show the number of hyperlink-auditing attempts foiled globally.
In summary, you can block hyperlink-auditing through the other column in the matrix, or globally through the "Block all hyperlink auditing attempts".
Note: I verified (on Chromium 34/Linux) that disabling the chrome://flags/#disable-hyperlink-auditing flag does not disable hyperlink-auditing. Do not rely on this setting.