How Does Brave Prevent Query Parameter Tracking?
Blocking requests every time these identifiers appeared in the URL would prevent you from visiting many sites you wish to visit. Query parameter tracking is difficult to block, though, because it happens through URLs you want to visit query parameter identifiers sit alongside benign, user-serving values in the URL.
Chrome is the only major browser that does not currently provide any of these protections. Firefox and Edge also restrict third-party cookies and storage for known trackers 4 and block requests for social media trackers by default. Safari blocks third-party cookies, and partitions third party storage by default. Brave provides the strongest protections, by blocking third party cookies 3, blocking third party storage, and blocking ( or replacing) requests for tracking-related JavaScript. As a result, browsers can (in principal, though not always in practice) prevent such tracking by either not sending cookies on third party requests, or by blocking requests for tracking-related JavaScript.Īnd in fact most major browsers provide some combination of these defenses. Most online tracking depends on your browser fetching URLs you’d rather your browser didn’t fetch, either because of third-party cookies carried on that request, or because of the JavaScript returned in that request. To understand why query parameter tracking is difficult to block, contrast it to how most tracking is done on the web. As a result, most browsers do not have effective countermeasures to query parameter tracking 2. Query parameter tracking is a particularly difficult form of tracking to block. This allows the tracker to connect your behavior between two different, independent websites. Query parameter tracking (sometimes called “link decoration”) refers to trackers adding uniquely identifying query parameters (typically, what appears after the ? in the URL) to links when you leave a site, and then reading them back out of the URL when you land on a different, possibly unrelated site. What is Query Parameter Tracking (and why is it tricky to stop)? Brave currently removes these tracking-related query parameters from URLs, allowing you to visit the sites you want to visit, without being tracked. These values are added to URLs you click, so that advertisers can learn more about you and your behavior on the web. Common examples of these include the “Facebook Click Identifier” (fbclid), used by Facebook to record which sites you visit when you’re not on Facebook, the “Google Click Identifier” (gclid), used by Google to link the advertising and analytics data they have on you, and Microsoft’s equivalent (msclkid). These are parameters trackers use to collect your activity across the web. Removing Known Tracking Parameters From URLsįirst, Brave removes common tracking parameters from URLs 1 by default. All of these are tweaks, subtle changes, or first-steps of a new approach to a more private, more compatible Web. This post discusses three recent changes in Brave that each help make the web a more privacy, and person, respecting platform.
In order to stay one step ahead of online trackers, Brave regularly releases new privacy features and improvements.
BRAVE BROWSER PRIVACY SOFTWARE
This post describes work done by Senior Product Security Engineer François Marier ( Senior Security Engineer Pranjal Jumde ( Senior Software Engineer Ivan Efremov, and Senior Privacy Researcher Peter Snyder.
0 kommentar(er)
