Twitter Makes All Its Shortlinks HTTPS By Default

from the good-move dept

Mon, Sep 21st 2015 11:14pm — Mike Masnick

The push to encrypt more and more of the web's traffic will get a nice little boost on October 1st, when Twitter will change its t.co link wrapper/shortner service to go to HTTPS by default:

On October 1 all new links wrapped with Twitter's t.co wrapper will use the https URL scheme. The https scheme helps Twitter securely deliver readers to the intended destination.

We have discussed for years, of course, the value of encrypting more of the web, and especially increasing use of HTTPS-by-default. Kudos to Twitter for making this move and encouraging widespread use of HTTPS to better protect people's surfing. It's worth noting that Twitter is also warning sites that they may see a drop in referrals from Twitter, because browsers drop the referrer from the header when an HTTPS link goes to an HTTP destination -- but it notes that it will be using referrer policy instead, which is good. Most modern browsers support referrer policy, and thus this isn't really that big a deal. However, it's one of the random complaints that some anti-HTTPS campaigners have argued over the years (that the lack of referrer is a big loss under HTTPS).

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, https, shortlinks, social media
Companies: twitter

3 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 22 Sep 2015 @ 2:57am

The https scheme helps Twitter securely deliver readers to the intended destination.

So why didn't Twitter make it secure before?
[ link to this | view in thread ]
Anonymous Coward, 22 Sep 2015 @ 7:18am

Re:
Maybe because it took a (miniscule amount of) effort on Twitter's part, so why bother until they get a big enough PR benefit from it?
[ link to this | view in thread ]
Meek Barbarian (profile), 22 Sep 2015 @ 10:21am

I agree that HTTPS is a good thing, but browser support isn't as good as you make out. (I'm not saying they shouldn't switch, just that you're dismissing the browser support too easily without giving it due consideration.)

http://caniuse.com/#feat=referrer-policy

Zero IE support before Edge and only limited support with Edge means a ~large~ portion of browsers (for most sites) will be impacted.

Can I Use estimates only 65% of the world's in-use browsers (up to 74% of US only in-use browsers) would be supported.
[ link to this | view in thread ]