12 comments

[ 3.9 ms ] story [ 35.1 ms ] thread
I have been completely unaware this existed.

Thank you for sharing this!

I didn't know about it either but turns out it doesn't matter for me because "Firefox disables hyperlink auditing by default".

I hate that this is even became a thing. Can we fork the standards bodies? 100% user oriented. No for-profit companies allowed on the board, no more features that make advertising and tracking easier, and deprecation of the ones that already exist as soon as possible, starting with the blocking of third-party content of any kind and killing off EME.

If the companies that develop web browsers ignore your new standards body and keep doing their own thing, you gain nothing. What you have to do is fork a browser. But this won’t help if Google et al. are pushing their own browser at every opportunity.
Yeah, I need to ditch Safari altogether and start using Firefox as my default browser. Disappointing to learn Apple's doing this though. They keep slipping further away from what I want.
What an obnoxious anti-feature! Can we fix this and disable it permanently across all browsers, please, and then remove it from HTML?
Disappointing to hear that this is even a thing that's enabled by default. Sure, by removing it sites will just replace it with JavaScript, but that's still blockable at least.

Is there any use of this feature OTHER than tracking?

It may be used in a pre-loading technique but I doubt it generally is and JS could be used just as effectively.

As a maker of a popular Safari ad and content blocker, I was looking to implement a quick fix rule that would strip ping attributes from 'a' elements.

Unfortunately the Safari content blocking rule syntax is not sophisticated enough to allow stripping of attributes from a HTML element. The best that I could do with the current syntax would be to hide all links that include ping attributes.

This technique would stop tracking but it would also stop users from being able to click such links!

A bit of a difficult usability choice – would users prefer functional links that are tracked and breach their privacy or broken links that don't track them?

It says Firefox disables this anti feature by default but chrome does not. Does Brave?
This article claims that the request only shows up with a packet trace. Is that true? Not in the network inspector?
The request happens before navigation and the inspector is cleared during the navigation so it makes sense for the request being difficult to see.
I commend that he filed a bug report with Apple. But I must say his summary is way too detailed to get a quick understanding of the issue when seeing the report for the first time. To get attention, the summary should start with something like “Safari allows websites to track user behavior with <a ping="tracker.example.com"> HTML elements”.