URL shortening is a technique on the World Wide Web in which a Uniform Resource Locator (URL) may be made substantially shorter in length and still direct to the required page. This is achieved by using an HTTP Redirect on a domain name that is short, which links to the web page that has a long URL. For example, the URL http://en.wikipedia.org/wiki/URL_shortening can be shortened to http://bit.ly/urlwiki or http://tinyurl.com/urlwiki. This is especially convenient for messaging technologies such as Twitter and Identi.ca, which severely limit the number of characters that may be used in a message. Short URLs allow otherwise long web addresses to be referred to in a tweet. In November 2009, the shortened links on one URL shortening service were accessed 2.1 billion times.[1]
Normally, a URL shortening service will use the top-level domain of a country that allows foreign sites to use its extension, such as .ly or .to (Libya and Tonga), to redirect worldwide using a short alphanumeric sequence after the provider's site address in order to point to the long URL.
Another use of URL shortening is to disguise the underlying address. Although this may be desired for legitimate business or personal reasons, it is open to abuse and for this reason, some URL shortening service providers have found themselves on spam blacklists, because of the use of their redirect services by sites trying to bypass those very same blacklists. Some websites prevent short, redirected URLs from being posted.
Contents |
There are several reasons to use URL shortening. The free hosting space provided by access Internet Service Providers for its customers may generate an aesthetically unpleasing address. Some web developers on mainstream sites tend to pass descriptive attributes in the URL to represent data hierarchies, command structures, transaction paths or session information and this often results in a URL that contains a large number of characters, is awkward to reproduce and impossible to remember. Copying a URL that is hundreds of characters long can only really be successfully done by copy-and-paste. Trying to type one by hand will be time-consuming and may result in errors. Thus a short URL is more useful to write in an e-mail message or an internet forum post.
On Twitter and some instant-messaging services, there is a limit on the total number of characters that can be used in a message. Using a URL shortener can make it easier to include a URL within a short message. Some shortening services, such as tinyurl.com and bit.ly, can generate URLs that are human-readable, although the resulting strings are longer than those generated by a length-optimized service. Finally, the URL shortening sites provide detailed information on the clicks the link receives, this can be simpler than setting up an equally powerful server side analytics engine.
URLs encoded in two-dimensional barcodes such as QR code are often shortened by a URL shortener in order to reduce the printed area of the code or allow printing at lower density to improve scanning reliability.
An increasing number of websites are registering their own short URLs to make sharing via Twitter and SMS easier. This can normally be done online, at the web pages of a URL shortening service. Short URLs often circumvent the intended use of top-level domains for indicating the country of origin; domain registration in many countries requires proof of physical presence within that country, although a redirected URL has no such guarantee.
In URL shortening, every long URL is associated with a unique key, which is the part after http://top-level domain name/, for example http://tinyurl.com/m3q2xt has a key of m3q2xt. Not all redirection is treated equally; the redirection instruction sent to a browser can contain in its header the HTTP status 301 (permanent redirect) or 302 (temporary redirect).
There are several techniques to implement a URL shortening. Keys can be generated in base 36, assuming 26 letters and 10 numbers. In this case, each character in the sequence will be 0, 1, 2, ..., 9, a, b, c, ..., y, z. Alternatively, if uppercase and lowercase letters are differentiated, then each character can represent a single digit within a number of base 62 (26 + 26 + 10). In order to form the key, a hash function can be made, or a random number generated so that key sequence is not predictable. Or users may propose their own keys. For example, http://en.wikipedia.org/w/index.php?title=TinyURL&diff=283621022&oldid=283308287 can be shortened to http://bit.ly/tinyurlwiki.
Not all protocols are capable of being shortened, as of 2011, although protocols such as http, https, ftp, ftps, mailto, news, mms, rtmp, rtmpt, e2dk, pop, imap, nntp, news, ldap, gopher, dict and dns are being addressed by such services as URL Shortener. Typically, data: and javascript: URLs are not supported for security reasons. Some URL shortening services support the forwarding of mailto URLs, as an alternative to address munging, to avoid unwanted harvest by web crawlers or bots. This may sometimes be done using short, CAPTCHA-protected URLs, but this is not common.[2]
Tinyarro.ws, urlrace.com, and qoiob.com use Unicode characters to achieve the shortest URLs possible, since more condensed URLs are possible with a given number of characters compared to those using a standard Latin alphabet.[3]
The idea of URL shortening dates back at least to 2001.[4] The first notable URL shortening service, TinyURL, was launched in 2002. Its popularity influenced the creation of at least 100 similar websites,[5] although most are simply domain alternatives. Initially Twitter automatically translated long URLs using TinyURL, although it began using bit.ly in 2009.[6]
In May 2009, the service .tk, which previously generated memorable domains via URL redirection, launched tweak.tk,[7] which generates very short URLs. On 14 August 2009, WordPress announced the wp.me URL shortener for use when referring to any WordPress.com blog post.[8] In November 2009, shortened links on bit.ly were accessed 2.1 billion times.[9] Around that time, bit.ly and TinyURL were the most widely used URL-shortening services.[9]
On 10 August 2009, however, tr.im, announced that it was curtailing the generation of new shortened URLs, but assured that existing tr.im short URLs would "continue to redirect, and will do so until at least December 31, 2009". A blog post on the site attributed this move to several factors, including a lack of suitable revenue-generating mechanisms to cover ongoing hosting and maintenance costs, a lack of interest among possible purchasers of the service and Twitter's default use of the bit.ly shortener.[10] This blog post also questioned whether other shortening services can successfully make money from URL shortening in the longer term. A few days later, tr.im appeared to alter its stance, announcing that it would resume all operations "going forward, indefinitely, while we continue to consider our options in regards to tr.im's future"[11] but, as of July 11, 2011, the tr.im service failed.
In December 2009, the URL shortener TO./ NanoURL was launched by .TO. This service creates a URL address which looks like http://to./xxxx, where xxxx represents a combination of random numbers and letters. NanoURL currently generates the shortest URLs of all URL shortening services, because it is hosted on a top-level domain (the one of Tonga). This rare form of URL may cause problems with some browsers, however, where the string is interpreted as a search term and passed to a search engine, instead of being opened.[12] As of 2011, the service is no longer available.
On 14 December 2009, Google announced a service called Google URL Shortener at goo.gl, which originally was only available for use through Google products (such as Google Toolbar and FeedBurner).[13] It does, however, have two extensions (Standard and Lite versions) for Google Chrome.[14] On 21 December 2009, Google also announced a service called YouTube URL Shortener, youtu.be,[15] and since September 2010, Google URL Shortener has become available via a direct interface.
The convenience offered by URL shortening also introduces potential problems, which have led to criticism of the use of these services. Short URLs, for example, will be subject to linkrot if the shortening service stops working; all URLs related to the service will become broken. It is a legitimate concern that many existing URL shortening services may not have a sustainable business model in the long term. This worry was highlighted by a statement from tr.im in August 2009 (see above).[9] In late 2009, the Internet Archive started the "301 Works" projects, together with twenty collaborating companies (initially), whose short URLs will be preserved by the project.[9] The URL shortening service ur1.ca provides its entire database as a file download, so if its website stops working, other websites may be able to provide ways to correct broken links to URLs shortened with its service.
URL shortening sites are sometimes shut down by their hosting Internet service provider (ISP) because the links are being used for illicit purposes. For example, upon closing operations, "u.nu" announced:
The last straw came on September 3, 2010, when the server was disconnected without notice by our hosting provider in response to reports of a number of links to child pornography sites. The disconnection of the server caused us serious problems, and to be honest, the level and nature of the abuse has become quite demoralizing. Given the choice between spending time and money to find a different home, or just giving up, the latter won out.[16]
Shortened internet links typically use foreign country domain names, and are therefore under the jurisdiction of that nation. Libya, for instance, exercised its control over the .ly domain in October 2010 to shut down vb.ly for violating Libyan pornography laws. Failure to predict such problems with URL shorteners and investment in URL shortening companies may reflect a lack of due diligence.[17]
Some websites prevent short, redirected URLs from being posted.
In 2009, the Twitter network replaced TinyURL with Bit.ly as its default shortener of links longer than twenty-six characters.[6] In April 2009, TinyURL was reported to be blocked in Saudi Arabia.[18] Yahoo! Answers blocks postings that contain TinyURLs and Wikipedia does not accept links by any URL shortening services in its articles.[19][20][21]
Users may be exposed to privacy issues through the URL shortening service's ability to track a user's behavior across many domains.
On the security side, a short URL obscures the target address, and as a result, can be used to redirect to an unexpected site. Examples of this are rickrolling, redirecting to shock sites, or to affiliate websites. Short URLs can also unexpectedly redirect a user to scam pages or pages containing malware or XSS attacks, which use the redirect to bypass URL blacklists. TinyURL tries to disable spam-related links from redirecting.[22] ZoneAlarm, however, has warned its users: "TinyURL may be unsafe. This website has been known to distribute spyware." TinyURL countered this problem by offering an option to preview a link before using a shortened URL. This ability is installed on the browser via the TinyURL website, however, and requires the use of cookies.[23] However, a preview may also be obtained by simply prefixing the word "preview" to the front of the URL: for example, http://tinyurl.com/8kmfp could be retyped as http://preview.tinyurl.com/8kmfp to see where the link will lead. Security professionals suggest that users should always preview a short URL before accessing it, following an instance where the URL shortening service cli.gs was compromised, exposing millions of users to security uncertainties.[24]
Some URL shortening services have started filtering their links through services like Google Safe Browsing. Many sites that accept user-submitted content block links, however, to certain domains in order to cut down on spam and for this reason, known URL redirection services are often themselves added to spam blacklists.
Due to such problems, other websites such as FindHiddenURL and TrueURL appeared. Such websites target the shortened URL and provide the user with the original hidden link and with description about the link.
Short URLs, although making it easier to access what might otherwise be a very long URL or user-space on an ISP server, add an additional layer of complexity to the process of retrieving web pages. Every access requires more requests (at least one more DNS lookup and HTTP request), thereby increasing latency, the time taken to access the page and also the risk of failure, since the shortening service may become unavailable. Another operational limitation of URL shortening services is that browsers do not resend POST bodies when a redirect is encountered. This can be overcome by making the service a reverse proxy, or by elaborate schemes involving cookies and buffered POST bodies, but such techniques present security and scaling challenges, and are therefore not used on extranets or Internet-scale services.
http://example.com/index.asp?mod=profiles&id=193
becomes http://example.com/user/john-doe
http://del.icio.us
or http://goo.gl