You must log in or register to comment.
For those of us living under a rock, what’s Gumroad?
An online ecommerce platform.
It’s similar to Etsy. Targets smaller creators, values individual-made goods, but focuses on digital content, like soundtracks, 3D assets, etc.
I remember reading about Gumroad it used to be mostly for NSFW art, but they did a Tumblr and banned it. Maybe this is related to the loss of revenue.
Edit: found the article
Taking 30% off of physical goods sounds criminal to me.
We need browser extensions to kill those tags automatically.
Firefox I believe does. If you right click on a link, it says something like “copy link without tracking”. It should do away with queries in the URL, but I’m not completely sure.
https://www.trishtech.com/2024/10/how-to-disable-copy-link-without-site-tracking-in-firefox/
This is definitely what it’s supposed to do (and a great feature) but unfortunately it doesn’t work that well. Have tried this many times, especially with Amazon links, and it seems to be a bit inconsistent in its effectiveness.
Good to know.
You probably also need to clear your cookies as well. I can’t really see this being done only via GET
Yeah, I cannot imagine any reason they wouldn’t use cookies to track this. The moment you arrive via an affiliate link they’re going to know that that’s how you got to the site for that session.
That’s not going to work for links sent by text or whatever.
How do you think that would work? Like the site with the affiliate link should drop a third party cookie for gumroad? That’s a pretty big requirement.
When you go to the website, it can save that cookie for the session, even if you later remove the parameter.
I don’t understand. Cookies and request method are two different things. You can set cookies on GET.
If a platform gets traction and is good at removing them, then links will be more obfuscated to deal with it.
Oh nice, that is pretty new, but will have to see if it works on those gumroad links. I have an offline script (not a browser extension, I haven’t bothered figuring out how to write those) that edits urls to remove tracking and it’s quite a pain, since there are dozens of sites and tracking schemes it has to know about. Also, rather than creating a pasteable url, a suitable browser extension should just rewrite the link automatically before navitation when you click on it.
uBlock Origin filter or ClearURLs for example.
In the case of uBO, just search for “url” in the filter list and you should find it.
The URL tracking filter list is nice but it doesn’t seems to include anything related to gumroad domain or parameters.
https://filters.adtidy.org/extension/ublock/filters/17.txt
You need to add it yourself.
This the most tech illiterate take…
These are called query parameters. The standard part of the HTTP spec.
A huge part of the internet uses these simply as a way to instruct a page to display certain data or to display a particular view or layout of that data.
Calling for an extension to get rid of these it’s like calling for an extension to get rid of headers because websites use them to pass metadata in the same manner.
Edit: that was harsh my apologies.
There are in fact many extensions designed to suppress or rewrite headers, most notably cookies, but also proxy headers and other things like that. Stripping out privacy invading (or in this case revenue redirecting) query parameters is another thing that extensions can do, and there are various extensions for that too, including apparently ublock origin (UBO).
UBO is not able to rewrite urls completely (a deliberate decision to protect users from accidental or intentional security breaking rules appearing in rule lists) but there are other extensions that do that too, like changing www.reddit.com to old.reddit.com, or bypassing google redirects and link shorteners that snoop on user activity. The web is a predator-prey ecosystem (users are mostly prey) and it is necessary to respond to new hazards as they appear.
I use this filter in ublock to remove them: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt.
These things are very privacy invading, many of them have information that can identify the users. I don’t think douglasg14b knows what he is talking about. Yes they are query parameters, but they are used for many things such as advertisment for example or referrals, I think it is fine to remove query parameters that are not necessary.
https://www.ieee-security.org/TC/W2SP/2014/papers/privacy_query_strings.pdf
Sometimes the website sends sensitive data through query strings which is a common security issue.
https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url
You were so, so much more polite than I would have been
In general I use this app before I share or follow any links:
Thanks, I have that too I think. It’s great for sharing from my phone. On my laptop I have a python script that is a lot fancier that I’d like to rewrite as a browser extension someday.
For your desktop, you can use https://linkcleaner.app/
For those of you with Apple devices, I’m pretty sure current versions of Mac OS and iOS remove tracking arguments from URLs when you use cut/copy/paste/share.
https://9to5mac.com/2023/06/08/ios-17-link-tracking-protection/
Also this only applies in private browsing mode, which people usually aren’t in
This is about removing tracking arguments that identify users, this is not the case here.
The example in your link even show it’s keeping campaign tracking arguments. So I’m pretty sure it would keep the one we are talking about here.
An uBlock Origin custom filtrer should do.
Hmm, I thought ublock origin could only block links, not rewrite them. Am I missing something? I just looked through the docs and only see block/allow/noop rules, and I remember reading something a while back about how the devs didn’t want to rewrite. I’d love to have a pointer to the docs about how to do this if I’m wrong. Thanks ;)
Added: https://old.reddit.com/r/uBlockOrigin/comments/b9tdky/rule_for_redirecting_urls_to_cleaner_ones/ points to some github issues related to this.
Use removeparam.
The URL tracking protection filter list uses this and is a nice list to enable.
Thanks! I saw the GH issue about that but didn’t figure out that it had been deployed.
These artists should switch platforms because the query string isn’t the only way they can track attribution. If they see people doing this they will just switch to something else if they don’t already use another method as well.
I’ll just skip the whole place
some of us have been ever since gumroad worked with st*netoss
Never heard of that platform before, is it US only?
No, it’s just one of many. I’ve purchased stuff from gum road before.
OK, I think the real solution is that I’m never using Gumroad again. Sad, as some really good dnd stuff was there
https://bsky.app/profile/stargazerbird.pmd.social/post/3ld4tz3hllc2u
Based of that, it sounds like it’s affect people who had opted into the boosted discovery since that was already a thing and that was 30%+. The simplified wording doesn’t help but I’m feeling this got way blown out of proportion. Humanity does that nowadays.
I’m sorry to disappoint, but this will most likely not work. As soon as you make such a request, a session is created, which is stored in the cookie. And if they are real big asses, they only use the IP address to correlate the user to a session.
In general I use this app before I share or follow any links:
But did you try in this case? Because it doesn’t seems to have a sanitizer handling gumroad, in fact the sanitizer list is quite limited.
Oh you’re right. I thought you could add your own. Either way they push updates regularly, I bet if someone asked for a specific one, or maybe asked to be able to add their own, they would do it.
deleted by creator
Are you sure a new tab is necessary? Simply removing the tracking data and hitting Enter should be enough.
Probably an abundance of caution. I’m pretty sure referrer headers wouldn’t be sent if you modified the URL and that’s the only concern I can think of.
*For a new tab that is. Cookies aren’t going to care about a new tab unless you open a private one first.
Enshittification seems damn inevitable these days.
