ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Brave: A new browser with built-in adblock and payment solutions

<< < (21/23) > >>

The Brave web browser is hijacking links, and inserting affiliate codes
-panzer (June 07, 2020, 12:13 AM)
--- End quote ---

This seems a bit misleading.

It doesn't hijack links. It suggests links with Brave's refID in the auto-complete for the address bar. So if you click a link, or type a URL into the address bar, it either takes you exactly where you think you're going, or shows you in the auto-complete where it will be taking you if you press enter.

Here's what happens when I start to type in (which I have been to previously):

Notice that the auto-complete suggestion gives preference to URLs I have visited in the past, listing the "suggested" referral URL below my actual history. If I press enter, it takes me directly to with no referral. I have to manually select the bottom suggestion which contains the referral code in order to be taken to the referral link.

And here is what happens when I start to type in (which I have not been to previously):

Because I haven't typed out the full URL it will do a search for the site if I press enter. If I click the top result, it takes me to the site with no referral ID. No links have been hijacked or modified.

Here is what happens when I type in the full URL (which I still have not been to previously at the time of testing this):

It shows me that it will autocomplete with a referral ID if I press enter. Or I can select the non-referral link and then every time in the future when I type out the URL it will give preference to URLs in my history over its own suggestions. Or in other words, it will be like my Coinbase example above.

Sounds like making a mountain out of a molehill to me.

Either way, these "autocomplete suggestions" can be disabled from Settings -> Appearance -> Show Brave suggested sites in autocomplete suggestions. And in response to the negative feedback, it will be disabled by default in future releases.

Brave: A new browser with built-in adblock and payment solutions

And one more, for completeness:

Here's what happens when I try to search from the address bar for "bitcoin"

If I press enter, I am taken to a DuckDuckGo search page, which doesn't link to Binance on the first page of results. If I instead search for "bitcoin binance" the top result is Binance with several links to various Binance pages, none of which include the referral ID.

I get similar results with other crypto-related terms, such as "ltc" or "litecoin" in the address bar.

So again, there is no link hijacking going on. It seems like the only way to accidentally use a referral link is if you type the full URL in the address bar and have never been to the website before, and press enter without looking at the auto-complete. In other words, it seems the only people who are likely to accidentally use the referral links are the small percentage of people who already know exactly what they're looking for (and would therefore type in the full URL manually, rather than doing a search and clicking a search result) but don't already have that site in their browsing history.

And even though I can't tell if it was an unintentional bug or just a bad decision, they've admitted that revising typed-in domains was a mistake that will not happen in the future even with the feature enabled.

"We will never revise typed in domains again, I promise" - Brendan Eich

After further research, my understanding is that it was an intentional feature, but possibly with unintended consequences due to still thinking from a Firefox mindset where the address bar and the search bar are (or were?) two separate things. That is, they think it's OK to suggest/change things that are search queries, but since Chrome-based browsers have a single omnibar, this thinking came back to bite them and resulted in typed-in URLs getting changed. They don't think it's OK to change typed-in URLs and are fixing that.

Thanks for the investigation and write-up!

I'm not sure when this happened, since I see no mention of it on their blog, but Brave has launched private, encrypted video chat (similar to Zoom or Meet):


[0] Message Index

[#] Next page

[*] Previous page

Go to full version