Welcome to WebmasterWorld Guest from 34.204.191.31

Forum Moderators: goodroi

Gmail is hijacking all outgoing links?

     
7:30 pm on May 5, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2014
votes: 215


When did this start?

Any link I put in a gmail email is now re-written to point to google.com with a redirect out to the site I linked afterwards. I don't use gmail often but I just linked something to a friend and was surprised to see google redirect it through themselves first. Upon closer inspection ALL links are rewritten to point at google.com and are redirected afterwards.

Not sure I like this one bit. Is this a virus or intended behavior? My comp did not detect a virus but it's what a virus would do...
8:12 pm on May 5, 2019 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:4525
votes: 350


I just looked at a link I sent from a Gmail account via Thunderbird mail client this morning and it is not altered in any way in the message source code on the other end. Note - it was not sent to a gmail address which might make a difference.(?) The email was sent to a yahoo email address and received on Mac's "Mail" client.

Is it possibly an effect of retrieving the email at the online Gmail page? Or the browser in use?
9:52 pm on May 5, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10471
votes: 1099


Or an experiment? g is fond of doing those things from time to time. :)
10:23 pm on May 5, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2014
votes: 215


When I look at the email the link says: example.com/stuff
When I hover over the link in the email itself the link says: example.com/stuff
When that link is clicked it redirects to: google.com/ahsidfhasi_RANDOM_CHARS_ncuirnicne_http://example.com/stuff

Every link redirects through google. I'll check from another location tomorrow but all my home PCs do the same. Virus or is G tracking all links now? Scanned with malwarebytes, seekndestroy, 3 others and 2 rootkit cleaners.... nada.
11:56 pm on May 5, 2019 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 25, 2003
posts:1339
votes: 438


There have been variously coded gmail content redirects for years, maybe 10? that I can remember, most often including data-saferedirecturl="https://www.google.com/url? in the url string.

I vaguely recall that conversations back then were told that it was deliberate referer hiding for privacy; latterly reference was made to W3C's Content Security Policy recommendation and anti-clickjacking, anti-XSS, etc. I always figured it also included tracking (G after all), however as it never seemed to be widespread/common at any given time I sort of always forgot the issue until the next time someone had concern.
2:45 am on May 6, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15896
votes: 876


Every link redirects through google.
What happens if you copy the link (by whatever right-clicking process you normally use) and manually paste it into your browser’s address bar?
10:49 am on May 6, 2019 (gmt 0)

Moderator from US 

WebmasterWorld Administrator robert_charlton is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2000
posts:12390
votes: 409


JS_Harris, I like to check that my Gmail has gone out, so I'm constantly sending either ccs or bccs of my messages, either to myself in Gmail, and/or to a desktop client through a webmail intermediate... so I've got multiple checks on how the email arrives. Many of these messages have links in them. In all the years I've been doing this, I've never encountered anything like what you're describing. I just looked at some messages sent out this evening which contained some links. The urls are pristine.

Only surprises I get are links clicked in online publications, which occasionally add tracking strings. All that said, I have seen urls with the syntax you are describing, but I think I'm seeing them in the address bar in Google. I also remember that a link that a member posted here had that situation, but I can't find the thread where we discussed it. The link worked for some of us but not for others.

Since you're seeing them more often, pay attention to the url changes, if any, in the steps along the way, and report back so we can reproduce your "flow" on our own machines.

10:17 pm on May 6, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2014
votes: 215


Lucy, when I highlight the url itself and use ctrl-c(copy) and paste to the address bar I see the non-redirected url as it appears on the page. If I right click and select copy link location I see the redirected google search url when i paste. Two methods of copying and the result doesn't match.

I still cannot detect a virus but this is virus google search redirect behavior. Can someone who is 99.9999% sure they are virus free confirm what the hover over link url in gmail emails is supposed to be, pre click? I have 3 computers at home doing the same, it's desktop specific it seems.

I'm really leaning to virus at this point, there is no reason for Google to turn all links into actual searches just to track, there are less resource intensive methods of tracking.
12:21 am on May 7, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10471
votes: 1099


I wonder if his is something internal to g that looks at their cache first before looking elsewhere ... after all, speed is g's mantra... But only when clicked inside gmail? Feature or bug?
2:05 am on May 7, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15896
votes: 876


Two methods of copying and the result doesn't match.
You mean, the same kind of thing you’d get if you said for example
https://tvtropes.org/pmwiki/pmwiki.php/Main/RealityIsUnrealistic [tvtropes.org] *
where one kind of copying shows the visible URL and the other shows the same thing with redirect (in this case involving the present Forums)?

Interesting.


* Sorry! I had to pick something real, not example.com, off the top of my head and this seemed safe.
6:43 am on May 7, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10471
votes: 1099


Chuckles! Nothing is safe these days. :)

But works for me!
12:03 pm on May 7, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 15, 2001
posts:1836
votes: 66


I have seen this before in gmail, but I recall seeing it on mouseover, such that I was irritated I couldn't detect the eventual destination of the link, because all the google link gubbins took up all the vieweable space .. I thought Gmail always did this, news to me that it doesn't.
2:09 am on July 4, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2014
votes: 215


This is undisclosed behavior. Try sending yourself a link to your own website via gmail and it will often(always?) become a redirect through google search that starts with google.com/url?q=

- It is NOT secure, no https

- If someone shares the link, such as to a private google docs, you run the risk of having the contents revealed through "helpful" cache or other Google feature when that redirect is clicked

I'm still not certain if it's a virus or intentional as Google won't respond but I've found many, many threads describing the same problem. example from the google support forum - [support.google.com...]
2:55 am on July 4, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10471
votes: 1099


gmail is their platform ... you play by their rules ... and most of those rules are TRACKING EVERYTHING YOU AND YOUR RECIPIENT might view for their data mining operations.

Play, or not play, those are your options.
1:35 am on July 5, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2014
votes: 215


- They don't tell you that they redirect every link you place in email via unsecure connection
- They apparently don't respond when you ask if it's intentional behavior or a virus
- I found several instances of people complaining their private google docs were revealed via cache after the redirect

I choose not play
2:39 am on July 5, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10471
votes: 1099


I choose not play


Sadly ... many more are opting for that position as well. g, unfortunately, has an image problem at the moment ... likely not to change any time soon.