Safari, Chrome push to mask URLs
Apple's browser will truncate Web addresses to domain-only length in OS X Yosemite; Google's experimenting with a similar design
Computerworld - Safari on OS X Yosemite will mask most of a URL in its top-of-window address bar, following in the footsteps of Safari on iOS, and beating Google's Chrome, which is experimenting with the same design, to the desktop.
While not strictly a trend, the decision by Apple to mask all but the domain -- say, nytimes.com or computerworld.com -- will bring a simmering discussion about the value of a full-string URL to the surface when customers first fire up Safari on Yosemite this fall.
Apple did not call out the change in its Worldwide Developers Conference (WWDC) keynote Monday, but eagle-eye observers noted that during a demonstration of Safari, only the domain appeared in the browser's address bar.
As Safari was shown on the keynote's giant screen poised at Wikipedia's Ansel Adams article, the browser displayed en.wikipedia.org rather than the full string of http://en.wikipedia.org/wiki/Ansel_Adams that would appear in other browsers, including Chrome, Firefox and Internet Explorer, not to mention Safari on OS X Mavericks.
It wasn't a surprise that Apple dumped the rest of the URL; it did the same last year in Safari on iOS 7. On an iPhone or iPad, tapping the domain reveals the full URL. Safari on Yosemite behaves similarly: Clicking in the address bar or using Cmd-L -- the keystroke combo to select the address bar's contents -- expands the domain to the full URL.
What's Apple up to?
Apple's not talking, but Google is. For several months, Chrome developers have been playing with something similar in pre-release versions of the browser, switching it on an off, seemingly at random, for some users running editions as solid as the beta builds.
Chrome dubs the feature "origin chip," but the end result is the same: A truncated URL.
"URLs can be long and messy. By making the domain name of [the] site you're visiting clearer, it's easier to glance up at the Omnibox and know exactly where you are on the Web," wrote Tim Caver, who implied that he was a Google employee, in a support forum last month. "It's also easier to tell when a malicious website is purporting to be a different website (think www.bankofamericaa.com)."
The argument has some merit. Phishers sometimes try to fake out users with extremely long URLs that look legit in the finite space of the address bar but are actually pointers to a different domain.
In Chrome's experiments, clicking on the option chip -- the small rectangle at the far right of the browser's Omnibox, Google's name for its combined address and search field -- reveals the full URL, as does the usual Ctrl-L (Windows) and Cmd-L (OS X) keystroke combos.
Not everyone liked what Google was up to.
"My personal opinion is that it's a very bad change and runs antithetical to Chrome's goals," said Paul Irish, a developer advocate for Chrome, in an April discussion thread on Hacker News. "I hope the data backs that up as well."
Others weighed in on the same discussion, as well as on Google's support forum, mostly with negative comments, some with more than a dollop of hyperbole. "Should this become the default and not disable-able, then Chrome will die a fiery death," predicted Ross Presser.
Some theorized that Google's motivation wasn't to improve security or clear up confusion, but rather to push the search aspect of the Omnibox by scrubbing the space of the URL.
Others predicted the death of the Web as the world knows it.
"There's a dangerous slippery slope here," contended Tristan Louis on the Hacker News thread. "If we're OK with this happening, are we then OK with getting rid of that domain further down the line? The whole thing strikes me as creating a more locked-down Web.
"The problem with that approach is that it communicates that the Web is 'hard' instead of educating users in how to understand it and how to build on it," added Louis, who was a co-founder of Internet.com, among other companies, and has been involved with the Web for more than two decades.
A security firm joined the anti-origin chip discussion in May too. Chantilly, Va.-based PhishMe argued that extremely long URLs vanished, leaving the Omnibox blank, to illustrate how cyber criminals could circumvent the origin chip's design.
Chrome users who encounter the option chip can eliminate it by typing chrome://flags in the address bar, searching for the setting labeled "Enable origin chip in Omnibox," then selecting "Disabled." Those who want to experiment with the feature can enable it using with the same setting in most Chrome builds.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
- Workarounds to purge search bar from Firefox's new tab page are available
- Mozilla ships Firefox 31, adds search to new tab page
- Microsoft's IE steps back from the brink of irrelevance
- Firefox falters, falls to record low in overall browser share
- Firefox risks user backlash by adding search box to new tab page
- Google unseats Microsoft as the U.S. browser powerhouse
- Safari, Chrome push to mask URLs
- Chrome on Windows champs at the 64-bit
- Google pulls trigger, cripples some Chrome add-ons
- Microsoft shoots to shorten Internet Explorer's long tail
Read more about Internet in Computerworld's Internet Topic Center.
- Social Media Education: The New Edge for Success Failure to train for social media will cost your business money. A recent report showed how digitally prepared companies can unlock up to...
- Social Media in Technology: A Unified Strategy for Success Find out how social media is sparking a new era of customer and industry-understanding in technology enterprises and how industry leaders are overcoming...
- How Network Connections Drive Web Application Performance Users around the globe, on all sorts of devices, expect Web applications to function as seamlessly as desktop applications. This paper discusses the...
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Internet White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!