1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Genius Affiliate Link Masking

Discussion in 'JavaScript' started by Helge Sverre, Apr 10, 2014.

  1. #1
    I was reading a Infosec blog about phising/spam recently(it just interests me), where they presented a very clever way of masking links that i thought i'd adapt for my own uses.

    You can make links look like they are totally innocent in the address bar in the bottom of a user's browser, but change the location the link is pointing to it once they click on the link

    You can check out a live demo here: http://test.helgesverre.com/affmask/

    Here is how its done:

    <a href="http://google.com" onclick="this.href='https://www.yahoo.com/'">Hover your mouse here.</a>
    HTML:
    by adding onclick="this.href='https://www.yahoo.com/'" to the anchor tag you can change where the link is pointing to once it is clicked.

    I use this technique to mask affiliate links on this page.
     
    Helge Sverre, Apr 10, 2014 IP
  2. deathshadow

    deathshadow Prominent Member

    Messages:
    6,590
    Likes Received:
    982
    Best Answers:
    164
    Trophy Points:
    395
    #2
    Which doesn't work when users are blocking javascript (see the "noscript" browser extension), has no graceful degradation, and is not only being a dick towards users AND who you are linking to, and probably violates terms of service as well... There is NO legitimate reason to be pulling this type of asshat stunt other than trying to mislead users (bad) or screw over whoever you are linking to... It's crap like this that made browser makers DROP being able to change the contents of the title bar from javaScript in the first place.

    This is EXACTLY the type of 'scripting for nothing" asshattery I've come to expect from the SCAM known as affiliate marketing; since concepts like graceful degradation, accessible design, semantic markup, and not being a sleazeball seem to fly right out the window the moment words like "affiliate" is even MENTIONED in regards to the web.

    Just another of those things that developers are DUMBER for even trying to do.

    The only legitimate reason I could think of is adding more information on where it's going to, and that's TITLE's job!

    -- edit -- BTW, saying https as the href and then script-tarding to a http domain? That's just scummy. Also, god forbid the user see's "/~affiliat/cgi-bin/affiliates/clickthru.cgi?id=HelgeSverre" before clicking on the link... WHISKEY TANGO FOXTROT is your major malfunction soldier?
     
    Last edited: Apr 11, 2014
    deathshadow, Apr 11, 2014 IP
    sarahk, ryan_uk and malky66 like this.
  3. Helge Sverre

    Helge Sverre Notable Member Affiliate Manager

    Messages:
    839
    Likes Received:
    97
    Best Answers:
    2
    Trophy Points:
    215
    Digital Goods:
    2
    #3
    even if they don't have javascript enabled(only people who do this are paranoid fuckbags that i don't wanna have on my site anyways), they will be redirected to the site anyways, no functionality is lost.

    It seems you've had bad experiences, go cry elsewhere..


    Grow up Jason.
     
    Helge Sverre, Apr 12, 2014 IP
  4. robi09

    robi09 Member

    Messages:
    298
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    26
    #4
    To avoid the problem with javascript disabled you can do a php redirect.
     
    robi09, Apr 12, 2014 IP
  5. sarahk

    sarahk iTamer Staff

    Messages:
    18,892
    Likes Received:
    2,237
    Best Answers:
    54
    Trophy Points:
    615
    #5
    from memory it also breaks on a right mouse click, open in new tab
     
    sarahk, Apr 12, 2014 IP
    deathshadow likes this.
  6. ryan_uk

    ryan_uk Illustrious Member

    Messages:
    3,954
    Likes Received:
    1,010
    Best Answers:
    33
    Trophy Points:
    415
    #6
    You are avoiding the most important points. This technique is:
    1. Against Google's Webmaster guidelines (see https://support.google.com/webmasters/answer/2721217?hl=en). In case it's still escaping you - it's a "sneaky redirect".
    2. Violating the ToS of affiliate programs (at least for any credible one).
    3. Very importantly - misleading visitors. Why in hell's name would you want to do that?
    I am sure Googlebot would be able to detect this kind of technique easily. I'm not saying Google does check for it, but it's technically possible; Google have confirmed that they do execute some JavaScript and, let's face it, this is a very simple piece to detect and execute.
     
    ryan_uk, Apr 12, 2014 IP
    malky66 and deathshadow like this.
  7. deathshadow

    deathshadow Prominent Member

    Messages:
    6,590
    Likes Received:
    982
    Best Answers:
    164
    Trophy Points:
    395
    #7
    Great attitude there; so people who are sick of megabytes of scripting for nothing sucking mobile batteries dry are "paranoid ****bags"? Those who have it blocked at work thanks to proper corporate security (usually thanks to in-house crapplets saddling them with old versions of IE and no upgrade path) are "paranoid ****bags" too?

    Progressive enhancement leading to graceful degradation exists for a reason, you may want to study it. You've got the same type of thinking there that led to things like 1997'ish "it works in Netscape and Mosaic", 2003'ish "it works on IE6, who cares about anything else", and the lame excuses I've heard for a decade and a half to explain away all sorts of lazy, sleazy, broken or just plain nonsensical practices.

    Really? Not seeing any redirects on how you implemented it on your site... Pretty sure this doesn't function the same or have "redirects" involved:
    <a href="https://www.namecheap.com/" onClick="this.href='https://www.namecheap.com/?aff=46575'">Visit Website</a>
    Code (markup):
    Unless of course you own namecheap, which I highly doubt. (My favorite registrar BTW)

    Seriously, WHAT LEGITIMATE PURPOSE does this bloated nonsensical pointless garbage actually SERVE? Which blog did you pull this nonsense from? Sounds like they were talking out their backside. I may be wrong on that, but what's your source?

    Though honestly, this type of nonsenes is EXACTLY what I expect from someone with a site that uses tags like CENTER that have no business on any page written after 1997, no THEAD, TBODY or SCOPE on the tables, inital TR>TD that should probably also be TH with SCOPE, endless pointless META nothing practical gives a flying purple fish about, overstuffed keywords with zero relevance to the content, no media target on the style LINK, or even the sillyness of saying it is "copyright copyright" (use the symbol, don't use the word -- you want the word, don't use the symbol!); pretty much the outdated outmoded ignorant HTML 3.2 mated to piecemeal incomplete coding practices I've come to expect the moment I see a HTML 5 doctype.

    That said it's refreshing to see someone who understands we have tab and enter keys for a reason... Even if it's bad code, it's at least legible code! :D -- still, about a third of it belongs in the trash bin as pointless bloat.

    Just to show you what I mean... It should probably go something more like this:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html
    	xmlns="http://www.w3.org/1999/xhtml"
    	lang="en"
    	xml:lang="en"
    ><head>
    
    <meta
    	http-equiv="Content-Type"
    	content="text/html; charset=utf-8"
    />
    
    <meta
    	http-equiv="Content-Language"
    	content="en"
    />
    
    <meta
    	name="viewport"
    	content="width=device-width; height=device-height; initial-scale=1.0"
    />
    
    <meta
    	name="description"
    	content="My list of recommended and reputable domain registrars that you can use for registering your awesome new domain name."
    />
    
    <meta
    	name="keywords"
    	content="domain, registrar, pricing, recommended, choosing"
    />
    
    <link
    	type="text/css"
    	rel="stylesheet"
    	href="screen.css"
    	media="screen,projection,tv"
    />
    
    <link
    	rel="shortcut icon"
    	href="http://helgesdomaingenerator.com/favicon.ico"
    />
    
    <title>
    	Helge's Domain Name Generator - Domain Registrars
    </title>
    
    </head><body>
    
    <div id="top">
    
    	<h1>
    		<a href="index.php">
    			Helge's Domain<br />
    			Name Generator
    			<span><!-- image replacement --></span>
    		</a>
    	</h1>
    
    	<ul id="mainMenu">
    		<li><a href="index.php">Domain Name Generator</a></li>
    		<li><a href="domain-registrars.php">Domain Registrars</a></li>
    		<li><a href="domain-tips.php">Domain Tips</a></li>
    		<li><a href="web-hosting.php">Web Hosting</a></li>
    	</ul>
    
    	<div id="content">
    
    		<table class="domainTable">
    			<caption>
    				Recommended Domain Registrars and Pricing Information
    			</caption>
    			<thead>
    				<tr>
    					<th scope="col">Registrar</th>
    					<th scope="col">Website</th>
    					<th scope="col">.com price</th>
    					<th scope="col">.net price</th>
    					<th scope="col">.org price</th>
    				</tr>
    			</thead><tbody>
    				<tr>
    					<th scope="row">NameSilo</th>
    					<td><a href="https://www.namesilo.com/?rid=c6ccd18us">Visit Website</a></td>
    					<td>$8.99 / Year</td>
    					<td>$8.59 / Year</td>
    					<td>$9.19 / Year</td>
    				</tr><tr>
    					<th scope="row">NameCheap</th>
    					<td><a href="https://www.namecheap.com/?aff=46575">Visit Website</a></td>
    					<td>$10.69 / Year</td>
    					<td>$11.98 / Year</td>
    					<td>$11.48 / Year</td>
    				</tr><tr>
    					<th scope="row">Enom</td>
    					<td><a href="https://www.enom.com/">Visit Website</a></td>
    					<td>$13.95 / Year</td>
    					<td>$13.95 / Year</td>
    					<td>$13.95 / Year</td>
    				</tr>
    			</tbody>
    		</table>
    
    		<p>
    			Choosing a good domain registrar for your website is important, as they will maintain and support your domain name, which is the name that people will remember your website by, if your domain name becomes unavailable, visitors won't find your content anymore, therefore it is always important to choose a stable, trustworthy and dependable domain registrar for your domains.
    		</p>
    
    	<!-- #content --></div>
    
    	<hr /><!-- since the footer has no header -->
    
    	<div class="footer">
    		<div>
    			Copyright 2014
    			<a href="http://helgesverre.com">Helge Sverre</a> and
    			<a href="http://helgetech.net">HelgeTech</a>.
    		</div>
    		<a href="affiliate-info.php" rel="nofollow">Affiliate Notice</a>
    	<!-- #footer --></div>
    
    <!-- #top --></div>
    
    </body></html>
    Code (markup):
    Putting the H1 where it belongs (since EVERYTHING on the page is a subsection of the H1), axing the unneccessary h1/h3 pairing, moving it in as a CAPTION for the table where it belongs -- applying all the PROPER semantics to the table and completing it's structure, and swinging an axe at all the pointless "JS for nothing".

    Yeah, it's called 36 years of programming and hardware construction, running my own custom BBS and tying into fidoNet mated to eight to ten years of connecting to online services like Compuserve and Genie before HTML was a twinkle in TBL's eye, and most importantly surviving and even predicting the first dotcom bust most likely at a time when you were still in diapers. (and being ridiculed for it the same way Peter Schiff was about the Real Estate bubble -- and trust me, the storm is on the horizon again!)

    Cry? No... ready to bash in some skulls? Damned straight skippy, just because it's so frustrating to see the entire rules of html, css, good programming and accessibility thown out the window -- or worse seeing the same nonsense scam repeated generation after generation. Give it another ten to twenty years you'll probably come around to my view on this.

    Always fun when a 19 year old says that to a 45 year old... Take a tip from someone over twice your age and gray at the temples -- you're most likely being led astray either out of inexperience or ignorance by things like this.

    Also, pay attention to @ryan_uk's post. That's pretty much what I was saying.

    Also true -- seems to also be broken on middle-click, which of course is how you are SUPPOSED to choose to open in new windows (so the user has a choice, instead of the idiotic shoving it down the user's throat with TARGET)

    OH, BTW, an excellent example of why I think the various onevent attributes should be deprecated or even obsoleted in the HTML specification. Good scripting should hook existing markup since it has no business even being loaded scripting off. It's just as bad in my mind as TARGET or STYLE; encouraging doing things in the markup that really don't belong there.
     
    Last edited by a moderator: Apr 12, 2014
    deathshadow, Apr 12, 2014 IP
    Jeffr2014, malky66 and ryan_uk like this.
  8. sarahk

    sarahk iTamer Staff

    Messages:
    18,892
    Likes Received:
    2,237
    Best Answers:
    54
    Trophy Points:
    615
    #8
    Good point, if you wanted to be discrete you could link to a javascript file with event listeners looking for clicks on specific links. Googlebot might struggle to detect that.

    It still sucks though. I have no problem clicking affiliate links if I think the info from the affiliate justifies visiting the site. I don't honestly think most people know or care - depends on your target market though, some are more tech literate than others. I deal with regular people and, boy, they don't have a clue about half of what they see on their screens.
     
    sarahk, Apr 12, 2014 IP
    ryan_uk likes this.
  9. PoPSiCLe

    PoPSiCLe Well-Known Member

    Messages:
    2,021
    Likes Received:
    197
    Best Answers:
    78
    Trophy Points:
    185
    #9
    First off, as several others have pointed out, this is just retarded, and goes against any reputable affiliate EULA there is out there. Second, if I right-click, and "open in new tab" it opens Google.com. If I Ctrl+click (which I almost always do, since I want to keep the original site in a tab, normally), it opens Google.com. And if I turn off javascript, it goes, of course, to Google.com. Hence it's "rarely working", and it adds obfuscation and trickery to something that should be easy - I'm guessing that a quick fix to one of the "reveal shortlink urls" scripts for Chrome or Firefox would also reveal this kind of trickery.

    The idea is nothing but stupid, sorry to say. If you want to hide affiliate links, you're breaching most EULAs, and you're probably doing some sort of click-baiting I, personally, would never be a part of. Just don't. Simple as that.
     
    PoPSiCLe, Apr 12, 2014 IP
    ryan_uk likes this.
  10. deathshadow

    deathshadow Prominent Member

    Messages:
    6,590
    Likes Received:
    982
    Best Answers:
    164
    Trophy Points:
    395
    #10
    Why get the keyboard involved? Middle button (on most mice you can depress the wheel) -- I mean, unless you're stuck on a crippled/incomplete useless trackpad (which I won't even use on laptops) or a crApple mouse or something. (which first thing I'd do is go buy a real mouse; well... Logitech Trackman Marble actually...).
     
    deathshadow, Apr 12, 2014 IP
  11. PoPSiCLe

    PoPSiCLe Well-Known Member

    Messages:
    2,021
    Likes Received:
    197
    Best Answers:
    78
    Trophy Points:
    185
    #11
    Because I normally sit on a laptop, and I can't be arsed using an external mouse - I hardly ever use a mouse anyway, except for clicking on links or similar. I'm too lazy going into the office to sit at the desktop, I normally just prop down on the sofa with the laptop in my lap :)
     
    PoPSiCLe, Apr 13, 2014 IP