Google has called quits on the notion of truncating URLs in Chrome, according to a note from earlier this month in the Chromium project’s bug database.
“This experiment didn’t move relevant security metrics, so we’re not going to launch it,” Emily Stark, a staff software engineer on the Chrome team, wrote in the June 7 entry.
Android Police first reported on Stark’s note June 10.
Stark’s notification, which referred to what Chromium — the open-source project that produces code for Chrome and several other browsers, including Microsoft’s Edge — called the “simplified domain” experiment, put a end to efforts designed to abridge what shows in the browser’s address bar.
In August 2020, Google announced — Stark was one of the trio of engineers who penned the declaration — that it would run trials with some Chrome users that would hide much of a site’s URL. The idea, Google said, was to foil phishing attacks.
“Our goal is to understand — through real-world usage — whether showing URLs this way helps users realize they’re visiting a malicious website, and protects them from phishing and social engineering attacks,” the engineers said.
The trials began with Chrome 86, which launched in early October 2020.
Rather than display all of an URL, Chrome instead condensed it to what Google called the “registrable domain,” or its most significant part. If the full URL for, say, a Computerworld article was https://www.computerworld.com/article/3082024/google-android-chrome-os-flip-flops.html, then the registrable domain — and the only bit that would show in the address bar — would be computerworld.com. By doing so, the thinking went, URLs that tried to obfuscate the domain by padding the actual address with — sticking to the same example — computerworld.com elsewhere in a long string, would be exposed.
Throughout the various versions of Chrome from 86 on, users could enable the URL shortening through settings in the chrome://flags option page if they had not been selected by Google to participate but wanted to see the change for themselves.
Perhaps not surprisingly, the modification was damned by some; long-time users of any browser often take up torches and pitchforks whenever any long-held UI (user interface) or UX (user experience) element is on the change or chopping block.
As of Chrome 91 — which launched May 25 — the browser only drops the https:// from the URL, and the optional settings at chrome://flags no longer exist.
Other browsers, notably Apple’s Safari, continue to use the short, domain-only URLs that Google has now spurned. Edge, however, never adopted the test produced by Chromium, and has continued to turned out full addresses (even including https://).