Facebook visits pages that you post in messages and stays for many seconds(dontcode.tumblr.com)
dontcode.tumblr.com
Facebook visits pages that you post in messages and stays for many seconds
http://dontcode.tumblr.com/post/147428686798/tldr-facebook-visits-pages-that-you-post-in
19 comments
Um yeah, the moment you type/paste a link in a post, it loads a preview and tries to pick a good representative picture of the page. As far as I can tell the image is even mirrored on Facebook's CDN for faster loading. It's not like they're subtle about it.
Correct. This is the open graph bot. You can force fb to scrape your site at will and clear the current cached image preview.
https://developers.facebook.com/tools/lint
https://developers.facebook.com/tools/lint
This is the part that happens before you send the message. The post is talking about the automated browser that visits the link after you post it and waits for 15 seconds with socket.io (thus javascript activated).
Oh. Something to do with trackbacks then, maybe?
> But why?
Go ahead and post a link in a message (I chose this one: http://imgur.com/gallery/wjANVCD). A little visual preview will appear. Where do you think this comes from?
> And classify you as a good citizen for the NSA so that you don’t get killed in a drone attack
Or maybe that.
Go ahead and post a link in a message (I chose this one: http://imgur.com/gallery/wjANVCD). A little visual preview will appear. Where do you think this comes from?
> And classify you as a good citizen for the NSA so that you don’t get killed in a drone attack
Or maybe that.
Occam's Razor strikes again.
Why stay for so long though? Fetching an image is fast and using an automated browser is a bit overkill. Maybe they wait for 15 seconds in case the server is slow...
JavaScript, webfonts, XHR...
In my experience, if you don't wait most of the times you get a blank page.
There are definitely some sites (particularly news sites) which can take 15 seconds to actually render the main content of the page.
Or to detect JavaScript triggered malware or other nefarious behavior. Running a full headless browser for link scanning is actually quite doable for Facebook's scale.
Anti-virus. The post seems to be complaining that Facebook is using a browser, which probably means they're testing for malware.
Why not both?
Also, they probably need a browser and to wait for a full render to be guaranteed a finalized image for their preview thumbnail.
Also, they probably need a browser and to wait for a full render to be guaranteed a finalized image for their preview thumbnail.
I don't think this is a big deal. You're posting a message _on their site_. It's reasonable for them to inspect the url.
This is not secret, surprising, or newsworthy, and the implication that it's for the NSA is pure conspiracy theory.
I guess it stays for many seconds because it waits JavaScript to finish executing to get an image preview. It's not uncommon that some sites needs many seconds (or even longer) to load.
Facebook probably sends an HTTP request to the link to get an image preview. I doubt that any human or computer is actually "looking" at the link for 15 seconds, more likely they just messed with the concept of time on the preview agent's Javascript interpreter so they can determine the layout of the "final page" with all animations and JS completed.
also, if you want a URL to stay private, don't email it to anyone using a cloud email service (including yourself)...
Previous discussion: https://news.ycombinator.com/item?id=11875419
That seems different? Exposing (possibly private) URLs in messages via the API seems like a bug (though int64s aren't really guessable when you have DoS protection).
Just visiting the link shared is completely normal behavior.
Just visiting the link shared is completely normal behavior.