Privacy preserving rich links

Discord, telegram, WhatsApp, twitter, mastodon, Facebook and co all show a link preview which is pulled from special meta tags (“open graph meta tags” is their name, here is a list of them: Complete List of HTML Meta Tags · GitHub):

1. Problem: Recipient privacy

The potential privacy problem is when doing pulling the data on the receiving site, a web request is made from the device.
So the obvious solution is to send the meta-data with the message that contains the link or use a proxy server to hide the ip of the request (telegram does the proxy AFAIK).

2. Problem: Sender privacy

Pulling when sending also can be a problem, for example when the link was shared from browsing with tor and deltachat is running outside of tor.

So I propose that we could detect links and show them in the draft/composer and when the user clicks on them the info is loaded and attached to the outgoing message:

image_2022-07-17_14-58-37

Letting the user decide to do that web request moves the problem out of our responsibility zone.

2 Likes

Good idea. :+1:
I think this is the best way to implement a link preview in DC.