Social Share Privacy

More and more websites use like-buttons from Facebook, Google+ and Twitter. However, these buttons send information to these social networks even if the user do not click them, but only if they are present on a webpage. This way these networks are able to track which websites users are visiting and are able to build fairly complete browser histories of their users. Because this is neither what a user might expect nor what many website operators that embed like-buttons want, heise online developed a jQuery plugin that provides an alternative way of using these social services.

The idea was great, the implementation not so much. Therefore I forked it and created a GitHub project. While the original version only supported Facebook, Twitter and Google+ and all of this hardcoded, my version is modular and has modules for these services:

1st click: activate button
2nd click: like
Before activation this button doesn't send information to a third party.
  • Buffer
  • Delicious
  • Disqus
  • EMail (mailto: links)
  • Facebook
  • Flattr
  • Google+
  • LinkedIn
  • Pinterest
  • reddit
  • Stumble Upon
  • Tumblr
  • Twitter
  • XING

The concept is fairly easy. Per default only a gray mockup image of a like-button is embedded. Only if a user clicks this button the real like-button is loaded and information sent to the social network. With a second click the user can then like the webpage (or tweet it etc.).

All buttons can be permanently enabled.

The first click basically means that the user agrees that information is sent to the social network in question. But only for the page that embeds like-button and only for the selected social network. If the user visits the same page again the button is at first again deactivated. This way one can prevent, that social network owners can build complete surf profiles of their users.

If users don't care about their privacy and rather want the like-buttons to be always enabled they can do so in the settings menu, accessed via the gear icon. Per default this is done via cookies and on a domain basis, but this feature is extensible so that this information can be stored anywhere (e.g. via AJAX on a webserver or in the browsers HTML5 local storage).

For a comprehensive description of all options and methods look at the README on GitHub.

If you want to embed the share buttons on your Blogger blog like I do, simply add a HTML/JavaScript gadget to your layout and paste this code into it:

This example includes all supported buttons except a flattr button. In case you don't want all those services just remove the JavaScript file of the services that you do not want. If you want to also have a flattr button use this code and replace __FLATTR_UID__ with your flattr user ID:

The only difference between these two version is the extra configuration of the flattr user ID and because flattr is currently the only service that supports tags I only added the tag detection code there.


Popular posts from this blog

Save/download data generated in JavaScript

How to write a binary file format

Cross site HTTP Auth via JavaScript