This is the main reason I completely ditched Reddit, if you use the new Reddit interface instead of the old one (old.reddit.com), you’ll see a constant request being made to “https://www.reddit.com/svc/shreddit/events” (open your DevTools > Network tab, can’t see on Firefox idk why).

The problem is, if you add this to your Ublock Origin filters the website won’t load properly, that’s why uBO team didn’t block it already.

You’ll notice this request isn’t only being made from a interval but also when you do basically any action in the site, like pausing or resuming a video (send timestamps of when did you pause or resumed).

It sends other kind of data like what subjects you’re seeing when closed a tab or the related subjects of a post you click, this all can be used to trace a perfect profile of you and things you like.

You can avoid that by using the old.reddit but it still has the same kind of tracker, even tho you can block it here without major issues.

By my analysis, old Reddit interface does the same but to a random URL path that always starts with “reddit.com/api/something”. Ex.: reddit.com/api/friends So you can block anything that starts with “www.reddit.com/api” in your custom filters (after all you’re using old.reddit.com), then you’re mostly free from Reddit trackers (more or less). Side effect is, you won’t be able to use the chat in the old interface.

  • expr@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    1 day ago

    I know old reddit is not an SPA, but that’s entirely the point. New reddit is clearly written as an SPA. Old reddit was created before SPAs were super common, so it uses a different architecture.

    • CodenameDarlen@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      1 day ago

      Yes, so when we’re talking about calls to /api/* we’re talking about old.reddit.com, I didn’t say anything about calls to this endpoint on new reddit, the problem with new Reddit are calls made to https://www.reddit.com/svc/shreddit/events with a lot of trackers. It can’t be blocked.

      • expr@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        24 hours ago

        Right, and I explained that looks like a very common event gateway kind of architecture, which has many legitimate uses.

        Now, it’s entirely possible that Reddit is also using it for tracking shit (because of who they are), but the mere fact that an event gateway exists isn’t evidence of that. Here’s the Wikipedia article on the architecture: https://en.m.wikipedia.org/wiki/Event-driven_architecture.

          • expr@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            22 hours ago

            I have no doubt Reddit is doing shitty things (as evidenced by, well, everything in the last several years), but that’s entirely unrelated to what kind of architecture is involved. You can do shitty stuff with regular JS, cookies, etc. on webpages.

            I simply don’t want people thinking that this is actual evidence of wrongdoing, because it isn’t.

            • CodenameDarlen@lemmy.worldOP
              link
              fedilink
              arrow-up
              2
              ·
              22 hours ago

              You really can’t tell that this isn’t being used for evil practices, personal info is leaving your machine via client-side requests, end of story. You can use your judgement, but by fact, you can’t really tell anything. I wouldn’t trust Reddit, if you trust them good of your.