
Facebook visits pages that you post in messages and stays for many seconds - antoineMoPa
http://dontcode.tumblr.com/post/147428686798/tldr-facebook-visits-pages-that-you-post-in
======
taneq
Um yeah, the moment you type/paste a link in a post, it loads a preview and
tries to pick a good representative picture of the page. As far as I can tell
the image is even mirrored on Facebook's CDN for faster loading. It's not like
they're subtle about it.

~~~
antoineMoPa
This is the part that happens before you send the message. The post is talking
about the automated browser that visits the link after you post it and waits
for 15 seconds with socket.io (thus javascript activated).

~~~
taneq
Oh. Something to do with trackbacks then, maybe?

------
lbrandy
> But why?

Go ahead and post a link in a message (I chose this one:
[http://imgur.com/gallery/wjANVCD](http://imgur.com/gallery/wjANVCD)). A
little visual preview will appear. Where do you think this comes from?

> And classify you as a good citizen for the NSA so that you don’t get killed
> in a drone attack

Or maybe that.

~~~
antoineMoPa
Why stay for so long though? Fetching an image is fast and using an automated
browser is a bit overkill. Maybe they wait for 15 seconds in case the server
is slow...

~~~
corecoder
JavaScript, webfonts, XHR... In my experience, if you don't wait most of the
times you get a blank page.

------
dack
I don't think this is a big deal. You're posting a message _on their site_.
It's reasonable for them to inspect the url.

------
powera
This is not secret, surprising, or newsworthy, and the implication that it's
for the NSA is pure conspiracy theory.

------
umhan35
I guess it stays for many seconds because it waits JavaScript to finish
executing to get an image preview. It's not uncommon that some sites needs
many seconds (or even longer) to load.

------
omarforgotpwd
Facebook probably sends an HTTP request to the link to get an image preview. I
doubt that any human or computer is actually "looking" at the link for 15
seconds, more likely they just messed with the concept of time on the preview
agent's Javascript interpreter so they can determine the layout of the "final
page" with all animations and JS completed.

------
awqrre
also, if you want a URL to stay private, don't email it to anyone using a
cloud email service (including yourself)...

------
killwhitey
Previous discussion:
[https://news.ycombinator.com/item?id=11875419](https://news.ycombinator.com/item?id=11875419)

~~~
powera
That seems different? Exposing (possibly private) URLs in messages via the API
seems like a bug (though int64s aren't really guessable when you have DoS
protection).

Just visiting the link shared is completely normal behavior.

