Google recognized the idea of disabling the display of path elements and query parameters in the address bar as unsuccessful and removed the code with the implementation of this feature from the Chrome codebase. Recall that a year ago, an experimental mode was added to Chrome, in which only the site domain remained visible, and the full URL can be seen only after clicking on the address bar.
This feature did not go beyond the scope of the experiment and was limited to test inclusions for a small percentage of users. An analysis of the tests performed showed that the assumptions about a possible increase in user security in case of hiding path elements are not justified, they only confuse and cause a negative reaction from users.
Initially, it was assumed that the change would protect users from phishing. Attackers take advantage of user inattention to create the appearance of opening another site and committing fraudulent activities, so leaving only the main domain visible would prevent users from being misled by manipulating URL parameters.
Google has been promoting ideas for changing the display of a URL in the address bar since 2018, motivating its actions by the fact that it is difficult for ordinary users to understand the URL, it is difficult to read it, and it is not immediately clear from it which parts of the address are trustworthy. Starting with Chrome 76, the address bar was switched by default to display links without "https://", "http://" and "www.", after which the developers expressed a desire to cut the informative part of the URL as well, but after a year of experiments they abandoned this intention.
According to Google, in the address bar, the user should clearly see which site he is interacting with and whether he can be trusted (a compromise with a more explicit selection of the domain and the display of query parameters in a lighter / smaller font was not considered). Also mentioned is the URL padding confusion when working with interactive web applications such as Gmail. During the initial discussion of the initiative, some users suggested that getting rid of the display of the full URL is beneficial for the promotion of AMP (Accelerated Mobile Pages) technology.
With AMP, pages are served indirectly, through Google's infrastructure, which results in a different domain (https://cdn.ampproject.org/c/s/example.com) being displayed in the address bar, often causing user confusion. Avoiding URL display will hide domain AMP Cache will create the illusion of a direct connection to the main site. Similar hiding is already being done in Chrome for AndroidHiding URLs can also be useful when distributing web applications using Signed HTTP Exchanges (SXG), a mechanism designed to host verified copies of web pages on other sites.
Source: opennet.ru
