When I save to draft, it will generate a link like https://example.com/d/asdf123456gh
. Why is this viewable?
I think this should be controllable, the user can choose if it’s viewable or not.
When I save to draft, it will generate a link like https://example.com/d/asdf123456gh
. Why is this viewable?
I think this should be controllable, the user can choose if it’s viewable or not.
Hi @misaka00251! Great question. The draft workflow for Write.as/WriteFreely is a bit different than for other platforms.
The draft is an unguessable link, so it is private by default. You are free to share the link or move it to your blog when it’s ready. Otherwise the draft will remain hidden. You are in control with whether it is viewable or not.
It does take some getting used to though. This resource along with this forum post helped clarify things for me. Hope that helps!
I do have a question, though, out of sheer coding ignorance: are these “secret” URLs technically discoverable through a brute force of generating strings using whatever method Write.as uses to generate the strings, or are the potential combinations of characters so enormous that it would be a fluke to find one that way?
But in theory those are ones that were linked from somewhere.
Technically yes, if someone generates random strings of the correct length and characters to match post IDs they could try each one and record what links return a status 200
.
But they would not know who wrote it, as it would not appear in any way associated with the writers account until published.
This is the same as Medium for example, at least if I remember correctly, the ‘private’ link is just a random string.
I had a link to an external site in one of my drafts and, of course, checked it by clicking it. Which, in turn, generates a hit on the external site, referrer and all. And that is how the external site found the draft.
Maybe that solves the riddle of incoming traffic?