Twitter announced in their developer forums that they plan to move their URL shortener t.co to HTTPS. Twitter is making the change to ensure the links are delivered securely to their users. It was an unsecure loophole that Twitter itself was HTTPS, but even if a link was clicked on that had a destination of HTTPS as well, the hop through the t.co URL shortener rendered it an unsecure connection between Twitter itself and the HTTPS destination.
This is good news for everyone, even though there is a good chance the destination URL will end up being unsecure. But it means that those using t.co links will have a secure connection when the destination is a HTTPS URL as well.
For every URL posted on the Twitter platform, Twitter runs all of them through their t.co URL shortener, even URLs that are already shortened using another service.
There is a major downside for marketers though. If your site is non-HTTPS, it will seem as though you will have a drop in Twitter referral traffic by an estimated 10% due to t.co going secure. If you want to keep your Twitter referrals accurate, the likely only available solution will be to switch your site to HTTPS as well, although you can always use Twitter’s own Analytics service to track referrals.
Non-HTTPS sites may notice what appear to be lower referral numbers from Twitter as a result of the change. Web browsers drop the Referer header from a request by default when downgrading from an HTTPS t.co link to an HTTP destination in compliance with the HTTP specification for the Referer header. Twitter will use referrer policy12 to keep the t.co Referer for browsers supporting referrer policy8. Based on our estimates you may see a 10% drop in traffic attribution from Twitter as a result of this security change, decreasing over time as users update their browsers to the latest versions supporting referrer policy.
Yet another downside is that it means if you post a link in your tweet, you will lose another one of those valuable 140 characters due to the added “s”. While this isn’t the end of the world, if you have many pre-scheduled or repeatable tweets that are exactly 140 characters with a URL, those will no longer get posted successfully unless you change the tweet to get it 140 characters or less.
Twitter plans to change t.co links to HTTPS on October 1, 2015.
Jennifer Slegg
Latest posts by Jennifer Slegg (see all)
- Rethinking Affiliate Sites With Google’s Product Review Update - April 23, 2021
- New Google Quality Rater Guidelines, Update Adds Emphasis on Needs Met - October 16, 2020
- Google Updates Experiment Statistics for Quality Raters - October 6, 2020
- Analyzing “How Google Search Works” Changes from Google - July 8, 2020
- Google Quality Rater Guidelines Update: New Introduction, Rater Bias & Political Affiliations - December 6, 2019