Twitter is the latest major website to go HTTPS, although its taking a somewhat different approach.
A member of Twitter’s development team published a thread on the Twitter Community forum late last night outlining the company’s plans for HTTPS.
While sites like Reddit and Wikipedia have recently gone HTTPS site-wide, Twitter will only utilizing HTTPS on new outbound links.
That means if you share a link on Twitter after October 1st it will be wrapped in: “https://t.co”. This allows Twitter to securely send visitors to the intended destination, even if the destination page is not an HTTPS link.
This will increase the length of URLs going forward — you will have one less character to work with when writing a tweet that contains a link.
Another issue this causes is tracking referral traffic to non-HTTPS sites. Twitter explains that non-HTTPS sites may notice an apparent decrease in referral numbers from Twitter.
“Web browsers drop the Referer header from a request by default when downgrading from an HTTPS t.co link to an HTTP destination in compliance with the HTTP specification for the Referer header… Based on our estimates you may see a 10% drop in traffic attribution from Twitter as a result of this security change.”
The company also cautions that amount of recorded referral traffic from Twitter will decrease even further over time, as people update to the latest browsers that support this referrer policy.