Hm, hiding the protocol and the host part in the address – what next, hiding the domain? However, the path is hidden already, what's left then?
Seriously speaking: If browsers are simplifying the URI scheme for the alleged benefit of users, how do we expect these users to know anything about addresses? Isn't this rather undermining security than enhancing it? Highlighting significant parts may be preferable to hiding those deemed insignificant. Moreover, regarding https, I personally prefer positive affirmation over lack of warning.
For me, this worked best for desktop browsers with the padlock icon (and, before this, the key icon) shown together with a display of link targets in a status bar as a separate, reserved area. (While allowing pages to overwrite `window.status` was certainly not a good idea.) A consistent display of the authority issuing the certificate of the current page in a status bar like this may be also nice. I'm not convinced that less but more opaque information is the way to go.
Dedicating 20 vertical pixels of virtual real estate to security relevant information may be worth it. It may be also easier to parse than an overloaded omnnibox/location/search/navigation/security/menu bar. Cutting down any information which is displayed too densely right from the beginning won't help the issue. How many bits of information are there in this "everything bar"? Yes, there's still a bit of grouping left, mainly by spacing, but color is mostly gone as a signal in order to make the information density bearable. So users will be applying quite an amount of selectivity when parsing this display, by this inevitably missing relevant information. (That this densely combined display is rather homogenous both for esthetics and acceptance just aggravates the need for selective parsing, which is likely to become a habit.) "We'll pre-filter this for you" isn't addressing the problem, it's rather "living with the outcome".
Edit: A legitimate reason for redacting the host name are extensive names, crafted to exceed the space available in the location display in order to deceive users regarding the identity of the host. Here, abbreviating by an ellipsis (compare text-overflow: ellipsis) in order to fully display the domain may be a way to go.
--
P.S.: What's the general lesson taught by such redactions by the browser vendor? That it is OK to ignore these things, as they are truly irrelevant? (Must be without significance, since Google told me so?)
> Hm, hiding the protocol and the host part in the address – what next, hiding the domain? However, the path is hidden already, what's left then?
You're right! Google and Cloudflare are already jointly destroying the meaning of URLs through their "AMP real URLs" specification which allows any AMP gateway to impersonate a host, guaranteeing authenticity of the content through public-key cryptography.
These changes to the fundamental bricks of the web are not without consequences. They are deliberate attacks on a free and neutral network of equal peers.
Apple did this a while ago. Safari only shows the domain and the lock icon, nothing else.
I get the discussion about Google changing the web to something that pleases their pockets over everything else, but I am not so sure whether that's the actual motivation in this case. Non-technical users can't do a lot with the rest of the URL anyway and even I as a technical user didn't mind Safari hiding the path and scheme up to now.
We are heading to AOL-type internet where you enter keyword in address bar and go to a single direction -- shopping, weather, search, stocks, email, etc.
I guess the direction is appification of the Internet. On your phone, you launch "Facebook" and "Instagram", not /mnt/apps/facebook.apk and /mnt/apps/instagram.apk. Likewise, on the internet, they want you to visit "Facebook.com", not "https://facebook.com/index.html".
> It may be also easier to parse than an overloaded omnnibox/location/search/navigation/security/menu bar.
I think the point is that Google doesn't want users to be able to parse this much information. Keep the people dumb, if you want to call it that way. Or uninformed, uneducated, whatever.
"Enter whatever you want to know or see in this field and we will do some magic so you get what you want".
That's where they want to go, no doubt about it as Google probably profits the most from technically-uneducated users of its services.
> Seriously speaking: If browsers are simplifying the URI scheme for the alleged benefit of users, how do we expect these users to know anything about addresses?
This has always driven me bonkers about the ProofPoint URL-obfuscation 'security'. My work started enforcing this recently, and it drives me crazy:
1. rather than training you to think more carefully about links in e-mails, it trains you to click blindly, because the software says it's safe;
2. it obscures the target of the URL, so that a URL that even a novice would recognise as fishy becomes a garbled string like any other—here's an example (but safe) mangled URL:
3. it filters outgoing links, meaning it assumes that the university employees, not just outside spammers, are hostile (but maybe this is a reasonable assumption?).
> What's the general lesson taught by such redactions by the browser vendor?
That it drives traffic to their search engine and increases their revenue. A lot of people always use a search engine to navigate to sites anyway, even if it's a site they've been to many times before and even if the URI is as simple as https://somecompany.com.
Gah. The metaphor of calling screen area "screen real estate" has always been a pet peeve of mine but this "20 vertical pixels of virtual real estate" has me simultaneously impressed and horrified. Why not just "20 vertical pixels"?
MOST PEOPLE dont undersand what is or isnt correct demarcation, and what order to read things in.
. / - _ (dot, slash, dash, underscore) all mean very specific things, and different things in different context (period specifically), and if you dont have their meanings memorized and what order to read things in, (right to left from the tld, pausing at each period, then left to right from the first slash, pausing at each slash) then URLs look like illegible nonsense.
> how do we expect these users to know anything about addresses
Here's an experiment: walk down any street in the US. Actually, scratch that, because there's a good chance that you live in SF or Seattle and your streets are filled with computer programmers.
Call a random number in a random area code. Ask them what the difference between HTTP and HTTPS is.
> Seriously speaking: If browsers are simplifying the URI scheme for the alleged benefit of users, how do we expect these users to know anything about addresses? Isn't this rather undermining security than enhancing it?
Users already don't know anything about addresses. Even security professionals botch the "look at some visual indicator of connection security" all the time (see SSLStrip). As a security feature the URL bar is almost entirely useless for the huge majority of users.
URL bars also don't really tell you where your content is coming from. Iframes don't have URL bars. All that javascript downloaded from somewhere when the page loaded doesn't have a URL bar. The web isn't made of uniquely identifiable documents anymore.
There was a plan by Google that makes sense and we should move forward to, it's a shift in mindset:
- current situation: http is normal, https with bad certificate is bad, https with good certificate is good
- future situation: http is bad, https with bad certificate is bad/acceptable, https with good certificate is normal
i.e instead of telling people to check for the padlock icon and the green name that should be everywhere, tell people to check for the red warning that indicates a problem. I think it's lifting the expectation to something more secure by default.
Also, training the user to treat the URL as text, so that you search for domains (type "amazon" instead of "amazon.com"), is better for them. The "URL" bar is for Chrome also a search bar (and every domain you enter is sent to Google "for search suggestions").
Yes, I also believe this is the primary reason Google is doing this. They want to hide urls with referrer tracking, AMP URLs, and other such things from the user.
For Google, there is no money to be made when people know how to enter URL in a browser's address bar. Money is on users searching for a company using a name each time they want to visit a company website. That way Google can bombard users with adverts. When they click on those adverts, Google get paid. Now companies will be forced to advertise using Google AdWords. So that they can appear on top of the search list. Otherwise Google will show ads of their competitors first.
Also there is terrible URL usability with google AMP pages. Google has every reason to do away with URLs as a user tool. I might be going off in the deep-end now, but if there are no URLs, why ever leave google.com at all? AMP is basically an early opt-in of rebranding the internet as google.com. Of course its all being done in the name of security, speed, and data-saving. Truly altruistic motivations.
So apparently Google rolled out an update where they 'm.domain.com' turn into 'domain.com' in the omnibox. In what world is this acceptable? How can they assume that 'm.' always means mobile and 'www.' is the same as the root domain for all hosts?
Let's assume that you have a blog platform offering subdomains for each user and 'm.blogplatform.com' is available. Now, any user can get that subdomain and impersonate the homepage because Emily from Chromium decided that eliding parts of the URL without any spec is a reasonable decision.
I'm not sure why everyone is so up in arms here. I don't see how this change is detrimental to the web or somehow good for Google. Hiding the "https://" seems like a perfectly fine idea as long as there's a clear way to distinguish between https and http pages. Safari's done this for a long time; https pages display a tiny padlock icon and http pages display a much more prominent "Not Secure — " prefix (i.e. the obvious display is when you're insecure, which is the right way to go about things).
Hiding "www" seems less meaningful. I'm not really sure what the motivation is there, beyond the fact that the "www" prefix is mostly just aesthetics. My best guess is they want the url to start with "google.com" instead of "www.google.com", except that's not helpful from a security standpoint at all and might be slightly detrimental, if it trains people that the very first word they encounter is the most important, as paypal.whatever.com is not in fact paypal. But a lot of domains already elide the "www" anyway.
Of course, in both cases I am assuming that putting focus on the URL bar will display the full URL.
> Of course, in both cases I am assuming that putting focus on the URL bar will display the full URL.
It won't. From the issue tracker: "The full URL is also revealed by clicking twice in the URL bar on desktop," in other words, merely focusing the URL bar won't be enough.
I think the main issue people have with this all is that we all f*cked up by making Chrome into the new IE6 by pushing it to a monopoly position and only now realizing that. So now we get angry at Google every time we are confronted by our mistakes, for instance when they push a change upon us that we are not especially thrilled about.
Also, we love change as long as we are the ones doing it. All other changes are bad.
I'm not sure either. URLs obviously aren't going anywhere, even if Google makes this UI change. Social media and email still exist. People aren't going to suddenly stop sharing links to news and blog posts. If Google Chrome really makes it too hard to copy the URL of the current page, then even my least technically literate friends will switch to another browser – they all send each other URLs all the time.
This part is puzzling though:
> The full URL is also revealed by clicking twice in the URL bar on desktop, and once on mobile.
Twice? I can't picture how that will work as a UI. What happens after the first click?
"Security sensitive context" are the key words here. On mobile devices, you get, what, 300 pixels across to show the URL? You want to show as much relevant info as you can, and if you can summarize "https://www." then you get more real estate for the domain name itself.
It seems reasonable to me. I get the hate for FAANG, but some people just lose their minds.
Its all fine until you have to explain to your loved ones how to read domains and the difference between an email link with random-server-name.paypal.com vs. www.paypal.random-name.com
If we remove meta data like this from everyday browsing maybe it will be harder for people to even grasp the idea of how domain names work?
> We've worked with other browser representatives to incorporate URL display guidance into the web URL standard (https://url.spec.whatwg.org/#url-rendering-simplification). The URL spec documents that browsers may simplify the URL by omitting irrelevant subdomains and schemes in security-sensitive surfaces like the omnibox.
Google is trying to make this obfuscation a standard.
I don't think it's deliberate undermining, I think it's more, "people complained that we were breaking standards, so we fixed it by changing the standard."
The Chrome team is almost incapable of reversing course on their decisions. Even when they get massive pushback and enough negative press to effectively force them to reverse course, it's only ever temporary.
"Widespread criticism over a decision? That just means people aren't ready yet, or they're too emotional to think clearly about our position. Give it a couple of months to a year, and they'll all have calmed down enough to realize we're right."
"People are complaining about breaking standards? It's not that our decision was wrong, people are just upset we didn't check all the right boxes and fill out all the right forms before we made it. It's not real criticism, it's just people being legalistic about the standards process. Fine, we'll play that game."
And then they wonder why people automatically assume the worst whenever Chrome devs propose something new.
Industry wants you to open apps and click buttons and links, and not worry about such things as bothering with what the URL may be, or gasp, even typing in or editing your own URL. That's too complicated and dangerous for 'normal' users apparently according to them.
Wondering how far they can take this. How long before we read that "Google will replace URLs with the Google search terms you can use to find the page you're viewing"
On Chrome for Android, the URL is not editable unless you press an edit button, which displays a text box. I imagine this is another step in that direction, and if you click "edit", the text box still shows the whole thing.
Compare with how email headers work in gmail. You don't see email addresses anymore by default, but there's a dropdown that shows them.
The omnibox never seemed like a crowded part of the interface, did they do any kind of user testing where they found people were confused or annoyed by this 'https://www' prefix? Or is this just one team's sense of aesthetic ?
People who don't understand URLs will use search to find sites. Obviously I've no clue why Google would be motivated to encourage that behaviour. Must be their sense of aesthetic.
You can disable this behaviour, and its all right there when you go to click on it. Presume you mean on mac btw, cos I using safari on ios and I can see the full address right in front of me. No protocol spec but a lock icon at least
Don't let it grate on you, just use Firefox. The only way you're going to influence their development direction from the outside is to choose a non-Chrome based alternative.
Hiding the scheme is a dangerous path, because users then have to depend on browser specific indicators of https, or other secure schemes.
I think it's a bad idea for that reason, and for another higher level reason. As a developer and sys admin before that I've always tried to assume my users are smart people and try to educate them about what they might not know, instead of assuming they are dumb and attempting to PICNIC-proof software/systems. I think hiding the scheme indicates an assumption that users are dumb and need to be told what to do. I've seen reporting on other indicators of this from Google over the last decade (e.g., Google Reader's sunset, Google+, working with China's censors, and others).
Why must we continue to insist on dumbing down our presentation of technology. Instead we must insist that users rise to the occasion.
We are all inextricably linked to technology and yet I wonder if the newest users even know what a file extension is; because we hide that by default for some reason now. How many people have been the victims of phishing because an alias is more prominently displayed than the actual domain which the email originated from?
I'm ready for a return to function over form. Do not hide information from me. If I suspect that your product development is driven by the lowest common denominator then I will look for alternatives.
http and https are distinct and as such cannot be hidden; you could replace them with icons (barf) or ports (unlikely).
www.site.com is a subdomain and is again distinct from site.com with the 'www.' omitted. Just because they tend to resolve to the same server does not mean that they must.
Let's just call PI 3 because those decimals are an eyesore.
About 15 years ago we, the techies, killed the IE6 super monopoly (they basically had 100% browser market share). We installed firefox on any device we could get our hands on.
[+] [-] masswerk|6 years ago|reply
Seriously speaking: If browsers are simplifying the URI scheme for the alleged benefit of users, how do we expect these users to know anything about addresses? Isn't this rather undermining security than enhancing it? Highlighting significant parts may be preferable to hiding those deemed insignificant. Moreover, regarding https, I personally prefer positive affirmation over lack of warning.
For me, this worked best for desktop browsers with the padlock icon (and, before this, the key icon) shown together with a display of link targets in a status bar as a separate, reserved area. (While allowing pages to overwrite `window.status` was certainly not a good idea.) A consistent display of the authority issuing the certificate of the current page in a status bar like this may be also nice. I'm not convinced that less but more opaque information is the way to go.
Dedicating 20 vertical pixels of virtual real estate to security relevant information may be worth it. It may be also easier to parse than an overloaded omnnibox/location/search/navigation/security/menu bar. Cutting down any information which is displayed too densely right from the beginning won't help the issue. How many bits of information are there in this "everything bar"? Yes, there's still a bit of grouping left, mainly by spacing, but color is mostly gone as a signal in order to make the information density bearable. So users will be applying quite an amount of selectivity when parsing this display, by this inevitably missing relevant information. (That this densely combined display is rather homogenous both for esthetics and acceptance just aggravates the need for selective parsing, which is likely to become a habit.) "We'll pre-filter this for you" isn't addressing the problem, it's rather "living with the outcome".
Edit: A legitimate reason for redacting the host name are extensive names, crafted to exceed the space available in the location display in order to deceive users regarding the identity of the host. Here, abbreviating by an ellipsis (compare text-overflow: ellipsis) in order to fully display the domain may be a way to go.
--
P.S.: What's the general lesson taught by such redactions by the browser vendor? That it is OK to ignore these things, as they are truly irrelevant? (Must be without significance, since Google told me so?)
[+] [-] southerntofu|6 years ago|reply
You're right! Google and Cloudflare are already jointly destroying the meaning of URLs through their "AMP real URLs" specification which allows any AMP gateway to impersonate a host, guaranteeing authenticity of the content through public-key cryptography.
https://blog.cloudflare.com/announcing-amp-real-url/
These changes to the fundamental bricks of the web are not without consequences. They are deliberate attacks on a free and neutral network of equal peers.
[+] [-] stephenr|6 years ago|reply
Well clearly Google expect people not to. They expect people to "Google" for whatever they want.
[+] [-] starbugs|6 years ago|reply
I get the discussion about Google changing the web to something that pleases their pockets over everything else, but I am not so sure whether that's the actual motivation in this case. Non-technical users can't do a lot with the rest of the URL anyway and even I as a technical user didn't mind Safari hiding the path and scheme up to now.
[+] [-] Dolores12|6 years ago|reply
[+] [-] skocznymroczny|6 years ago|reply
[+] [-] martin_a|6 years ago|reply
I think the point is that Google doesn't want users to be able to parse this much information. Keep the people dumb, if you want to call it that way. Or uninformed, uneducated, whatever.
"Enter whatever you want to know or see in this field and we will do some magic so you get what you want".
That's where they want to go, no doubt about it as Google probably profits the most from technically-uneducated users of its services.
[+] [-] JadeNB|6 years ago|reply
This has always driven me bonkers about the ProofPoint URL-obfuscation 'security'. My work started enforcing this recently, and it drives me crazy:
1. rather than training you to think more carefully about links in e-mails, it trains you to click blindly, because the software says it's safe;
2. it obscures the target of the URL, so that a URL that even a novice would recognise as fishy becomes a garbled string like any other—here's an example (but safe) mangled URL:
3. it filters outgoing links, meaning it assumes that the university employees, not just outside spammers, are hostile (but maybe this is a reasonable assumption?).[+] [-] clouddrover|6 years ago|reply
That it drives traffic to their search engine and increases their revenue. A lot of people always use a search engine to navigate to sites anyway, even if it's a site they've been to many times before and even if the URI is as simple as https://somecompany.com.
Personally, I always want to see the full URI.
[+] [-] clhodapp|6 years ago|reply
[+] [-] basch|6 years ago|reply
. / - _ (dot, slash, dash, underscore) all mean very specific things, and different things in different context (period specifically), and if you dont have their meanings memorized and what order to read things in, (right to left from the tld, pausing at each period, then left to right from the first slash, pausing at each slash) then URLs look like illegible nonsense.
[+] [-] asdfman123|6 years ago|reply
Here's an experiment: walk down any street in the US. Actually, scratch that, because there's a good chance that you live in SF or Seattle and your streets are filled with computer programmers.
Call a random number in a random area code. Ask them what the difference between HTTP and HTTPS is.
The users already don't know.
[+] [-] UncleMeat|6 years ago|reply
Users already don't know anything about addresses. Even security professionals botch the "look at some visual indicator of connection security" all the time (see SSLStrip). As a security feature the URL bar is almost entirely useless for the huge majority of users.
URL bars also don't really tell you where your content is coming from. Iframes don't have URL bars. All that javascript downloaded from somewhere when the page loaded doesn't have a URL bar. The web isn't made of uniquely identifiable documents anymore.
[+] [-] rakoo|6 years ago|reply
- current situation: http is normal, https with bad certificate is bad, https with good certificate is good
- future situation: http is bad, https with bad certificate is bad/acceptable, https with good certificate is normal
i.e instead of telling people to check for the padlock icon and the green name that should be everywhere, tell people to check for the red warning that indicates a problem. I think it's lifting the expectation to something more secure by default.
[+] [-] inimino|6 years ago|reply
That all you need is keywords and a good search engine. Platform companies hate URLs because they enable interoperability.
[+] [-] sam_goody|6 years ago|reply
I strongly suspect that this (and the eventual goal of making the whole web hosted by Google) is actually the rationale behind the decision.
Previous discussion: https://news.ycombinator.com/item?id=17927972
Also, training the user to treat the URL as text, so that you search for domains (type "amazon" instead of "amazon.com"), is better for them. The "URL" bar is for Chrome also a search bar (and every domain you enter is sent to Google "for search suggestions").
[+] [-] mtgx|6 years ago|reply
[+] [-] madiathomas|6 years ago|reply
[+] [-] move-on-by|6 years ago|reply
[+] [-] pyentropy|6 years ago|reply
Let's assume that you have a blog platform offering subdomains for each user and 'm.blogplatform.com' is available. Now, any user can get that subdomain and impersonate the homepage because Emily from Chromium decided that eliding parts of the URL without any spec is a reasonable decision.
[+] [-] eridius|6 years ago|reply
Hiding "www" seems less meaningful. I'm not really sure what the motivation is there, beyond the fact that the "www" prefix is mostly just aesthetics. My best guess is they want the url to start with "google.com" instead of "www.google.com", except that's not helpful from a security standpoint at all and might be slightly detrimental, if it trains people that the very first word they encounter is the most important, as paypal.whatever.com is not in fact paypal. But a lot of domains already elide the "www" anyway.
Of course, in both cases I am assuming that putting focus on the URL bar will display the full URL.
[+] [-] dao-|6 years ago|reply
It won't. From the issue tracker: "The full URL is also revealed by clicking twice in the URL bar on desktop," in other words, merely focusing the URL bar won't be enough.
[+] [-] davman|6 years ago|reply
http://www.manchester.gov.uk vs http://manchester.gov.uk
[+] [-] holstvoogd|6 years ago|reply
Also, we love change as long as we are the ones doing it. All other changes are bad.
We == developers
[+] [-] playpause|6 years ago|reply
This part is puzzling though:
> The full URL is also revealed by clicking twice in the URL bar on desktop, and once on mobile.
Twice? I can't picture how that will work as a UI. What happens after the first click?
[+] [-] ggggtez|6 years ago|reply
It seems reasonable to me. I get the hate for FAANG, but some people just lose their minds.
[+] [-] liveoneggs|6 years ago|reply
[+] [-] bassman9000|6 years ago|reply
tiny padlock
ok
[+] [-] on_and_off|6 years ago|reply
It is a change made by Google and it also dares try to simplify things for non tech savvy users so it has to be evil !
[+] [-] dazhbog|6 years ago|reply
If we remove meta data like this from everyday browsing maybe it will be harder for people to even grasp the idea of how domain names work?
[+] [-] driverdan|6 years ago|reply
> We've worked with other browser representatives to incorporate URL display guidance into the web URL standard (https://url.spec.whatwg.org/#url-rendering-simplification). The URL spec documents that browsers may simplify the URL by omitting irrelevant subdomains and schemes in security-sensitive surfaces like the omnibox.
Google is trying to make this obfuscation a standard.
[+] [-] danShumway|6 years ago|reply
The Chrome team is almost incapable of reversing course on their decisions. Even when they get massive pushback and enough negative press to effectively force them to reverse course, it's only ever temporary.
"Widespread criticism over a decision? That just means people aren't ready yet, or they're too emotional to think clearly about our position. Give it a couple of months to a year, and they'll all have calmed down enough to realize we're right."
"People are complaining about breaking standards? It's not that our decision was wrong, people are just upset we didn't check all the right boxes and fill out all the right forms before we made it. It's not real criticism, it's just people being legalistic about the standards process. Fine, we'll play that game."
And then they wonder why people automatically assume the worst whenever Chrome devs propose something new.
[+] [-] josteink|6 years ago|reply
Yes. It’s security sensitive. Any incorrect or misleading information placed here can trick a user proceeding with actions they otherwise would not.
So we should let the URL-bar present the unmangled URL and nothing else.
[+] [-] Santosh83|6 years ago|reply
[+] [-] supernes|6 years ago|reply
[+] [-] skybrian|6 years ago|reply
Compare with how email headers work in gmail. You don't see email addresses anymore by default, but there's a dropdown that shows them.
[+] [-] amanzi|6 years ago|reply
[+] [-] duskwuff|6 years ago|reply
https://www.zdnet.com/article/chrome-69-kills-off-www-in-url...
[+] [-] cloud_thrasher|6 years ago|reply
#omnibox-ui-hide-steady-state-url-scheme / #omnibox-ui-hide-steady-state-url-trivial-subdomains / #omnibox-ui-hide-steady-state-url-path-query-and-ref / #omnibox-ui-one-click-unelide
[+] [-] jazzyjackson|6 years ago|reply
[+] [-] bencollier49|6 years ago|reply
[+] [-] reilly3000|6 years ago|reply
[+] [-] rusk|6 years ago|reply
[+] [-] bencollier49|6 years ago|reply
[+] [-] clouddrover|6 years ago|reply
[+] [-] peterbraden|6 years ago|reply
Terrible decisions, the developers should be ashamed.
[+] [-] Communitivity|6 years ago|reply
I think it's a bad idea for that reason, and for another higher level reason. As a developer and sys admin before that I've always tried to assume my users are smart people and try to educate them about what they might not know, instead of assuming they are dumb and attempting to PICNIC-proof software/systems. I think hiding the scheme indicates an assumption that users are dumb and need to be told what to do. I've seen reporting on other indicators of this from Google over the last decade (e.g., Google Reader's sunset, Google+, working with China's censors, and others).
FYI, PICNIC = Problem In Chair Not In Computer
[+] [-] lunias|6 years ago|reply
We are all inextricably linked to technology and yet I wonder if the newest users even know what a file extension is; because we hide that by default for some reason now. How many people have been the victims of phishing because an alias is more prominently displayed than the actual domain which the email originated from?
I'm ready for a return to function over form. Do not hide information from me. If I suspect that your product development is driven by the lowest common denominator then I will look for alternatives.
http and https are distinct and as such cannot be hidden; you could replace them with icons (barf) or ports (unlikely).
www.site.com is a subdomain and is again distinct from site.com with the 'www.' omitted. Just because they tend to resolve to the same server does not mean that they must.
Let's just call PI 3 because those decimals are an eyesore.
[+] [-] julius|6 years ago|reply
Guess it is that time again.
[+] [-] Zekio|6 years ago|reply