disable "search from the address bar"

[Tectract]

This is one of the absolute biggest bugs ever introduced into Chrome.

PLEASE, let us turn OFF "search from the address bar".

This is such a major privacy issue, it boggles the mind that I even have to point it out.

[hubitor]

I'm trying to find this setting. I use Brave primarily for my LAN addresses and when I try some things out Brave starts a search. This is very annoying. Is there really no way to disable it?

[rebron]

@hubitor @Tectract I think this is the setting you're looking for. brave://settings/appearance

We don't do search suggestion by default and the search engine would actually need to have that capability. Folks will need to turn that on here: brave://settings/privacy

Closing.

[Tectract]

Please reopen this.

Autocomplete and search are two TOTALLY DIFFERENT THINGS.

Autocomplete does not leak whatever you may type in there out to search companies. Search from the address bar DOES.

Search from the address bar also PREVENTS many web-design tasks.

This is STILL A HUGE PRIVACY LEAK BUG IN CHROME. THIS TICKET SHOULD BE RE-OPENED UNTIL IT IS RESOLVED.

[Tectract]

PLEASE GIVE US THE OPTION FOR "NO NOT SEARCH FROM THE ADDRESS BAR", as a standalone option, for our own data security and privacy. Please listen to your users.

[rebron]

@Tectract What data are we leaking to search engines? Search suggestions are off by default, you have to choose to turn that on, and text don't go to a search engine until you hit enter or use the drop down menu to perform a search. There's likely an extension for this.

We're listening to you very attentively and all of our users, that's how these settings got implemented: https://github.com/brave/brave-browser/issues/8572#issuecomment-597354146

[hubitor]

@rebron: indeed, it got better by deactivating the setting "Show autocomplete in address bar" but I think @Tectract is right. If I mistype something in the address bar, Brave still initiates a search. Sometimes I even enter accidentally a password in the address bar and practically searching the Web for it.

In Vivaldi, which AFAIK is also based on Chromium, I can deactivate the search in the address bar here: in Settings > Display All > Search Options > Search in Address Field.

[astrometrics]

Hi I also agree that's a leak: frequently sending internal addresses to search engines because reasons; also kind of irrational, having a search in the address text field, kind of a trap. In firefox there's a separate search field etc. What about just having a way to use keyboard shortcuts assigned to bookmarks and allow not to search in the address field?

[acli]

Yes, this is very important. Search and entering a URL are completely different things and they should never have been merged in the first place.

BTW, @astrometrics Firefox supports a “search bar” but turning on the “search bar” does not actually disable search in the address bar; you’ll have to use a hidden setting to disable it and they seem to have broken this in recent nightlies. I had mentioned this (the need for the address bar to not search) in Bugzilla but their stance seems to be “we don’t care”

[Tectract]

This is not a minor little "death by a thousand cuts" issue. It's a critical core security flaw in the design of all browsers, which was intentionally introduced against the will of the users. PLEASE FIX IT!

[astrometrics]

Yes, this is very important. Search and entering a URL are completely different things and they should never have been merged in the first place.

BTW, @astrometrics Firefox supports a “search bar” but turning on the “search bar” does not actually disable search in the address bar; you’ll have to use a hidden setting to disable it and they seem to have broken this in recent nightlies. I had mentioned this (the need for the address bar to not search) in Bugzilla but their stance seems to be “we don’t care”

@acli yes I also agree that searching in Firefox when the setting for sepparate search field is set should be done only in the search text box, never in the address bar (by design). The internet, browsers, messengers, etc are becoming a multilayer intersect machine for what you search, say or open... hummm... why would that be? someone wants to know what your doing... @Tectract completely agree.

I've been seeing a lot of "FLOSS" projects ignoring or "ignoring" obvious privacy/security flaws... When you try to talk to them about it they don't understand why you're wasting their time or claim they're no security experts when it's just obvious...

[GeordanKrahn]

trying to change my setting by typing Brave://settings/ just goes straight to a google search. This is clearly not intended, this happens constantly for me, and this here was the last straw. May as well use Chrome, there is seemingly no difference in functionality at this point. RAISE YOUR PRIORITY LEVEL FOR THIS! FIX IT! ASAP!

[Tectract]

This is one of those issues where the developers implemented a feature that nobody was asking for, and many many users cried out in protest against, and the voices of the users was silenced in favor of devs who "know better" what the user really wants, even at the sake of the user's privacy, and directly against the screaming objection of the users.

Why isn't enough that many of us don't want the URL bar to be a search bar? Why isn't a user request for more privacy, and to unroll an unwanted "feature" bug enough for the devs to accept this as a real issue ticket that they should act on? Why do I have to justify that it's a serious privacy issue to be a bug? Why isn't enough that a lot of us say "we just don't want URL bar to be a search bar"???

[Tectract]

Looking at this again, it's not even a feature that was implemented against the will of the users. It was a feature ("do not search from the URL bar") that was REMOVED, to IMPLEMENT a bug. Theoretically the Brave devs should be able to just dig up the older Chrome code from before this BUG was implemented, and REVERT it.

I think a LOT of the bugs in Brave could be fixed by REVERTING to older Chrome code. For example, URL bar selection is now "mac style" wherease before it was "linux style", meaning caret selection would first happen in between characters, and then whole words on a double-click, and then finally the whole URL would be selected on a triple-click. Now it is in reversed order due to "mac" convention being implemented, which is a BUG to all linux users. There was literally a TEN YEAR FLAME WAR over this issue in the old Chrome forums. The linux users still want that BUG reverted, also.

[Tectract]

You know what else Chrome needs back? the "File Edit View History Bookmarks Tools Help" menu bar at the top. Removing this breaks linux convention. The Chrome devs implemented a lot of BUGS to make Chrome more "mac-like". Not only did they remove the menu bar but they went out of their way to make sure you couldn't add it back! We want Brave developers' help, to revert those bugs. Mac was not as good as they though, in fact their user interface style requires more clicks and mouse movements, to use, that's one major reason why we used linux. The "three lines pancake" thing is BAD user interface design because it requires more mouse movements and clicking than the old menu bar. So... fix that too please.

edit: made a new issue for this request

[GeordanKrahn]

To be fair, this really is not a bit issue on Desktop. It is only an issue for me on mobile. Despite that I still feel the feature is unnecessary and should have an option to disable. The Brave Team does good work either way.

[acli]

Nah, it is a pretty desktop-specific issue, not mobile. Mobile has different issues, I’m not sure this is one of them. (I can totally see why this can be good on mobile, but on desktop, no, no thanks, I don’t even know how many times I typed an exact URL but Brave gave me DuckDuckGo instead. The URL bar must not perform search.)

I don’t think getting rid of File Edit View History etc makes Chrome “more Mac like”. To be fair, it’s the Mac that first brought us this convention. Google isn’t trying to make anything Mac-like (just look at how bad Google Docs has become), they’re trying to make everything phone-like, without bothering to make their click targets phone friendly.

In design we have a word for devs (or more generally, any kind of designer) ignoring users and forcing their ideas on us; it’s called “genius design”.

[Chris56]

Still not implemented???? It is such an enormous leak!!!

[viksolem]

This is a data leakage issue. When I am typing a URL for a site that is internal to my company I do not want that URL to be shared with a search engine; however, since the URL field is both search and URL field, if the browser (not me - the browser) decides that the URL doesn't look quite right it instantly hands my private, internal-only data to a search engine. This (1) leaks my data in a way that I do not desire and (2) causes a delay for me trying to get to an internal URL.

This can be corrected by allowing for a switch which disables search from the URL field.

While I would like to have a separate field for entering search queries, that is just a shortcut for going to a desired search engine and requesting a search. I'd prefer to have the URL field be just a URL field (using a setting that I would change during configuration) and lose the ability for instant search - rather than have Brave leak my information and slow me down.

How hard would it be to allow for that one setting? It improves security by lowering the risk of exposing private data. I would think that would be aligned with the fundamental point of Brave as a browser.

Any thoughts to the contrary?

[joespr]

Dear fellow annoyed people:

I totally agree that not disabling search from address bar is a security leak. And that automatically searching from the addess bar should be able to be disabled.

HOWEVER, let's not discount our own ingenuity in solving this problem, since it seems Brave is ignoring it.

Here's what I did to disable searching from address bar. You can do it too.

I put in a fake search engine, and removed/deleted all others. Voila! All searching from address bar now is redirected a local blank file. for example: file://files/blank.html?q=%s

Of course I get a "This site can’t be reached" message. The great thing is that nothing is drected out to the internet. Except if I put in a real URL which works just fine.

You're welcome.

[Tectract]

The problem with this solution is that it disables "search for" functionality within pages, which is also a critically important feature. So it's a workaround, but with significant breakage.

[joespr]

@Tectract You are right. I didnt realize it. Hmmm, back to the drawing board.

[viksolem]

Hello @joespr and other fellow annoyed people.

I found that I can work around this bit of missing (removed) functionality, by taking the search engine @joespr suggested, "file://files/blank.html?q=%s", and instead specifying it as "https://%s/"

Then I set that as the default search engine.

This works for my purposes, because most of the time I am entering a host name or an IP address into the URL field. (I know. Call me crazy. I am entering a location into a field that has until recently taken a location as a value.)

This can leak a DNS lookup, but it doesn't send my internal (occasionally mis-typed) hostnames off to a search engine.

Hope that helps.

-Vik

[lycnt]

This is an issue that causes me many headaches with Brave, I often operate on a local domain for many things and besides the fact that this leaks internal data the other issues is that it sometimes hijacks my local domain addresses and sends them to a search engine. This is even worse when doing web development on my local network/domain/machine I'm constantly getting sent to the search engine instead of what I am working on.

I actually like having search built into the browser, but it cannot be in the address bar, there needs to be at least an OPTION for a separate search field. Also I love auto completion from my bookmarks and history, and I disable the other options, but the way Brave has this set up it often results in searches instead of autocomplete.

Most other browsers solve this issue by having the option to add a separate search field next to the address bar. The lack of this feature is the number one reason I often end up using other browsers instead of Brave.

[Chris56]

I am still waiting ... terrible privacy leak. Keeps me from using brave!!!

[thefirstinformaticsdoc]

I am attempting to get to my modem configuration page (192.168.01) but i keep getting routed to search results with thousands of bogus pages that claim to be my router admin page. There should be a way to disable this "search from browser address bar" functionality.. I can't find a browser without this feature. Please advise

[ghost]

How is this actually still not fixed.

[sangwoo108]

I'm curious what would be expected behavior if the setting existed and were disabled. Should it do nothing when hitting enter with search query?

[Chris56]

Either the same as firefox does or asking what to do, like shall I query the default serach engine or interpret it as a url?

[Tectract]

It should do what it used to do, which is take you to an error screen saying that it is not a valid URL. Or at least you should have the OPTION for it to do that. Some people don't care, maybe even most. But those of us that care about data privacy do care, and maybe we should be protecting those that don't understand the security implications of this issue.

[Chris56]

"It should do what it used to do, which is take you to an error screen": this is almost what firefox does. However, firefox is in this respect no nuisance: If I type site.intranet.intra (an internal existing site, but typed without trailing slash), firefox takes me there, whereas Brave sends this to whichever chosen search engine and thus leaks the information. Absolutely awful!!

[AnonymousRonin]

You guys haven't figured this out yet, I thought this was old news. How do you think brave generates revenue? But aggregating the search results from the urlbar search. It can't be done using the search box that everyone is used to. That's why mispelling doesn't matter. Brave is still collecting and selling data, always have. They just assumed we would all get used to doing searches from that tiny little search box. They would have to fundamentally change their business model of lying to customers and not being open sourced despite claiming to be in order to enable that feature. Brave is only as private as it can be configured to be. Librewolf, Floorp, headless Chromium can all be configured to be far more private. In fact librewolf and Floorp are out of the box. If you like brave check out Floorp. It's packed with features like brave but it completely able to be configured by the user.

[AnonymousRonin]

By the way. In firefox (and all derivatives) if you go to about:config and start to type the word "awesome" it brings up a setting about the "awesome bar", change it from true to false and you're done. No more search from urlbar unless you choose to do so.

[seticzech]

I can't even add NULL search engine anymore, this is just joke. Brave and security/privacy? Only way is to delete all search engines and make fake DNS record (or hosts record) for the last one, which can't be deleted because it's "default". Maybe switch to Vivaldi is not the worst idea.