At first I was in denial. There was a problem, but I figured it was me. But now I’m getting indications that it is not me. Since May 10, 2011, I’ve been using this script I wrote to make http://goo.gl shortened URLs from the command line and, importantly, from within Vim.

#!/bin/bash

[ -z "$1" ] &&  echo "usage: goodotgl <filename>" && exit

GOOGLAPIURL=https://www.googleapis.com/urlshortener/v1/url

PD=$(printf '{"longUrl": "%s"}' $1)

/usr/bin/wget -q -O- --post-data="$PD" \
    --header "Content-Type: application/json" \
    $GOOGLAPIURL |\
    sed -n 's/ "id": "\(.*\)",/\1/p'

I wasn’t the only person to do this. Here’s a modest collection of other similar techniques. I seem to have been happily using it on March 5, 2015 but by March 16 it seems to have stopped working. At first this wasn’t shocking since URLs that need to be cleaned up are also the kinds of monsters that could easily mess up a simple shell script’s quoting and escaping. But after a few failures, I looked closer and realized that the whole system is broken (to me).

Here’s one of the curl techniques failing.

$ curl -s -d'&url=http://xed.ch' http://goo.gl/api/url |\
sed -e 's/{"short_url":"//' -e 's/","added_to_history":false}/\n/'
{"error_message":"Invalid Captcha"}

Captcha? Going to http://goo.gl without being logged into Google’s ecosystem produces a (re)captcha in the form of a check box that affirms, and I quote, "I’m not a robot." If you wait too long, however, you’ll get a "Session expired. Please verify again." Since the captcha is so, well, easy, I imagine that Google was previously relying on their own analysis of who was a spambot and probably doing a pretty good job. My IP address asking for 5 or so anonymous URLs a month clearly was a true negative.

According to this "Method requires authorized requests." It looks like the "free" lunch is over. I’m disappointed, but not really surprised. I will no longer be using the services of goo.gl. But at least they have some feedback from me explaining why. Ahem.