[simonh]

As has been pointed out below, iMessages are end-to-end encrypted so Apple has no way to read the URL to proxy it.

[spullara]

You could still have the client use Apple as a proxy. This would reduce the privacy of the message but only the URL and only exposing it to specific service at Apple. If it is a SOCKS proxy, you could reduce the exposure to just the IP address and some amount of leakage to whatever DNS server the phone is using.

[jonknee]

Why not have the sender do that work so Apple can just stay out of it?

[spullara]

The sender could be a dumb SMS client. I'd be happy to just turn off previews entirely.

[mhurron]

Which is the right way to do it and exactly how ever email client does. Do you want to see previews? Have the device make the request. Do you not want to see previews? The device shouldn't make those requests.

[simonh]

I think the idea then would be you'd only ever show embedded previews, so URLs from dumb SMS senders just wouldn't have a preview.

[jonknee]

OK, so just limit it to iMessage users like a lot of other iMessage features.

[blixt]

The client can still ask the Apple server for the metadata, since Apple already knows your IP from the push notification channel anyway. Ideally Apple would ensure that this lookup is not logged or stored in any way so there's no repository of the links people have sent to you anywhere.

[mashlol]

The client could send the request to Apple though, and pass the URL through that way, instead of requesting the actual URL. There's a trade-off there though that Apple gets to see all the links being sent over iMessage.

[simonh]

> There's a trade-off there though that Apple gets to see all the links being sent over iMessage.

Exactly, this is what all the other replies saying 'just proxy the client URL call through Apple' are missing. It's not just that the iMessage was encrypted. There's also _why_ it is encrypted in the first place.