[Webkit-unassigned] [Bug 30303] <img src=""> requests main document resource unnecessarily
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 27 11:49:22 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=30303
--- Comment #13 from Nicholas C. Zakas <webkit at nczonline.net> 2009-11-27 11:49:22 PST ---
Absolutely. I can give a few problem scenarios.
The first is very easy. If you have one of these offending examples on the
page, it doubles your traffic (two triples your traffic, etc.). This isn't a
big deal for small sites, but for large sites that have millions of page views
per day, this becomes a serious capacity issue. Standard server-side filters
are well-equipped to deal with bots and DOS attacks, but not for this type of
traffic which, for all intents and purposes, comes across as normal traffic and
so is very hard to filter out.
The second problem is related to the first and has to do with measurement. Page
views are taken as one measurement of a site's traffic (together with unique
users). In reporting how popular a site is, companies report both page views
and unique users. Even if unique users remains the same and page views
increase, the site is said to be gaining popularity because each unique user is
coming back more frequently. If you have one of these patterns on your page,
you artificially inflate the page view number, which can really cause a lot of
trouble for companies from a reporting point of view.
The third problem is user state corruption. This happens because even though
the response is thrown away for <img src="">, the cookies that come along with
it are honored. I personally ran into this issue with a signed-out state of a
page. If we detected that the user is signed out, we'd put them through a setup
step, which alters the cookies via JavaScript. However, a <img src=""> ended up
injected into the page, which created another / request, which brought along
the default signed-out cookies. The user's changes were lost.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list