content
Fri, 04 Jul 2003
GET first, ask questions later
In one of my occasional pokes through this site's log files I noticed lines like this:
127.0.0.1 - - [04/Jul/2003:08:07:47 +0100] "GET /_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0 HTTP/1.1" 404 520 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.1.8.0)"
127.0.0.1 - - [04/Jul/2003:08:07:47 +0100] "GET /MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=3124&STRMVER=4&CAPREQ=0 HTTP/1.1" 404 525 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.1.8.0)"
Oh, I thought, that looks like you're typical random script kiddie probe from some IIS exploit. But then immediately after is a request for a page on my site from the same IP address, which is odd. So, off to google we go and come up with an answer. Ah, it's a Microsoft Office feature.
If I understand it this means that everyone who has activated the discussion bar, which is at least off by default, in IE will now be sending requests to every website they visit on the off chance it has some form of Microsoft discussion software on it. This sort of thing really irritates me. There's a perfectly good HTML tag to allow this sort of thing. It's the link
tag. Surely it'd be better to specify some sort of use of the link tag to indicate the presence of the software and save on the 2 redundant requests per server? Or advertise in the HTTP headers that the service is available.
It's just seems like a really lazy solution to the problem.
posted at: 08:57 #