Recently I've had a bunch of visits from browsers/bots that fake funky referer
headers. The complete referer string look like this (original domain changed):
<A href="http://www.example.com">www.example.com</A>
Problem is that this breaks the HTML on the Paths view of slimstat, where the
referer is printed for this particular visit:
<a href="<A href="http://www.example.com">www.example.com</A>" class="external"
rel="nofollow" title="<A
href="http://www.example.com">www.example.com</A>">→</a>
This sort of referer is of course invalid according to RFC 2616. I personally
try to block such requests altogether, but sometimes they get through. Maybe
slimstat should check for a valid referer string before storing it?
Thanks!
Original issue reported on code.google.com by solaris....@gmail.com on 30 Nov 2010 at 5:00
Original issue reported on code.google.com by
solaris....@gmail.com
on 30 Nov 2010 at 5:00