Wednesday, November 21

Why would a browser do this?

First of all, tell me what's wrong with this picture, then explain to my why a browser would do this?

[21/Nov/2007:16:36:05 --0500] "GET http://esler.is-a-geek.net/labels/Microsoft.html HTTP/1.1" 406 340 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon)" - "-"

Maxthon is the name of the browser.

8 comments:

ibneko said...

::wanders in via feedburner::

406 error? Interesting... "The resource identified by the request is only capable of generating response entities which have content characteristics not acceptable according to the accept headers sent in the request."

Not... too sure why a browser would cause that though. By not accepting enough... types of data? Alas, I'm ignorant.

ibneko said...

::wanders in via feedburner::406 error? Interesting... "The resource identified by the request is only capable of generating response entities which have content characteristics not acceptable according to the accept headers sent in the request."Not... too sure why a browser would cause that though. By not accepting enough... types of data? Alas, I'm ignorant.

Joel Esler said...

Let me explain the 406. mod_security threw the 406 back at the requester because the request isn't valid.

It has to do with the actual request itself, not the error code.

Joel Esler said...

Let me explain the 406. mod_security threw the 406 back at the requester because the request isn't valid.It has to do with the actual request itself, not the error code.

Tyler Reguly said...

I can think of a couple of options here...

Both involving proxies

Either someone testing your server to see if it was operating as a proxy... In which case the request you saw is completely valid. As a proxy request takes the form of 'GET http://host/page HTTP/1.1', Maxthon does handle plugins... it could be a plugin for testing sites visited

It could also be that someone changed their anonymous proxy for the day and setup a transparent proxy in their proxy server... Maxthon may not handle transparent proxies and may have tried to treat it as a regular proxy. The transparent proxy would have forwarded based on the host: field, leaving the request intact...

Joel Esler said...

I think Tyler is on it!

Tyler Reguly said...

I can think of a couple of options here... Both involving proxiesEither someone testing your server to see if it was operating as a proxy... In which case the request you saw is completely valid. As a proxy request takes the form of 'GET http://host/page HTTP/1.1', Maxthon does handle plugins... it could be a plugin for testing sites visitedIt could also be that someone changed their anonymous proxy for the day and setup a transparent proxy in their proxy server... Maxthon may not handle transparent proxies and may have tried to treat it as a regular proxy. The transparent proxy would have forwarded based on the host: field, leaving the request intact...

Joel Esler said...

I think Tyler is on it!