[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: repeated requests for a file favicon.ico

Most browsers seems to request it when opening a page, because it is shown in the address bar. 

I have a little issue with the favicon file. My www root is password protected. But i also have a /public directory, which can be accessed by everyone. However, when someone opens a picture in his webbrowser by opening "www.mydomain.com/public/pictures/picture.jpg", he or she gets a login-dialog, because the browser tries to open "www.mydomain.com/favicon.ico", which is a restricted directory. Does anybody knows how to tell apache to simpy send a 404 (page not found) instead of requiring username/password? 
Offcourse, i can create a favicon.ico file and give the world read-access on that file, but there must be a easier way to do this?

regards, Jasper

-----Original Message-----
From: Steve Kemp [mailto:steve@steve.org.uk]On Behalf Of Steve Kemp
Sent: woensdag 6 oktober 2004 11:12
To: Emil Perhinschi
Cc: debian-security@lists.debian.org
Subject: Re: repeated requests for a file favicon.ico

On Wed, Oct 06, 2004 at 11:37:24AM +0300, Emil Perhinschi wrote:

> Sorry to bother, but is this an attack? I get repeated requests for a 
> file "favicon.ico" that should have been, or so the client connecting 
> believes, in the root of my htdocs. The conections come from different 
> hosts, and at least in some it seems to be running Konqueror, so it is 
> not a Windows worm:  "GET / HTTP/1.1" 200 1004 "-" "Mozilla/5.0 
> (compatible; Konqueror/2.2.2; Linux)".

  No it's not an attack.

  It used to be an Internet Explorer browser feature that when a user
 bookmarked a page upon your site it would request the /favicon.ico
 to display next to the bookmark.

  Now other browsers do it too.  If you go to a website such as
 slashdot.org and see a small icon in the address bar - this is the
 favicon.ico file being displayed.

  I'm not too sure how the browser asks for it, on first page load or
 only when bookmarked, but it's a fairly common feature now.  Galleon,
 Konqueror, Mozilla, Firefox, and Internet Explorer will all do it.

> it's a little bit offtopic, but I found nothing about it on cert.org ...

  I suspect google.com would be more helpful ...


To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: