Details
-
Bug
-
Resolution: Fixed
-
Critical
-
8.4.4
-
Unknown
-
N/A
-
N/A
-
Description
When doing a Google search for https://www.google.com/search?q=xwiki+extension+script, the 7th result for me was the following URL on xwiki.org:
https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=
If you try to go to Export > Export as PDF, you land on:
https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=xpage%3Dpdfoptions%26qs%3D
If you try again, you land on:
https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=xpage%3Dpdfoptions%26qs%3Dxpage%253Dpdfoptions%2526qs%253D
...and so on (parameters keep getting added to the URL) until probably the GET request max size limit is reached.
In the past, I have noticed numerous such requests on pretty much all the pages of public XWiki instances and it was causing quite some amount of useless traffic and resource usage. Even the current robots.txt setup we have been using does not really take care of this, because it's an issue on the view action, which is generally considered desired to be exposed to web crawlers.
Of course, an admin could try to work around this an further expand their robots.txt to filter it out, but, IMO, we should fix this at a product level as well, since the loop is not really reasonable.