Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-16915

Infinite URL parameters loop in PDF Export options template triggered by Web Crawlers

    XMLWordPrintable

Details

    • Unknown
    • N/A
    • N/A

    Description

      When doing a Google search for https://www.google.com/search?q=xwiki+extension+script, the 7th result for me was the following URL on xwiki.org:
      https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=
      If you try to go to Export > Export as PDF, you land on:
      https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=xpage%3Dpdfoptions%26qs%3D
      If you try again, you land on:
      https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension%20Script%20Module?xpage=pdfoptions&qs=xpage%3Dpdfoptions%26qs%3Dxpage%253Dpdfoptions%2526qs%253D
      ...and so on (parameters keep getting added to the URL) until probably the GET request max size limit is reached.

      In the past, I have noticed numerous such requests on pretty much all the pages of public XWiki instances and it was causing quite some amount of useless traffic and resource usage. Even the current robots.txt setup we have been using does not really take care of this, because it's an issue on the view action, which is generally considered desired to be exposed to web crawlers.

      Of course, an admin could try to work around this an further expand their robots.txt to filter it out, but, IMO, we should fix this at a product level as well, since the loop is not really reasonable.

      Attachments

        Activity

          People

            surli Simon Urli
            enygma Eduard Moraru
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: