fascinating but strange server response!

19/03/2005, 17h54

Hi all,

Recently, I fetched a page from a server, its info is:

Server: Apache/1.3.33 (Unix) mod_fastcgi/2.4.2 PHP/4.3.10
mod_ssl/2.8.22 OpenSSL/0.9.7d
X-Powered-By: PHP/4.3.10

Within the HTML response I found numerous lines that had only
3 characters each, always 0..9 and a..f i.e. hexadecimal.

These were always inside of links.

Can someone tell me what these little buggers are all about?

Thanks.

20/03/2005, 06h11

On 19 Mar 2005 09:54:39 -0800,
"Yef" <e97y@yahoo.com> posted:

> Recently, I fetched a page from a server, its info is:
>
> Server: Apache/1.3.33 (Unix) mod_fastcgi/2.4.2 PHP/4.3.10
> mod_ssl/2.8.22 OpenSSL/0.9.7d
> X-Powered-By: PHP/4.3.10
>
> Within the HTML response I found numerous lines that had only
> 3 characters each, always 0..9 and a..f i.e. hexadecimal.
>
> These were always inside of links.
>
> Can someone tell me what these little buggers are all about?

Encoded characters. They might be trying to hide them from prying eyes, or
they could be characters that need encoding to be part of the URI (due to
the rules of what characters are allowed in them).

--
If you insist on e-mailing me, use the reply-to address (it's real but
temporary). But please reply to the group, like you're supposed to.

This message was sent without a virus, please delete some files yourself.

20/03/2005, 12h08

Tim wrote:

> > Can someone tell me what these little buggers are all about?
>
> Encoded characters. They might be trying to hide them from prying
eyes, or
> they could be characters that need encoding to be part of the URI
(due to
> the rules of what characters are allowed in them).

But I've found that the URL works when I remove these
'characters'. Which incidentally, 3 hex digits is the wrong
number for either 1 or 2 characters. Also note, in one case
I found that these 3 character were within the http:// expression.
Clearly these characters are supposed to be ignored.
But when did this become a standard that browsers adhere to?
It seems to be an attempt at preventing spidering.

20/03/2005, 19h28

"Yef" <e97y@yahoo.com> said:
>Recently, I fetched a page from a server, its info is:
....
>Within the HTML response I found numerous lines that had only
>3 characters each, always 0..9 and a..f i.e. hexadecimal.

It looks like you've seen "chunked content transfer encoding";
see RFC 2616, chapter 3.6.1.
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)

19/03/2005, 17h54	#1 (permalink)
Yef Messages: n/a Hébergeur:	fascinating but strange server response! Hi all, Recently, I fetched a page from a server, its info is: Server: Apache/1.3.33 (Unix) mod_fastcgi/2.4.2 PHP/4.3.10 mod_ssl/2.8.22 OpenSSL/0.9.7d X-Powered-By: PHP/4.3.10 Within the HTML response I found numerous lines that had only 3 characters each, always 0..9 and a..f i.e. hexadecimal. These were always inside of links. Can someone tell me what these little buggers are all about? Thanks.

20/03/2005, 06h11	#2 (permalink)
Tim Messages: n/a Hébergeur:	Re: fascinating but strange server response! On 19 Mar 2005 09:54:39 -0800, "Yef" <e97y@yahoo.com> posted: > Recently, I fetched a page from a server, its info is: > > Server: Apache/1.3.33 (Unix) mod_fastcgi/2.4.2 PHP/4.3.10 > mod_ssl/2.8.22 OpenSSL/0.9.7d > X-Powered-By: PHP/4.3.10 > > Within the HTML response I found numerous lines that had only > 3 characters each, always 0..9 and a..f i.e. hexadecimal. > > These were always inside of links. > > Can someone tell me what these little buggers are all about? Encoded characters. They might be trying to hide them from prying eyes, or they could be characters that need encoding to be part of the URI (due to the rules of what characters are allowed in them). -- If you insist on e-mailing me, use the reply-to address (it's real but temporary). But please reply to the group, like you're supposed to. This message was sent without a virus, please delete some files yourself.

20/03/2005, 12h08	#3 (permalink)
Yef Messages: n/a Hébergeur:	Re: fascinating but strange server response! Tim wrote: > > Can someone tell me what these little buggers are all about? > > Encoded characters. They might be trying to hide them from prying eyes, or > they could be characters that need encoding to be part of the URI (due to > the rules of what characters are allowed in them). But I've found that the URL works when I remove these 'characters'. Which incidentally, 3 hex digits is the wrong number for either 1 or 2 characters. Also note, in one case I found that these 3 character were within the http:// expression. Clearly these characters are supposed to be ignored. But when did this become a standard that browsers adhere to? It seems to be an attempt at preventing spidering.

20/03/2005, 19h28	#4 (permalink)
Juha Laiho Messages: n/a Hébergeur:	Re: fascinating but strange server response! "Yef" <e97y@yahoo.com> said: >Recently, I fetched a page from a server, its info is: .... >Within the HTML response I found numerous lines that had only >3 characters each, always 0..9 and a..f i.e. hexadecimal. It looks like you've seen "chunked content transfer encoding"; see RFC 2616, chapter 3.6.1. -- Wolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison)

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email