Blocking Mozilla / Google Prefetch


Mozilla browsers support a feature called link prefetching, which allows a web page to tell the browser to prefetch a url if it is idle. Google has been using this technique in their search results, telling Mozilla to start loading the first result. I also noticed that MXNA 2.0 is including 3 prefetch tags.

How to you tell the browser to prefetch a url?

By using the following code:

<link rel="prefetch" href="" />

How can I detect prefetching on my web site?

When mozilla does a prefetch, it sends a header X-moz: prefetch, you can then block based on that header. Google recommends sending a 404 back to block the prefetch.

How can I block prefetching?

Using mod_rewrite to send a 404:

RewriteEngine On
SetEnvIf X-moz prefetch HAS_X-moz 
RewriteCond %{ENV:HAS_X-moz} prefetch 
RewriteRule .* /prefetch-attempt [L]

This will redirect all prefetch-attempts to /prefetch-attempt as long as that file doesn't exist, the client will get a 404.

You could also block with a 503 Forbidden response:

RewriteEngine On
SetEnvIf X-moz prefetch HAS_X-moz
RewriteCond %{ENV:HAS_X-moz} prefetch 
RewriteRule .* [F,L]

In IIS using isapi rewrite:

RewriteCond X-moz: prefetch
RewriteRule .* /prefetch-attemtp [L]

Or with ColdFusion:

<cfset httpHeaders = GetHttpRequestData().headers>
<cfif StructKeyExists(httpHeaders, "X-moz") AND httpHeaders["X-moz"] IS "prefetch">
	<cfheader statuscode="404" statustext="Not Found">

How can I disable prefetching on mozilla browsers?

Add this line to your prefs.js file located in your Mozilla profile directory to disable prefetching in firefox and mozilla browsers.


Some interesting things about prefetch:

  • Query Strings are ignored - if you have a page with a query string it will not be prefetched.
  • HTTP only - https pages are not prefetched by firefox. ftp and other protocols are also ignored
  • Cross domain cookie problems - With prefetching enabled, you may end up with cookies and web pages in your web browser's cache from web sites that you did not click on since prefetching happens automatically when you view pages.
  • A good way to preload images - prefetching is a good way to preload images, instead of using javascript to do this because your browser can do it while it is idle.

Related Entries

7 people found this page useful, what do you think?


Trackback Address: 312/343C304E904B69DDF7818493EC2D2A6E


On 04/21/2005 at 3:42:07 PM UTC Joseph Yaroch wrote:
Using a mozilla blowswer, an easier way to disable prefetching is to type "about:config" in the address bar. This brings up a page of numerous preferences. Type "prefetch" in the filter, so that only settings that contain the string, prefetch, are shown. Then doulbe click on the prefence, and it will change from true to false.

On 04/21/2005 at 3:46:12 PM UTC Pete Freitag wrote:
Thanks Joseph,

That is a lot easier!

On 05/06/2005 at 12:23:09 PM UTC James Moberg wrote:
Your ColdFusion example only works with CFMX6 or 7... do you have a method that works with CF5?

On 05/06/2005 at 12:40:38 PM UTC Pete Freitag wrote:

GetHttpRequestData() should work in CF5, what isn't working?

On 05/06/2005 at 1:05:53 PM UTC James Moberg wrote:
It's the syntax. I used CFDump to figure it out and it should be written like this (without GetHttpRequestData().headers):

<cfset httpHeaders = GetHttpRequestData()> <cfif StructKeyExists(httpHeaders.headers, "X-moz") AND httpHeaders.headers["X-moz"] IS "prefetch"> <cfheader statuscode="404" statustext="Not Found"><cfabort> </cfif>

Thanks! Your article is the only one I found concerning how to block prefetching. This is going to become more of a problem now that Google's Web Accelerator has this enabled. For more info, go to:

On 05/09/2005 at 5:36:52 AM UTC John Seymore wrote:
Here's a related site

On 05/09/2005 at 3:55:18 PM UTC sophek wrote:
Where do you put to code? In the Application.cfm file?

<cfset httpHeaders = GetHttpRequestData().headers> <cfif StructKeyExists(httpHeaders, "X-moz") AND httpHeaders["X-moz"] IS "prefetch"> <cfheader statuscode="404" statustext="Not Found"> <cfabort> </cfif>

thanks Sophek

On 05/09/2005 at 4:01:43 PM UTC Sophek wrote:
You want this code to run before your page logic does, so yeah Application.cfm would probably be a good place to put it.

On 11/22/2005 at 12:22:39 AM UTC JA wrote:
ITYM 403 Forbidden, not 503 Forbidden.

503 is Service (temporarily) Unavailable.

On 06/19/2006 at 4:23:59 PM UTC ikki wrote:
I tried the mod rewrite and it does not work. I also do not see the X-moz or anything regarding prefetching in the apache logs.

RewriteEngine On SetEnvIf X-moz prefetch HAS_X-moz RewriteCond %{ENV:HAS_X-moz} prefetch RewriteRule .* /prefetch-attempt [L]

On 04/27/2007 at 9:50:04 AM UTC Mike S wrote:
The above apache changes did not work for me either. The correct apache change is:

SetEnvIfNoCase X-moz prefetch has_x-moz=true RewriteCond %{ENV:has_x-moz} true RewriteRule . . [F,L]

On 04/27/2007 at 9:51:19 AM UTC sleman wrote:
lines got joined together.

SetEnvIfNoCase X-moz prefetch has_x-moz=true

RewriteCond %{ENV:has_x-moz} true

RewriteRule . . [F,L]

On 07/31/2008 at 3:13:15 PM UTC uoaabb wrote:
I also found that the original apache version didn't work for me. Mike S's version (with correct line breaks) would probably work, but I designed a simpler version that avoids the intermediate step of setting an environment variable, namely:

RewriteEngine on

RewriteCond %{HTTP:X-moz} prefetch

RewriteRule . . [F,L]

While I verified that this works, I didn't use it in the end because I found that the small number of prefetch requests we're getting with the X-moz header are well-behaved and have negligible impact on our server.

Meanwhile, I found another class of prefetch requests with a serious negative impact. Some companies now have proxy servers that use a prefetch engine which is poorly behaved (e.g, they prefetch URLs that include query parameters), and they prefetch URLs at such a high rate that it overloaded our server. These prefetch requests don't include the X-moz header, but can be identified by the User Agent string "Mozilla/4.0 (compatible;)". To block these requests, I'm using the apache code:

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} compatible;\)$

RewriteRule . . [F,L]

On 12/05/2008 at 12:33:40 PM UTC davux wrote:
Actually, the "Cross domain cookie problems" part is not due to the prefetching, but to the allowing of third-party cookies. In the "Privacy" tab under Edit/Preferences, you can disallow third-party cookies.

On 09/24/2011 at 4:49:29 AM UTC Neespsypeceta wrote:
Howdy! Would you mind if I share your blog with my facebook group? There's a lot of folks that I think would really enjoy your content. Please let me know. Many thanks

On 02/07/2012 at 9:33:30 PM UTC suzanelyk wrote:
In my opinion it is obvious. I recommend to look for the answer to your question in

Post a Comment


Spell Checker by Foundeo

Recent Entries


did you hack my cf?