pf » Blocking Mozilla / Google Prefetch
Blocking Mozilla / Google Prefetch
Mozilla browsers support a feature called link prefetching, which allows a web page to tell the browser to prefetch a url if it is idle. Google has been using this technique in their search results, telling Mozilla to start loading the first result. I also noticed that MXNA 2.0 is including 3 prefetch tags.
How to you tell the browser to prefetch a url?
By using the following code:
<link rel="prefetch" href="http://url.to.prefetch/" />
How can I detect prefetching on my web site?
When mozilla does a prefetch, it sends a header X-moz: prefetch, you can then block based on that header. Google recommends sending a 404 back to block the prefetch.
How can I block prefetching?
Using mod_rewrite to send a 404:
RewriteEngine On
SetEnvIf X-moz prefetch HAS_X-moz
RewriteCond %{ENV:HAS_X-moz} prefetch
RewriteRule .* /prefetch-attempt [L]
This will redirect all prefetch-attempts to /prefetch-attempt as long as that file doesn't exist, the client will get a 404.
You could also block with a 503 Forbidden response:
RewriteEngine On
SetEnvIf X-moz prefetch HAS_X-moz
RewriteCond %{ENV:HAS_X-moz} prefetch
RewriteRule .* [F,L]
In IIS using isapi rewrite:
RewriteCond X-moz: prefetch RewriteRule .* /prefetch-attemtp [L]
Or with ColdFusion:
<cfset httpHeaders = GetHttpRequestData().headers> <cfif StructKeyExists(httpHeaders, "X-moz") AND httpHeaders["X-moz"] IS "prefetch"> <cfheader statuscode="404" statustext="Not Found"> <cfabort> </cfif>
How can I disable prefetching on mozilla browsers?
Add this line to your prefs.js file located in your Mozilla profile directory to disable prefetching in firefox and mozilla browsers.
user_pref("network.prefetch-next",false);
Some interesting things about prefetch:
- Query Strings are ignored - if you have a page with a query string it will not be prefetched.
- HTTP only - https pages are not prefetched by firefox. ftp and other protocols are also ignored
- Cross domain cookie problems - With prefetching enabled, you may end up with cookies and web pages in your web browser's cache from web sites that you did not click on since prefetching happens automatically when you view pages.
- A good way to preload images - prefetching is a good way to preload images, instead of using javascript to do this because your browser can do it while it is idle.
add to del.icio.usRelated Entries
- Geolocation API for Adobe AIR? - October 8, 2008
- Uploading Files Like GMail Attachments - October 6, 2006
- Watch out for Autocomplete - June 7, 2006
- FireFox 1.5.0.1 - February 13, 2006
- Cheat Sheet Roundup - Over 30 Cheatsheets for developers - September 1, 2005
- Affiliate Cookie Setting with X-moz Prefetch SEO Blog - Search Engine Optimization Blog
That is a lot easier!
GetHttpRequestData() should work in CF5, what isn't working?
<cfset httpHeaders = GetHttpRequestData()> <cfif StructKeyExists(httpHeaders.headers, "X-moz") AND httpHeaders.headers["X-moz"] IS "prefetch"> <cfheader statuscode="404" statustext="Not Found"><cfabort> </cfif>
Thanks! Your article is the only one I found concerning how to block prefetching. This is going to become more of a problem now that Google's Web Accelerator has this enabled. For more info, go to: http://37signals.com/svn/archives2/google_web_accelerator_hey_not_so_fast_an_alert_for_web_app_designers.php
http://www.yafla.com/papers/Block_Google_Prefetching/block_prefetching.html
<cfset httpHeaders = GetHttpRequestData().headers> <cfif StructKeyExists(httpHeaders, "X-moz") AND httpHeaders["X-moz"] IS "prefetch"> <cfheader statuscode="404" statustext="Not Found"> <cfabort> </cfif>
thanks Sophek
503 is Service (temporarily) Unavailable.
RewriteEngine On SetEnvIf X-moz prefetch HAS_X-moz RewriteCond %{ENV:HAS_X-moz} prefetch RewriteRule .* /prefetch-attempt [L]
SetEnvIfNoCase X-moz prefetch has_x-moz=true RewriteCond %{ENV:has_x-moz} true RewriteRule . . [F,L]
SetEnvIfNoCase X-moz prefetch has_x-moz=true
RewriteCond %{ENV:has_x-moz} true
RewriteRule . . [F,L]
RewriteEngine on
RewriteCond %{HTTP:X-moz} prefetch
RewriteRule . . [F,L]
While I verified that this works, I didn't use it in the end because I found that the small number of prefetch requests we're getting with the X-moz header are well-behaved and have negligible impact on our server.
Meanwhile, I found another class of prefetch requests with a serious negative impact. Some companies now have proxy servers that use a prefetch engine which is poorly behaved (e.g, they prefetch URLs that include query parameters), and they prefetch URLs at such a high rate that it overloaded our server. These prefetch requests don't include the X-moz header, but can be identified by the User Agent string "Mozilla/4.0 (compatible;)". To block these requests, I'm using the apache code:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} compatible;\)$
RewriteRule . . [F,L]
- ColdFusion 8 FCKeditor Vulnerability
- Ajax Same Origin Policy No More with Firefox 3.5
- Firefox 3.5 Introduces Origin Header, Security Features
- Tips for Secure File Uploads with ColdFusion
- 7 Years And Blog Entry Number 700
- CFCatch Java Exceptions
- Cheat Sheet for SQL Server
- CFML on Google App Engine for Java
RSS
Pete Freitag is a software engineer, and web developer located in central new york.
Pete's company Foundeo Inc. builds products for web developers and provides consulting services.
In 2003 Pete published the ColdFusion MX Developers Cookbook with SAMs Publishing.
More about Pete.
