412 Precondition Failed
Lately a PHP-script called "bad-behavior", intended to keep spam-bots and the like away from websites, has begun being used on some websites.
I noticed this because on those websites I got a page with the title "412 Precondition Failed" and a lot of verbiage suggesting that I be spam-bot or of mal-intentions, instead of the expected page.
After emailing one of the website-owners, he showed me the entries that the script registered for my hits and they indicated that the script has decided that sending a "Connection: close"-header along with a "TE: chunked"-header is a sure sign of bad behaviour.
Now, I use wwwoffle to filter away ads and the like when browsing, and wwwoffle was sending exactly that combination of headers.
From quickly perusing the RFC for HTTP 1.1, I can't see that the combination of those headers should be invalid.
Update: The author of the "bad-behavior" script explained to me where the RFC says that, and although the wording of that paragraph is quite twisted it looks like he is right. I have sent the information to the author of wwwoffle, hoping that if he agrees with the reading of the RFC, he will change wwwoffle accordingly.
Meanwhile the quick work-around is to change wwwoffle.conf to read: "request-chunked-data = no" in the OnlineOptions-part.
I hope the author of the bad-behavior script soon removes this false positive-generating test.
In general not generating false positives in such a script must be exceedingly hard.
Add comment
To avoid spam many websites make you fill out a CAPTCHA, or log in via an account at a corporation such as Twitter, Facebook, Google or even Microsoft GitHub.
I have chosen to use a more old school method of spam prevention.
To post a comment here, you need to:
- Configure a newsreaderยน to connect to the server
- Open the newsgroup called
ยน Such as Thunderbird, Pan, slrn, tin or Gnus (part of Emacs).koldfront.dkon port1119using nntps (nntp over TLS).lantern.koldfrontand post a follow up to the article.Or, you can fill in this form: