Is the url path '/#!' special or an exploit?

I am getting the path /#! requested regularly on my blog and i was wondering why this was (as it doesn't match to any URL/resource on my blog). The user agent says its always IE7 browsers which request this but from multiple different IP Addresses. I'm trying to work out if I can ignore this or if I need to do something about it. I specifically want to know the following:

  • Is it some kind of special URL for certain web browsers/web servers?
  • Is it connected to a specific exploit?

Can I just ignore it?

If its relevant the site is hosted in windows azure and running on MVC4.

Answers


It's a hash-bang URL. They're used by some AJAX web applications, like Facebook and Twitter. Google has some special treatment for them, to make normally uncrawlable AJAX sites crawlable.

However, if your site is not running an app that uses them, you shouldn't be seeing them. And you definitely shouldn't be seeing them on the server side, since the whole point is that everything following a # in a URL is a fragment identifier, and should be stripped off by the user agent before requesting the URL from the server.

Edit: If I had to guess what's requesting such URLs, I'd say it might be some buggy bot. The fact that it's apparently pretending to be IE suggests that it might not be up to anything good; maybe it's a spambot of some sort. Anyway, the requests as such are most likely harmless, and you can ignore them. If it makes you feel better, you could always set up a rewrite rule to explicitly reject them, something like:

RewriteRule \x23 - [F]

This should reject any requests for URLs containing the # character with a 403 Forbidden error.


Need Your Help

Pointers and Linked List in C

c pointers singly-linked-list

I starting study pointers and linked list in C but i have a problem:

Why am I getting the error 'GetXDocument()' is a 'method' but is used like a 'type'

c# asp.net visual-studio-2012 html-agility-pack

I have the following class file which will search a page and extract certain information and display it as an output: