“未定义"自 2012 年 6 月 12 日以来，随机附加到我网站上 1% 的请求网址中 [英] "undefined" randomly appended in 1% of requested urls on my website since 12 june 2012

问题描述

自 2012 年 6 月 12 日 11:20 TU 起，我在清漆/apache 日志中看到非常奇怪的错误.

Since 12 june 2012 11:20 TU, I see very weirds errors in my varnish/apache logs.

有时，当用户请求一个页面时，几秒钟后我会看到类似的请求，但 URL 中最后一个/之后的所有字符串已被未定义"替换.

Sometimes, when an user has requested one page, several seconds later I see a similar request but the all string after the last / in the url has been replaced by "undefined".

示例:http://example.com/foo/bar 触发 http://example.com/foo/undefined 请求.

Example: http://example.com/foo/bar triggers a http://example.com/foo/undefined request.

当然这些未定义"的页面不存在，而是返回了我的 404 页面(这是一个具有标准布局的自定义页面，而不是经典的 apache 404)

Of course theses "undefined" pages does not exist and my 404 page is returned instead (which is a custom page with a standard layout, not a classic apache 404)

• 任何页面都会发生这种情况(从主页到最深处)
• 使用各种浏览器(主要是 Chrome 19，但也有 firefox 3.5 到 12、IE 8/9...)但只有 1% 的流量.
• 这些请求发送的标头是经典标头(并且没有 ajax 标头).
• 对于给定的 ip，这似乎是随机发生的:有时在访问的第一个页面上，有时在访问期间的随机页面上，有时在访问期间有多个页面......

当然它看起来像是一个 javascript 问题(我使用的是由 google 托管的 jquery 1.7.2)，但是 我在 js/html 或服务器配置中绝对没有任何变化，因为有几个天，我以前从未见过这种错误.当然，html中没有这样的链接.

Of course it looks like a javascript problem (I'm using jquery 1.7.2 hosted by google), but I've absolutely nothing changed in the js/html or the server configuration since several days and I never saw this kind of error before. And of course, there is no such links in the html.

我还注意到一些有趣的事实:

I also noticed some interesting facts:

• 未定义的请求永远不会被发现作为其他页面的引用，而是使用真实"页面作为相同IP的以下请求的引用(用户可以使用404页面上的经典菜单)
• 我在 Google Analytics 中没有看到这些页面的任何痕迹，所以我假设没有执行任何 javascript(跟踪器存在于包括 404 在内的所有页面上)
• 没有人就此事联系过我们，即使我在网站的社交网络中提到了这个问题
• 大多数用户在此之后继续访问

所有这些事实让我认为问题在浏览器中默默发生，可能是由有问题的附加组件、防病毒软件、浏览器栏或昨天更新的浏览器中集成的蹩脚制造商软件触发的(但我没有找到任何添加- 昨天针对 chrome、firefox 和 IE 发布).

All theses facts make me think the problem occurs silently in the browers, probably triggered by a buggy add-on, antivirus, a browser bar or a crappy manufacturer soft integrated in browsers updated yesterday (but I didn't find any add-on released yesterday for chrome, firefox and IE).

这里有没有人注意到同样的问题，或者有更完整的解释?

Is anyone here has noticed the same issue, or have a more complete explanation?

推荐答案

没有简单直接的答案.

您将不得不对此进行调试，并且由于 URL 中的未定义"字样，它可能是 JavaScript.然而，它不一定是 AJAX，它可以是创建任何由浏览器自动解析的 URL 的 JavaScript(例如，在图像标签上设置 src 属性、设置 css-image 属性等的 JavaScript).我使用 Firefox 和 Firebug 大部分时间都安装了，所以我的指导会考虑到这一点.

You are going to have to debug this and it is probably JavaScript due to the 'undefined' word in the URL. However it doesn't have to be AJAX, it could be JavaScript creating any URL that is automatically resolved by the browser (e.g. JavaScript that sets the src attribute on an image tag, setting a css-image attribute, etc). I use Firefox with Firebug installed most of the time, so my directions will be with that in mind.

Firebug 初始设置

如果您已经知道如何使用 Firebug，请跳过此部分.

安装并重新启动 Firefox for Firebug 后，您将不得不启用大部分 Firebug 的面板".要打开 Firebug，浏览器的右上角会出现一个看起来像火虫/昆虫的小东西，或者您可以按 F12.单击 Firebug 选项卡控制台"、脚本"、网络"，并通过打开它们并阅读面板信息来启用它们.您可能需要刷新页面才能使它们正常工作.

After the installs and restarting Firefox for Firebug, you are going to have to enable most of Firebug's 'panels'. To open Firebug there will be a little fire bug/insect looking thing in the top right corner of your browser or you can press F12. Click through the Firebug tabs 'Console', 'Script', 'Net' and enable them by opening them up and reading the panel's information. You might have to refresh the page to get them working properly.

调试用户交互

导航到有问题的页面之一，Firebug 打开且网络面板处于活动状态.在 Net 面板中会有几个选项:'Clear'、'Persist'、'All'、'Html' 等.确保选择 ALL.不要在页面上做任何事情，尽量不要将鼠标悬停在页面上的任何内容上.查看请求.对无效 URL 的请求将是红色的，并且可能具有 404 Not Found(或类似状态)的状态.

Navigate to one of the pages that has the issue with Firebug open and the Net panel active. In the Net panel there will be a few options: 'Clear', 'Persist', 'All', 'Html', etc. Make sure ALL is selected. Don't do anything on the page and try not to mouse over anything on it. Look through the requests. The request for the invalid URL will be red and probably have a status of 404 Not Found (or similar).

加载时看到了吗?跳到下一部分.

See it on load? Skip to the next part.

在初始加载时没有看到它?开始使用您的页面并在此处继续.

Don't see it on initial load? Start using your page and continue here.

开始单击每个功能，将鼠标悬停在所有内容上，等等.注意网络面板并注意失败的请求.您可能需要有创意，但继续使用您的应用程序，直到您看到浏览器发出无效请求.如果页面提出了很多请求，请随时点击网络面板左上角的清除"按钮将其清除一点.

Start clicking on every feature, mouse over everything, etc. Keep your eyes on the Net panel and watch for a requests that fail. You might have to be creative, but continue using your application till you see your browser make an invalid request. If the page makes many requests, feel free to hit the 'Clear' button on the top left of the Net panel to clear it up a bit.

如果您提交页面并看到失败的请求非常快地发出，但由于下一页加载而丢失它，请通过单击网络面板左上角的持久化"启用持久化.

If you submit the page and see a failed request go out really quick but then lose it because the next page loads, enable persistence by clicking 'Persist' in the top left of the Net panel.

一旦成功，并且应该考虑您为实现这一目标所做的工作.看看你能不能让它再次发生.在弄清楚是什么用户交互导致它发生后，深入研究该代码并开始寻找发出无效请求的内容.

Once it does, and it should, consider what you did to make that happen. See if you can make it happen again. After you figure out what user interaction is making it happen, dive into that code and start looking for things that are making invalid requests.

您可以使用脚本"选项卡在 JavaScript 中设置断点并逐步执行.调查通过 $(element).bind/click/focus/etc 或旧式事件属性(如 onclick=""/onfocus="" 等)完成的事件处理程序.

You can use the Script tab to setup breakpoints in your JavaScript and step through them. Investigate event handlers done via $(elemment).bind/click/focus/etc or from old school event attributes like onclick=""/onfocus="" etc.

如果请求在页面加载后立即发生

这将更难固定.您将需要转到脚本"选项卡并开始向加载时运行的每个脚本添加断点.您可以通过单击 JavaScript 行的左侧来执行此操作.

This is going to be a little harder to peg down. You will need to go to the Script tab and start adding break points to every script that runs on load. You do this by clicking on the left side of the line of JavaScript.

重新加载页面，您的断点应该会阻止浏览器加载页面.按脚本面板上的继续"按钮.转到您的网络面板，看看您的请求是否被提出，继续直到找到.您可以使用它来缩小请求的范围，方法是慢慢添加越来越多的断点，然后逐步进入和退出函数.

Reload your page and your break points should stop the browser from loading the page. Press the 'Continue' button on the script panel. Go to your net panel and see if your request was made, continue till it is found. You can use this to narrow down where the request is being made from by slowly adding more and more break points and then stepping into and out of functions.

您在代码中寻找什么

类似于以下内容:

var url = workingUrl + someObject['someProperty'];

var url = workingUrl + someObject.someProperty;

请记住，someObject 可能是对象 {}、数组 [] 或任何内部浏览器类型.关键是将访问不存在的属性.

Keep in mind that someObject might be an object {}, an array [], or any of the internal browser types. The point is that a property will be accessed that doesn't exist.

我没有看到任何 404/红色请求

那么导致它的原因不会被您的测试触发.尝试使用更多的东西.关键是您应该能够以某种方式使请求发生.你只是还不知道.它必须显示在网络面板中.唯一不会发生的情况是你没有做任何会触发它的事情.

Then whatever is causing it isn't being triggered by your tests. Try using more things. The point is you should be able to make the request happen somehow. You just don't know yet. It has to show up in the Net panel. The only time it won't is when you aren't doing whatever triggers it.

结论

没有超级简单的方法来确定到底发生了什么.但是，使用我概述的方法，您至少应该能够接近.这可能是您甚至没有考虑的事情.

There is no super easy way to peg down what exactly is going on. However using the methods I outlined you should be at least be able to get close. It is probably something you aren't even considering.

这篇关于“未定义"自 2012 年 6 月 12 日以来，随机附加到我网站上 1% 的请求网址中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！