StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POChrome Instant invald URLs triggering website lockout
primarykey
Id
5543736
data
AcceptedAnswerId
6472210
AnswerCount
2
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-04-04T20:08:47.017
FavoriteCount
0
LastActivityDate
2011-06-24T18:29:48.317
LastEditDate
2011-04-05T19:13:03.043
LastEditorUserId
172387
OwnerUserId
172387
ParentId
0
PostTypeId
1
Score
0
ViewCount
253
LastEditorDisplayName
text
Body
My website uses obscure, random URLs to provide some security for sensitive documents. E.g. a URL might be <code>http://example.com/<random 20-char string></code>. The URLs are not linked to by any other pages, have <code>META</code> tags to opt out of search engine crawling, and have short expiration periods. For top-tier security some of the URLs are also protected by a login prompt, but many are simply protected by the obscure URL. We have decided that this is an acceptable level of security. We have a lockout mechanism implemented where an IP address will be blocked for some period of time following several invalid URL attempts, to discourage brute-force guessing of URLs. However, Google Chrome has a feature called "Instant" (enabled in Options -> Basic -> Search), that will prefetch URLs as they are typed into the address bar. This is quickly triggering a lockout, since it attempts to fetch a bunch of invalid URLs, and by the time the user has finished, they are not allowed any more attempts. <ul> <li>Is there any way to opt out of this feature, or ignore HTTP requests that come from it?</li> <li>Or is this lockout mechanism just stupid and annoying for users without providing any significant protection?</li> </ul> (Truthfully, I don't really understand how this is a helpful feature for Chrome. For search results it can be interesting to see what Google suggests as you type, but what are the odds that a subset of your intended URL will produce a meaningful page? When I have this feature turned on, all I get is a bunch of 404 errors until I've finished typing.)
Tags
<security><google-chrome>
Title
Chrome Instant invald URLs triggering website lockout
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USHank
UserOwnerUserId
1. USHank
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.