292684 - firefox loads favicon even if unrequested; poor user agent behaviour

Status: RESOLVED DUPLICATE of bug 175909

(Firefox :: General, defect)

Description

[nova]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7.6) Gecko/20050319
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3

Firefox seems to request /favicon.ico even if the file is not linked anywhere by
the website and does so without any user interaction (eg, adding to bookmarks).
This is very poor behaviour on the part of a user agent to go "probing" for
files which may or may not exist.

This automatic requesting may also be used in a malicious manner, eg if
site1.com wants to attack site2.com, site1.com/favicon.ico could issue a
redirect to site2.com/huge_file and site2.com will have no clue where all these
hits are coming from that drain their bandwidth whenever some innocent user
visits site1.com.

If the "shortcut icon" or "icon" links are present, then sure, go ahead and
request them. But this automatic probing for icons is extremely poor behaviour
for a user agent and not only generates spurious requests but fills server log
files with 404 errors and other unpleasant side effects.

Reproducible: Always

Steps to Reproduce:
1. Visit google.com in Firefox.
2. Note mysterious appearance of icon in tab/address bar.
3. View source of page and find where Google requested Firefox to fetch /favicon.ico

Actual Results:  
/favicon.ico requested without any reference to such in the source code.

Expected Results:  
No /favicon.ico request without it being explicitly told to do so.

Comment 1

[:Gavin Sharp [email: gavin@gavinsharp.com]]

See also bug 109843 (original implementation), and bug 279891.

*** This bug has been marked as a duplicate of 175909 ***

Comment 2

[O. Atsushi (Torisugari)]

Oops, mid-air.
See also bug #260500.