I'm gettig some strange HTTP requests, like:
"POST /type_error:SafeUrl HTTP/1.1"
"GET /some/path/type_error:SafeUrl HTTP/1.1"
"POST /another/long/path/type_error:SafeUrl HTTP/1.1"
"POST /another/very/long/path/type_error:SafeUrl HTTP/1.1"
Mainly POST but GET too, mainly on iPhone, and I'm quite sure that the origin is triggered by some "type_error" in JS.
The only pattern is /type_error:SafeUrl at the end of the URL.
Unfortunately I'm not able to reproduce it.
As I can see it comes from Fundingchoices library.
How can I solve/dig/approach this issue?
I know that this is not a fully compliant query, but I hope to match the same "bad" experience in someone that had already solved this problem.
I think it is a bug in Funding Choices.
Deep down in some ad-blocking detection code loaded by Funding Choices I found the following being part of a reportClientEvent(...) call:
_.Cc = function(a) {
return a instanceof _.Vb && a.constructor === _.Vb ? a.g : "type_error:SafeUrl"
}
a.g is a URL (https://fundingchoicesmessages.google.com/el/AGSKWxVK...) but a is not an instance of _.Vb, so we end up with type_error:SafeUrl being returned as the URL for the XMLHttpRequest request.
I expect this to be a bug because requesting 'type_error:SafeUrl' without domain or protocol will not result in anything useful.
These kinds of requests started yesterday (2022-01-20 17:30 UTC) in large amounts on our website, suggesting that an update was release around that time somewhere. I wish I could find a changelog for Funding Choices ...
UPDATE: I've been in touch with the Funding Choice team, and they expect to release a fix early next week (possible Monday).
UPDATE: Malformed traffic disappeared on our server at around 2022-01-25 23:00 UTC.