undefined | Better HN

0 pointsderefr10y ago0 comments

A bit frightening to think about: SHA hexdigests (as used in, e.g., cache-busting) can contain the two-character-sequence "ad".

0 comments

userbinator10y ago

I don't think adblockers will be so naive as to block anything that contains "ad" in the URL, but then again, there's a name for the bug caused by this particular type of matching:

https://en.wikipedia.org/wiki/Scunthorpe_problem

...so maybe some of them do have rather silly rulesets.

derefrOP10y ago

They don't usually match on something as silly as the regexp /ad/, no—but they _do_ frequently contain a regexp like /\bad\b/.

The problem being—and this is painful personal experience speaking—web frameworks will frequently also cater to directory inode limits of caching reverse-proxies in their cache-busting code by doing something like this:

    "/#{sha[0..1]}/#{sha}.#{orig_ext}"

...which means that, for a SHA that starts with "ad", you get an "/ad/" in the URL.

j / k navigate · click thread line to collapse