Partial Javascript Statements Logged To Server

Question

I have some code that generates URLs to be used in various places across a site (image src, link hrefs, etc). I am seeing lines in the access logs which show some of the javascript code that generates the URLs masquerading as a file request.

For example, "/this.getIconSrc()" is one that I'm seeing quite a bit. I can't figure out how or why this is occurring and I can't manage to reproduce it without actually entering "http://whateverthesiteis.com/this.getIconSrc()" into the location bar. In most cases, these functions are chained together to generate a URL but the whole function chain does not appear in the server logs, just part of it.

I've probably invested around 30 hours trying to figure out why this is happening but cannot. It doesn't appear to be a browser issue as I've tried in IE 6/7, FF 2/3, Opera, Safari 3, and the problem does not occur. Has anyone else experienced something similar and, if so, what was the solution?

Answer 1

Are you generating JavaScript calls like this? This may explain it.

<a href="javascript:somefunction()">___</a>

Answer 2

There's three possibilities really:

1. A bug in your HTML - malformed HTML causing onclick to leak into href, for example
2. A bug in your Javascript - myIcon.src = 'this.getIconSrc()'; - note the quotes that shouldn't be there
3. A poorly-written spider is hitting your site (like @Diodeus said: <a href="javascript:somefunction()">___</a>)

Edit: Check the User Agent and Referrer in your logs - they may offer a clue.

Answer 3

@RoBorg... I'm thinking the most likely scenario is #3 since this particular function is actually only called in one place...

function whatever(){
var src = this.getIconSrc();
return src.replace( /((?:https?:\/\/)?(?:[^\/]+\/)*)[^\/]+/, '$1newimage.png' );
}