Odd requests to non-existing pages that all include "6_S3_" Odd requests to non-existing pages that all include "6_S3_" google-chrome google-chrome

Odd requests to non-existing pages that all include "6_S3_"


google-chrome http-status-code-404

Regardless of the server you use this HTTP header solves the OP's problem and also provides additional security against XSS attacks:

Content-Security-Policy: script-src s.colnect.net *.google-analytics.com 'unsafe-inline'

We also receive hundreds of request like this originating from iframe elements included in our partners' site. I haven't figured out exactly what causes it but I updated the web server (Apache) configuration to include a CSP header in the response:

Header set Content-Security-Policy "default-src 'none'; style-src 'unsafe-inline'; img-src data:"

This prevents any injected content to be loaded or executed inside our frame, but it allows to use inline style tags and images with "data:" URIs which is enough in our case.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last