Broken URL requests with "?rand=0.nnnnnnnnnnnnnnnnn" querystrings from Chrome users

Question

I've recently noticed a number of errors in our sites' error logs which are a result of what appears to be a cache-buster being incorrectly added to URLs.

The requests in question all seem to have "?rand=0.nnnnnnnnnnnnnnnnn" on the end of the URL, with 0.nnnnnnnnnnnnnnnnn being a random number between 0 and 1.

However, this is appended without regard for whether the URL already has querystring parameters, so for example

http://www.mydomain.com/index?category=a&page=1

..is becoming..

http://www.mydomain.com/index?category=a&page=1?rand=0.37218398530967534

Thus causing the page querystring parameter to be "1?rand=0.37218398530967534", not a valid integer.

What I've noticed:

• All of these requests from from Chrome user agents (Windows and Mac, versions ranging from Chrome 35 to Chrome 39)
• Many of the requests are from logged-in users (our error logger records cookies) so it's not broken spiders
• Sometimes there are multiple requests in quick succession, from the same logged-in user, but from different IP addresses. e.g. one example had a hit from 59.95.54.x (an ISP in India) followed one second later by a hit from 162.243.129.x (Digital Ocean, a US cloud hosting company) for the same URL - same random number! - from the same user.

I wonder if it might possibly be some buggy and misbehaving cache-buster extension for Chrome? Although the hits from other IP addresses are odd.

Edit: Craig Hyatt suggested that perhaps the hola.org plugin might be implicated. I took a look at it, and can confirm that it did use a Digital Ocean IP addresses as a proxy when I selected to browse from the USA. Also, looking at the comments on its Chrome extension page, someone said "Your addition of ?rand=*** causes websites that use URL variables to show errors." I looked through the code and couldn't find anything that would do this - but it was just updated yesterday. Possibly a bug that is already fixed?

Further Edit: I was able to confirm that one of the users who has had this error logged is using the hola.org plugin. She will uninstall it and I will monitor whether the error recurs. Also I have emailed Hola support to ask if this is a known issue.

Answer 1

I have an application that has started seeing this issue around noon on Nov 20, 2014 (Eastern), with near the exact same issues mentioned.

I was able to connect with one of our users who indicated she was using the Hola.org plugin and I was then able to reproduce the error after installing it myself on Chrome.

Funny thing is although my site was generating 500 errors, as a user I did not receive any. I assume this means Hola is running some background process to retrieve the pages that are not actually being served to the user.

I have contacted the Hola.org support email to let them know of the issue, and directing them to this URL. No response as of yet. Still getting errors on my site but should be able to include some code to scrub the URL of the ?rand=0.XXX.

Also, I am not a fan of how this extension seems to send the same request multiple times, in quick succession, from several IPS as this has the potential to adversely effect some functionality. (ie delete last item on a list, increase counter, send out a standard email, write to a log etc)