<html class="apple-mail-supports-explicit-dark-mode"><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">I bet you're looking at HTTP GET requests that were "vibe coded" or AI coded to adhere strictly to the RFC Joshua points out...<div><br></div><div>A "normal" coder may never do that by hand, but an AI that was force-fed all RFCs and treats them all as equal & gospel would likely do something like that.</div><div><br></div><div>Just a thought,</div><div><br id="lineBreakAtBeginningOfSignature"><div dir="ltr">Ken</div><div dir="ltr"><br><blockquote type="cite">On Apr 24, 2026, at 17:43, Joshua D. Boyd via geeks <geeks@sunhelp.org> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr">\ufeff<div dir="auto">RFC 2616 calls what you are asking about the absoluteURI form of the Request-URI (see section 5.1.2). It says that form is required when making a request to a proxy.<br><br>It then says "To allow for transition to absoluteURIs in all requests in future versions of HTTP, all HTTP/1.1 servers MUST accept the absoluteURI form in requests,"<br><br>And apparently I'm way behind because 2616 was replaced in 2014 by 7230, which was then replaced in 2022 by 9112. <br><br>9112 calls what you are seeing the absolute-form. It also indicates that it is mostly used for proxies, before then saying "A server MUST accept the absolute-form in requests even though most HTTP/1.1 clients will only send the absolute-form to a proxy."<br><br>I was wondering if this was somehow connected to a client also supporting HTTP 2, but it looks like those requests are radically different in content. <br><br>Either way it looks like the requests you are getting are fully valid ones, but a bit odd.<br><br>I wonder if this could be a result of them using an HTTP proxy on their end?</div><br><br><div class="gmail_quote"><div dir="auto">On April 24, 2026 4:38:23 PM EDT, Mouse via geeks <geeks@sunhelp.org> wrote:</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="net-thunderbird-android__plain-text-message-pre"><div dir="auto">I've been seeing, more and more recently, requests to my HTTP daemon<br>like<br><br>2026-04-24 19:02:31 Tangent bozohttpd[29369]: got request ``GET <a href="http://ftp.rodents-montreal.org/pub/mouse/git-unpacked/predict/diff/">http://ftp.rodents-montreal.org/pub/mouse/git-unpacked/predict/diff/</a> HTTP/1.1'' from 14.255.31.77 to port 80<br><br>Did I miss something? Is it valid to include the method://host part in<br>the GET request's argument?<br><br>I'd take these for attempts to use me as a proxy except that (almost?)<br>all of them are, like the above, asking for something from the very<br>server they're sent to. Maybe they're attempting to test whether I can<br>be used as a proxy? Is that what a proxy request would look like?<br><br>Anyone happen to know (and feel like talking about it)?<br><br>/~\ The ASCII Mouse<br>\ / Ribbon Campaign<br> X Against HTML mouse@rodents-montreal.org<br>/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B<hr>GEEKS: <a href="http://sunhelp.org/mailman/listinfo/geeks_sunhelp.org">http://sunhelp.org/mailman/listinfo/geeks_sunhelp.org</a><br></div></pre></blockquote></div><span>_______________________________________________</span><br><span>GEEKS: http://sunhelp.org/mailman/listinfo/geeks_sunhelp.org</span><br></div></blockquote></div></body></html>