Search Engines - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Search Engines


Googles Accelerator Breaks Web Apps, Security



 By: Matthew Hicks
2005-05-06
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Search Engines story.


  Table of Contents:
  1. Googles Accelerator Breaks Web Apps, Security
  2. ' Sites Crash, Fail to '

Rate This Article:
Poor Best
Googles Accelerator Breaks Web Apps, Security
( Page 1 of 2 )

Google responds to early reports that the beta test of its new caching software deleted accounts and exposed private Web pages.Googles effort to speed the pace of Web browsing quickly aggravated some early users, who say that the software is delivering them Web pages under other users logins and breaking Web applications.

Google Inc.s Web Accelerator application, launched as a test on Wednesday, uses a combination of local and server-based caching and preloading of Web pages to more quickly serve Web pages to a users browser. Googles servers, in many ways, act as an intermediary between Web sites and a users browser.

But Googles approach has had some unintended consequences. Google officials Friday confirmed that the company was aware of as many as five sites where Web Accelerator was returning users cached pages under other peoples user names.

The Mountain View, Calif.-based company has stopped caching pages from those sites, said Marissa Mayer, Googles director of consumer Web.

Users of some smaller Web forum sites have complained in online postings that they began receiving Web pages which displayed other peoples user names after downloading Web Accelerator. The forum site, Somethingawful.com, was among those warning its users to avoid Web Accelerator because of reports that pages from other users logins were exposed.

"It is an unfortunate problem, but it looks worse than it is," Mayer said. "We are caching those pages on the server side with the user name on them…You see it, but its important to point out that you are not logged in as user and you do not have the session cookies needed to perform operations as [that] user."

Resource Library:

Mayer said the problem stemmed from the way some sites have implemented their HTTP cache-control headers, which provide information such as language preferences to a browser. Google uses those headers to determine whether a page is meant for an individual user, in which case it would not live on its servers, Mayer said.

Google plans to notify the Webmasters of the affected sites about the need to fix their cache-control headers as well as work on a solution within Web Accelerator, Mayer said.

Web Accelerator already prevented secure sites using the HTTPS protocol, such as online banking and e-mail sites, from being cached.

Read more here about the initial test of Googles Web Accelerator.

Web Accelerators problems appear to extend beyond forum sites, though. Web-based software developer 37Signals LLC began blocking the program after discovering that it was initiating links which performed critical functions, such as account deletions, on 37Signals Web applications.

A few users complained about deleted accounts on 37Signalss Basecamp and Backpack applications, and the company traced the problem to Web Accelerator, said 37Signals President Jason Fried. To make matters worse, the problem occurred the same week that the Chicago-based company launched Backpack, a personal-information management application.

"It was serious enough to frighten us, since we had just released a product and it coincided with Googles release," said Fried, who first wrote about the issue in his Weblog. "We became aware of the Web Accelerator issue, and within 30 minutes of figuring it out we instituted a block."

As for Web Accelerators impact on Web applications, Mayer initially said that most of the reports she had seen appeared to be unsubstantiated. When informed about 37Signals problems, she said that it is possible that some sites are not complying with a Web standard used by Web Accelerator.

Web Accelerator ignores links where a question mark appears before the URL string in the HTML code. A question mark is usually included in a string to indicate personally identifiable information such as a user ID and would typically be used in a link that performs a function like a deletion, Mayer said.

"The product is in beta," Mayer said. "It could be that our assumption around the question mark and the way sites comply with the standard is incorrect. If that is the case, then well have to redesign the prefetch algorithm."

Click here to read about how Googles browser toolbar update stirred up a debate over Web site content.

Fried acknowledged that the applications do not conform to all standards. For example, functions such as a deletion technically should be handled with buttons rather than links, he said.

Google needs to recognize, however, that many sites use methods that vary from standards, he said.

"To me, the real test here is not so much that Google may have made mistake but how they respond to it," Fried said. "Are they going to call it a mistake or blame everyone else to [make them] build products the way they should be built in a perfect world?"

Next Page: Some sites crash or fail to load, users say.





  Reader Comments: Googles Accelerator Breaks Web Apps, Security
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Search Engines Articles          >>> More By Matthew Hicks
 


x}r8s;iW1ŋvI%5m[KU-%B!)_zv~⼜؟oLBITϖ+ʖ0Ld&D;?{{~$riOȅc-Jg1ȣw&$5C4i=*_rdx9%GFԲ|W軫F]̉]ύP/a᳑(,Q  tjOt0]2dԵs6!7LP_ƾQ/?1 Lbhq٤XC#: rWü#~hzN1P:x =3~bA2xfdQӸO*! lpa+j)y'C< ۱ȭB ¿{k׳߂C}t;mgE-"'l,Rۆ@ظ?0}$OL"S9ˡ,Fp0,sti #M-jZUQ bkGiνoĩq#g޾޹RV5MQjUu7Z} m)kCq9}r>? 7;A:W@o&1W`JLTRBhd" ԆNWP u/kzQҏZ-o[jZAS# TFIna>E4f™EU2q}oe}}uI}rv|i"|c9̠V*PFfЊ%+Q9m<_st.[ݛ9^VsCV=BgCj`BmiuuUo~=co!"wA<0MߑRMRs?#3\4>wNHN‰,-90o-Yn_H.)MT|Y|ěy#0ri4(>M8X@/@ש#aWtBjmҔ 9B:%ϹyWϝ7>hr Ce)#8?S݃IhJq䰉c<ذ 1"%̛ iJ@e $}ВEtBAͨO%ތE z%Ku}7p#Kǰfeٜ҅%]Wa oQ#L .ϱ'v"e.ڽ^c8^%g 5F8 ,heݴ%!8WG5MGRŦcWJPX=*‹JMU~ _1p-~~j0B m] :V}y0`hvz?3Ϩagnۉ9~t$AG66^lzK $ ,70}HOQI4qp{4ڭ-%_ >< zNj$nh-DCw 0Ie&3 yG νdrgo͠~(wEnP>X^0 jp.HpyY?9d} wA,߃9#z[MKx GRP sZ( 7^`{"# EEKy3@ $h5az? ŊH^KHX-Vpp(ݞH:w&@-JEs㙰TL٣XB YX/_23CCɴh4Z*ȉ#m"0%X ,gZ Xk5ֲ fiZ\OG4MhȄ%#bi]ye&,`b HK%\Ew,[t3Asq=7߀s Xw<`6Ê0ӊYsξS s>xFx$S6[93mX0NєDWjm>!4ÃiА4XԹǦYgu׵LjGrgtK0s k2'yvw=&.Q>jWuϙܑ-ӾȇRoBoڅRT眺_dA_fMjlȌu>IVBg';oW f4ݤ|r%eR{`ELE2a5?%nQ/0}ԙQ3BZsOsR| g:[[I%7˺7Rum"$l JҰ.Z*Z!d[}aa6E]QZRKHD@CR)Ե ŠaY^`(y1 Cx EZ҆TSs  XTM.R?>2ei;aՒhxK[ʸAnH栢~g &ʥ ë;q\czu@nzcg@~P9gs?棄YTpܩ4hQ*}a3)4&0Sӹbp=q |X0b=9{t9pJ.q暺8/- {uaWlJsWs<&uM8` ;DӜh2F ñiHuߴӮWKHLZ`!?RP՘IO5 &^PGe d^s`M[`R9cDzl lFG4]}Zj\<89Ro> < ıLBYaT88l];(<1Xe;;pM2rH} [̜gbQIBO RN}'Xk5F>սT:cDA#Ez . ZC ЏBrAaj D"T `nR@;kRUԓtZC ^~~ JI:dzt4}ڣnssQ*/K73 R|OjZ(T+15ʪZJ~~{ ߥ#q'|q_ޝ?4Mc67`3\x+'שeXTe10kfW#SJI3$#v%*' L-`Gf^=/YQwSןlf18D"sL.-}ί! pe}4dݤS(H[D`{ nUESU[zfy@L t@zCxؽL HuҜNHYT9bRkEBZG ȭt)D Ȯcf>Fu*ZWּӪ`b/Bc$D!S#2z q[kh0h-f;Z;pLjg  k欩h+sJbOW2EߙizrulFYTy3is{"s-_M}zK>'8MG9Fi$]k|;P rfVȍ#w6霎0 M`}G ϓ1W5 `,fqNgGA:+lCs0X3f~Wk*kt?y{Wz&[wܕ[0A^c􁯍C-oc d.ōfπïǖ mԚVNM&lEմZY+-g}X} 2␜G=!s/=Zipn6=R.R 2=ct89e}ϣ[?nHCo`s 车N<ݠ1p Ju<1H/}ʧBTuq#Z7MFBR%%~ͳncEZ`ЯxLl5AKl!/`.R(S/ZfD]R/)3nQ/ ~egmS?PGF&7 u5Yx\[$v ˽'jD@KYJ7ѭj՚*\U%P-HjYtn:0nȄOXD[^:L&2O%ss]< ϟݜ;s`>L;J墦Ak R;~O+a>&rakS@Z: #ɢ\' WeRU8J3Az vBs=c#|{W !&m oRٟ:sɖBzo%EDOCVjgX& 26M1{O?J ПBQ`о(&w,ɪO@T #N{?J_{tZCR>i/6/:_?ٿ:N00vY?0WK޿H LЇ_eCR:"jueK\4?p-:%5ރ6 `i8~D(}ׇ́{9gEU\~; yFp0Z<!hq^8돝K%y;"˶u ߽< rDp'Bjw>^$'d0 srn^'6b ` xѤ<"F<42l&zE5q^לY0pz!vB3ZMUc z Ay4:ZFpv19 ºUXȬE`|PH2>(_aHHR ~tDӻ:o~dun/2 m D78C*QW"REh%IA%'&g <@&9FxDu~mnEb}Cfax!w-0q%՝b"0oBٺCO,l}[[ΘhAS:%I# m$jRSfj# $_2JI,v+ht(lAzW jÚ]e /.\|ܹm|d`M`l)Za!|)Nr 9i`e>%;yRb QגZ4ҫoeW!9 |Ds`~zv`5g3 \:`A)cn ~Uު9Gqܘx,3uj 2'|?Gdc:M"I^U֭UdU)I=YEG㳑)G8b`@L6COf=K#{G{ {!.u01/y+-R!EkEwWUK OʢE:'%:mחB}޿V5BĬhg2h띫{sL:>dO#@/-vc鼳2> AC؞qbLpO$`-ݺܭ)³$`GDA3}缩g涣A jm Z0\9f> V2&[qVL=9b:a1d(΀,S6D 3:6 Iϋr:I '&[̈,:,3˰3^;-DVچ&.0O.ã3mpePGvG,3JevT;}ǂ7 $3︉&%xòXA %Wޮ8}Dz)?0IqRf2֜ 3`e0MπHܶ)ڄC^$x΁wXg@39x<>b0Zn20}=S!J+3. b VJ V7gԮ'XhpY# c ޛ`?!e_pK*fȒZZ$Y$%Lr0Z'SϙQõyץ6 .jSe< B"ӄڄCz3E7ReK0X»JiK?$!t:%P.eR, 8CD{ FgZ\+B{MxH,Nt%!;L''ҍ m"(`FM-E>=1J%W'%"gQk1kh5[n Dc/iб,rT3''8n.WWWWR﯎u˻us}ts@Xx&q&s]9ObV,)pHx뵰-@X oaV}IEz 25^ʖ' (#T77 |\T؎0> Fylgj,1hʖRxiVe"I)<2?NR&a/Dذga"Lc}ٖcU|m/Ðֳ{Ўx륄WPf_9 vm[ҵ62WtP %rO foL;K./t+d[TjPlD 1HPXiKZ}xz#, !Z6^ܖbSA9𶖾xش 1  @bwHä<(0+a־" 0D'  +> !vC-٢Rl/S,6c3@ӳ JK0p\FkodwFv#q~M59Kzx7777rKKoAbF| d''M3,2&ޅ~.C lvلacSIKiJH gpLGKE;3)bO%g, 1ޅ#%7/Gcg{R4v}k{ײ֟}ǕJзaMo-x(ZqI)R!AY_@<Ͱ &R/; oQл<^ /'.53h~_Nͪd6S7{m_r6` lj[VF({W=~]Uֿe=:E?}V)K&jhk;1}_el؂_ ƗY'֤ [IHgc;wp 8c[Y@WyR ,Íq%%]D//ccr>&94! z_ڋK۪_xأLe^e- I4b'ݴMX,hILÑBu}sTa ]^`#܀4L~;U{#L3.NeãEz@9Ъ es^7>kE_A- ϴjgϡ?1[/ Zi> I7!7^H&W̽ "^tIw'yDdb {4k?S\0kL]'긯 7vE.Fʫ]L܀LQXc éJ^t vp^xK)LI|2A$㷈1pS]x?J*;ǝ@ eSZ!bZsʉmOѽgxPEq`r;B7o .qH e _M Ba;D0‡슗qaq BXE4}8VDpvUr@Ym2}21v%1h}PR #J=%1w;{=c8Gc8V5Śx K=2r59"@Ÿ Rxc) +hxB,t$mͤ<؎7ӭ%ôa8FSYhM]!cbj\.he,zVdqK2&/ #zPWwƌ7GSj9 G]#DYtHU) &G %Zj>A1R9}nbfƆX50Vz^3XvX5nVڹⲴq yK-y-J4sS577Z}9u:=-*< ;,Y0=쎦x#xlSaZ ~r1s[*1̶xB ?GZA)r]퐿3|US*Z <\GV82< Փ>/,b'c0/Ƙ0/bZNa=4 RtO链90Y>GN$(bX ~-=,6KMq@O eˡWqb\ojh ziv3%; tv}ܪ x.%5&o[I{e >d goљ H۠[*н<%&hPjߙc۫u *eZ`3+n{lKZIȶ8+ilwAQg)yifHt[M@&fLRxG*%_[Gx9ʵVܞVkVk[rBیh%=QD 4&9SO L%& J!47\CP |,CwWp+P~ЪV7n kb}<ҁb+q,NH㶭Eh7 7`(8NG}d+VzO"?{|fـjE~:tdG6ȝW>"&s'ُpKS;"΀!,E||z['AU}H?Km1Dhb#3FP0\'6KU윓M﷯{aCt樯Md:}GL#a]<2xRDAnj <9$.+Ja 3ޙ!:Kq5:0[ku/ OCcPx-r9GoG/ח=0?!s~! 6L- DvĤ"c*41GJ[!}s uǤۭpxX0!<RA~9.c&D^ôG͈֜ )P;PbA=jwcZ|"{X#&3(+9|_~g@}W c)q(bU T, !◹SJTmn$|s ^7Xh0usXg- .E.[q{笠+[!5|>0 0gYKw`C'[E9Y|ob{LgA~6Llݜ(8jq$P!%h$bcx=9`6B2dzwȗYBAaP8Z  +z+U'I]U@)9CȮ KDU8|.OONiY,d/c/x\iBR. ?$-G쌆xɺ9ISk۷srڽ&Mrznާu^yNa[+|Sw/'ݫ/u粟k|j5sNMo )n}>e;MjV}QyxQ Q+Q~ O͌.w3ʑ[@V;O֗}N31?Ag\㬳5:r_'\fC;k(_֗ 05.2_d^dsA " ϋ O /?C3(?(-/2a|/32C~.a.3Ư f _ *?32  ק 埳}}Π dd  M%:Iʘ!g+\8=Rgr ~)A_d_y*%iFy 3YY ~veX^eй\5ː2Kܿ2~2A\t[u CFWT=k /dmc֋cn%:@ba/! c|U$X2M*!#(^>&c˼$=)>w懤Ixմ] &JR7[O'ikr(%s<2g!gs=* t=}}SG"X5½p'e)cAZG4YQZ =P.v8NpFn_x` ~iMnڧ[Dpqk;ُϋGkwՕƊ ~3O߆zI'<+?u>xPxZLԸʲGpoQV" #<5 G>Rq6{xu0AחUc=z}ǠYP͙HÙ#~ǰ &Zb g8a箩%g蛡j:HÅ6@$ߛlt,cG$·RiErT)玾ߓJ0l2(.#&T_$`rXJ D`q9#Tx|Demƫ9 C8b{hDŽ[ɖbwp EУ/ٶH˘Q͛YHEu/*{_۱ Ccf@p b/[{8z5(KU?0}))UIW1hӐM Fؒ%DİQ0m|w^G25<>Mqgq%B4;Po.@cmc߻C{ NMx u1 agVbg94Aأ_BDOv֢->#%0qncOYt3>x8" "H "s{B|%iW^rF%؉GC/р]`ԭ {+2‡mn犱LZԝ:6Zd9d{fB=Xt(.hD7l,c}ڴtDl3%Y IoF}k_V`ńKأ|4#eUI;.~m%o ]*K@%GbF8] "!_Saniy>ⲁ%!:}`S s"gTtr!,MNM[Gc.Lc(ŬBCd=)O?7'[nI 5E`1l4aehDS,T6ys*>% / iνE >2z l|_Odxƪ~axh=&=з57d(Q|ӽǼˍt_d%\!dW< l[ !ۂˌK-Ӭ>s¥"UXHMX,8. ktmQh~0r,#<[_ڵlAt[] D heӕx" 7]!Kb 1C>b]R>zL1e~}=3ӲG(qI",@zP݌`y%K@ 4{W 78ǩ3bhwq#b ut+e!.1w:XU\(snȅ+`jk7E]EtA{zwn}c\:1V`]ccƫRdGB Lnl^^kti( aaɗXf0 'Ɣ ϰO" s=rϢq9qGb4GjV0U9s, j׺Wx/yc|>[zw00jPLP9͓_ a0*=:`-hW\~X0~v1/渲Y>e5rŤ3a=`>^}]x O!0gWPR Y -f1%IDb88)ҡCCĚB >eSC'@n0\| d9[\Oօu\j/bY4~>\99.@OI"cXM1}aE|iOR!D!6{xvYpEI{şnyq䗏O-)h,=R$Du $zWVs1Y7 ~c Whc<y &FϦkuU+kD;ydM^l+:cQEae=)jal>N~늘p6JL?-۔9MR"GZi/%!zR4gr0>_֊V&|Z2c{͵N_ l?HJ8*