Weird error: favicon.ico

augustas.volbekas · February 27, 2024, 5:07pm

I am getting a lot of this error:

anvil.server.NoServerFunctionError: API request routing failed. No @anvil.server.http_endpoint exists with path matching '/favicon.ico'

This is really interesting, since some of these requests come from my apps users, they are registered in the same session.

I’ve tried to fix this with this function (didn’t help):

@anvil.server.http_endpoint("/favicon.ico")
def favicon_get():
    return anvil.server.HttpResponse(200)

It seems that the users browser try to get the favicon at https://custom-url.com/favicon.ico

This is not really critical, however it does register as an error and flood the logs with errors.

Have you encountered similar errors? Any ideas how this could be mitigated?

augustas.volbekas · February 27, 2024, 5:46pm

I think, I solved this one.

The requests for /favicon.ico occur when the browser cannot find a link to a favicon in the HTML and attempts to locate it automatically.

The solution involves adding a link to a real favicon in the raw HTML.

In my case, I was using a Jinja template to render HTML for printing purposes and to return HTML through an API endpoint. The Jinja HTML template did not include a favicon, so the browser attempted to retrieve it from /favicon.ico.

UPD: This didn’t help.

socint · February 27, 2024, 6:59pm

Just to round this one out, that might fit in with the recent DDoS attack and also tell us a bit more.

I remember seeing on the forum some of the random endpoint targeting which preceded the attack was looking for Wordpress related gubbins which isn’t to be found in Anvil.

Favicon is a specific bit of malware (How to Remove Favicon.ico Virus From Your WordPress Website?) so actually seeing it here starts to make more sense in context.

I’d have been tempted to accept the Jinja explanation, but I’ve had that endpoint request pinging errors this week and there’s no common config to explain it your way.

So, potentially it’s all just part of a sustained attempt. One for @daviesian and @meredydd to contemplate, but the more I see the more I recognise as a familiar pattern.

stein · February 28, 2024, 5:29am

My app logs are being flooded with this, and similar, errors from my users’ sessions.

My theory, since this suddenly happened in my own sessions, to apps I had not made changes on, is that this is an Anvil issue?

augustas.volbekas · February 28, 2024, 12:35pm

I believe this strange error is primarily caused by some browsers attempting to access the /favicon.ico. In this case, I don’t see any evidence of malicious activity related to it.

Therefore, my solution is to block all requests containing “favicon.ico” using Cloudflare. This approach will keep the logs clean.