GoDaddy Serves Blank Pages to Safari & Opera

zackmac writes "For over two weeks domain registrar GoDaddy has been serving blank pages to Safari and Opera users who attempt to access sites using its domain forwarding and masking service. GoDaddy is blaming Apple as the source of the problem, and with nowhere to turn, Mac users are flocking to Apple's support forums to discuss the issue in-depth. Apple has so far been unresponsive and GoDaddy has directed affected customers to contact Apple Support. An inconvienent workaround is to open the website first in Firefox or Internet Explorer and then the page will load in Safari or Opera. Speculation abounds as to the cause of the problem and how to fix it. The current belief is malformed headers, an invalid 302 header with a bogus location and a redirect loop."

Can anyone confirm this?

[RandyOo]

I just put my wife's photography site online yesterday, and it's hosted via domain masking/redirection from godaddy. Anyone with Oprah or Safari have trouble getting to it?

http://www.photosparks.com/

Re:Can anyone confirm this?

[larry+bagina]

ok...

$ nc www.photosparks.com 80
GET / HTTP/1.1
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: /?ABCDEFGH

$ nc www.photosparks.com 80
GET /?ABCDEFGH HTTP/1.1
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: /

Note - the response came back instantly -- before I could enter the Host: header.

Re:Can anyone confirm this?

[timster]

I looked back over the HTTP RFC, but it doesn't describe in detail what a browser should or should not do to avoid redirect loops. It's perfectly reasonable to stop once you've been redirected back to the original page and simply display the content given by the server -- which, according to the RFC, "SHOULD" contain a note about the redirect for the user's sake.

An RFC is not usually a detailed specification, so requiring certain specific behavior from a browser is unwise if that behavior is not clearly stated. It's stupid of GoDaddy to be using this redirect system, and it's irresponsible to blame others.

Re:Can anyone confirm this?

[ciscoguy01]

This is NOT UNUSUAL. Typical of someone who tests his web work with IE. IE fixes ridiculous stuff on the fly, like the site I looked at some time ago in Firefox with several hundred TD tags and only two /TD tags. It didn't work with Firefox but IE rendered it OK.

For the sake of interoperability it's usually good to design things so they "always work". But if you are testing it makes sense to test with a less robust platform than IE. You WANT to find the problems, not mask them.

This does not change the fact that yeah, GoDaddy's server IS likely broken. But if they hadn't tested with IE they would have known.

Safari Release Dates...

[Xserv]

The last update that I'm aware of on this browser was Nov. 29, but from what I've read of TFA and some of the user comments, they're not related. I spoke to a friend of mine at work today about this who is an avid Safari user and he said his work computer has the problem but his home computer does not.

I would almost definitely relate this to a malformed header problem as the summary states... Xserv

Weird.

[DeadSea]

I fired up firefox with LiveHTTPHeaders extension and here is what I found when I contacted www.catalogueofships.com:

> GET / HTTP/1.1

< HTTP/1.x 302 Moved Temporarily
< Location: /?ABCDEFGH

> GET /?ABCDEFGH HTTP/1.1

< HTTP/1.x 302 Moved Temporarily
< Location: /

> GET / HTTP/1.1

< HTTP/1.x 200 OK

It appears that the page is redirecting and then redirecting back. I can imagine that would confuse some browsers. Especially if the browser cached the first redirect and didn't actually fetch the same exact page a second time.

There is probably something in the http spec about not caching temporary redirects. In fact not caching them makes perfect sense to me. So safari has a bug of some sort with redirect caching.

However, what the server is doing seems to be fairly brain dead as well. Why would you redirect away and then redirect back? It appears that there is not cookie set between the two. The server must be remembering your IP address and serving you actual content on the second hit from that IP Address. That would certainly explain the "teaching issue" that causes safari to work with these sites after visiting with firefox.

The only explanation that I can come up with is that somebody discovered this obscure caching bug in safari and built a system to expose it. It seems that the blank page problem would be easy to fix in either safari or the web server.

Re:Weird.

[Strepsil]

It's not necessarily caching at fault - I used curl to take a look at this from a shell under OS X. It's weird. First, I got the redirect you saw. I requested the "?ABCDEFGH" page. This didn't give me a 302 redirect.

---
$ curl -D - http://www.photosparks.com/?ABCDEFGH

HTTP/1.0 200 OK
Connection: Close
Pragma: no-cache
cache-control: no-cache
Content-Type: text/html; charset=iso-8859-1

<HTML><HEAD><META HTTP-EQUIV="Refresh" CONTENT="0.1; URL=/?ABCDEFGH">
<META HTTP-EQUIV="Pragma" CONTENT="no cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD></HTML>
---

Ever since then, I get the intended result for every redirect page under GoDaddy, in _Safari_ as well as from curl.

The first time I tested this, I got the white page. All I've done since is make a couple of requests from the command line, and now it all works.

It's not related to caching or cookies, that's for sure. It must be IP tracking somewhere along the line.

This is NOT a bug

[od05]

This is not a bug but a feature in Safari. Internet Explorer and Firefox will display http://www.stealyourpassword.com/paypal as http://www.paypal.com/ while Safari will show it's true address. It's to avoid forwarding addresses that are spoofed.

Re:This is NOT a bug

[NeutronCowboy]

Can't replicate the stealyourpassword.com issue with Firefox 1.5. when I click on your link, all I get is a server not found error, and the URL bar clearly displays the full URL. Care to explain the bug a little further?

Re:This is NOT a bug

[nystul555]

I think the parent poster was using stealyourpassword.com as a fake example. stealyourpassword.com is not a registered domain name.

The real cause (in Safari)

The problem with the 302 response is not the relative URL in the Location: header, it's the lack of blank line after the headers. The RFC requires this and Safari's network stack doesn't (yet) support tolerance of this quirk.

Re:The real cause (in Safari)

[EMR]

actually I highly doubt it's the improper location header. AS a LARGE number of website (espcially PHP ones) do the same violation. I believe the real violation is the godaddy server NOT accepting any client headers after the initial "GET / HTTP/1.1" request line.. The client is supposed to send TWO carriage return/line feed combinations before the server response allow the the client to send User-Agent and Host: headers. Godaddy's servers are not allowing this. So opera and safari are trying to send the headers and not expecting a reponse from the server as they have not finished the request (ie two CR/LF combinations).

Once you specify the /?ABCDEFGH as a HTTP/1.1 GET request their server lets you to send client headers, anmd correctly returns the "Redirect" page.

GoDaddy CEO is pro-torture

[kherr]

GoDaddy's founder, Bob Parsons, apparently loves the idea of torture. Bleah. Using them is kind of like giving money to the Chinese government. I think spending money at more socially conscientious companies is a better idea.

Re:Blaming apple??

[multipartmixed]

Send this post to your vendor: http://slashdot.org/comments.pl?sid=170621&cid=142 16183

Or, rephrase it nicely. Trust me on this one. I only spent 30s on this analysis, but I'm arrogant^H^H^H^H^H^H^H^H^Hexperienced enough to know I'm right. ;)

crawlers - bad for SEO

[dindi]

I actually heard a year ago that many people dropped Godaddy, because they were serving different/incorrect/empty pages
to crawlers and people's sites were dropping from SE indexes like crazy ...

dunno, never used them, but since those conplaints by many I did not want to go with them...

Now it makes me wonder what googlebot, msnbot, yahoo and other members of the artificial gang see from these 302/404/no source sites .... good chance that they do not see crap, and your godaddy site goes down the loo...

Re:Godaddy sucks

[humankind]

Godaddy has a long history of screwing their customers over. They prematurely shut down domains and demand renewals way early of their expiration. They hold peoples' domains hostage in very inappropriate ways. They've implemented sleazy redirects and hidden frames and webbots; they use misleading advertising practices to hook users in with seemingly cheap prices and then nickle and dime them to death. Godaddy is THE WORST registrar on the Internet. And I do NOT work for them nor their competitors, but I advise all my clients to NEVER do business with them. They are a total and complete nightmare. I cringe when I come across someone who is foolish enough to use them as a registrar because I know it will make my and the client's life miserable at one point or another. It's inevitable. If it hasn't happened to you, it will. It's as certain as death and taxes. Godaddy sucks.

Re:Blaming apple??

[paulrpayne]

When I contacted godaddy support last week about one of my domains not forwarding using safari, they said it was safari's fault and that I could clear the cache and it would work. I responded by saying that the cache clearing didn't work and that I thought they should be more concerned that such a large percentage of people weren't redirected properly. They ended the "support" thread by saying that I just need to clear the cache AND reboot... and since that should fix it, it wasn't really a problem.

I wish I would have kept the emails now seeing as this made slashdot. They were really quite amusing.

Re:Blaming apple??

It isn't Sun, I know I shouldn't be saying this and if I get cought I can get sued, thanks to stupid contracts. Microsoft develops the software for us at GoDaddy, they seemingly did this to make other browsers look broken to regain some of their lost sharemarket. I plan on quiting from GoDaddy when my next paycheck comes, along with some of my friends that are fed up with management.