But would it be better to redirect(*) such a request to the true url? I am thinking this could see an abusive competitor actually optomising the site for you. To stop all this nonsense I believe you may have to turn there attacks into your defence. By 301 such request a potential Canonical attack could actually benefit a site. That I am sure would destroy these attacks..........
I am must emphasise I am not talking about Xss attacks just attempts to cause a Canonical.
Your thoughts totally appreciated
*rewrite changed to redirect after g1smd pointed out error.
[edited by: Bilbo at 2:00 am (utc) on Dec. 9, 2008]
It's not clear what you think is wrong with that URL. If it is the case that you never expect a query string to be appended to a .html URL on your site, then certainly you should redirect to remove spurious queries from those URLs. If the problem you perceive is something else, then please be more specific.
Again, any unique page on your site should be reachable using one and only one URL -- Anything else is a duplicate-content problem if not 301-redirected or rejected with a 404 or 410 error response.
For the purposes of this subject, no variation of any kind should be tolerated -- down to an exact character-by-character URL comparison level. You are looking for an *exact* match of absolutely everything showing in the browser address bar, and anything else needs handling.