Onion LInk Checker is sending inappropriate GET requests as opposed to HEAD requests #25
Description
The onion link checker has been caught sending Get requests to the third-party onion server. You should consider the following:
-
GET retrieves the content of the server. (meaning that the second someone checks an onion URL that happens to host illegal pornography, etc. you just "retrieved" illegal content which makes the owner of the serer hosting the onion link list guilty of a criminal offense.)
-
HEAD returns the Server Headers and Http Status (e.g. 200, 30x, 40x, 500, etc.).
This issue may cause the owner of the server hosting the onion link list to unknowingly / unintentionally engage in criminal conduct, as well as possibly subject them to FBI NIT malware given that a significant number of onion URLs may fall under an illegal category under U.S. laws and because a GET request in a server log creates a legal presumption that the client downloaded the content of the page, whereas HEAD request does not. This is part of why we have HEAD as an HTTP method. T
There are multiple ways to send HEAD requests with PHP, and one of them should be implemented in the packages here as matter of being a sensitive legal issue that may unfairly subject some to unnecessary criminal investigation.