I don't have a favicon.ico, but my browser always makes a request for it.
Is it possible to prevent the browser from making a request for the favicon from my site? Maybe some META-TAG in the HTML header?
asked Aug 24, 2009 at 11:37
16 Answers
I will first say that having a favicon in a Web page is a good thing (normally).
However it is not always desired and sometime developers need a way to avoid the extra payload. For example an IFRAME would request a favicon without showing it. Worst yet, in Chrome and Android an IFRAME will generate 3 requests for favicons:
"GET /favicon.ico HTTP/1.1" 404 183
"GET /apple-touch-icon-precomposed.png HTTP/1.1" 404 197
"GET /apple-touch-icon.png HTTP/1.1" 404 189
The following uses data URI and can be used to avoid fake favicon requests:
<link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">
For references see here:
- https://github.com/h5bp/html5-boilerplate/issues/1103
- https://twitter.com/diegoperini/status/4882543836930048
UPDATE 1:
From the comments (jpic) it looks like Firefox >= 25 doesn't like the above syntax anymore. I tested on Firefox 27 and it doesn't work while it still work on Webkit/Chrome.
So here is the new one that should cover all recent browsers. I tested Safari, Chrome and Firefox:
<link rel="icon" href="data:;base64,=">
I left out the "shortcut" name from the "rel" attribute value since that's only for older IE and versions of IE < 8 doesn't like dataURIs either. Not tested on IE8.
UPDATE 2:
If you need your document to validate against HTML5 use this instead:
<link rel="icon" href="data:;base64,iVBORw0KGgo=">
Sridhar Ratnakumar
83.9k64 gold badges148 silver badges188 bronze badges
answered Nov 16, 2012 at 12:41
-
40Your UPDATE 2 had issues on Lollipop...adding
<link rel="icon" type="image/png" href="data:image/png;base64,iVBORw0KGgo=">seems to solve the issue.– AlkoCommented Jul 14, 2015 at 8:41 -
3If I got it right, I can open
data:image/png;base64,iVBORw0KGgo=in browser, save it asfavicon.icoaka. empty PNG file and store it in website root. Right?– MartinCommented Jun 30, 2016 at 15:04 -
7@Alko That empty PNG file is still invalid. If this is just about creating an data URL that describes an empty file, use: <link rel="icon" href="data:,">– vogCommented Aug 12, 2016 at 12:20
-
4Browsers tend to request the favicon even if there are no references to it in the index.html file, so how would this solution prevent this? Specifically, I have seen Firefox being very aggressive about requesting it as soon as you visit a domain. Other browsers may do it later, maybe after the index file has loaded the header(somebody with more knowledge of the internals of browsers please comment). Not having a favicon has potential side effects, just google it, or: stackoverflow.com/questions/4269695/… Commented Dec 22, 2016 at 18:53
-
4I was using this, but had to tighten up security on my web application. Now, I get this: "Refused to load the image 'data:;base64,=' because it violates the following Content Security Policy directive: "default-src 'self' https: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback." - so this solution (while good) only works with more relaxed security scenarios. Commented Feb 21, 2018 at 11:55
Just add the following line to the <head> section of your HTML file:
<link rel="icon" href="data:,">
Features of this solution:
- 100% valid HTML5
- very short
- does not incur any quirks from IE 8 and older
- does not make the browser interpret the current HTML code as favicon (which would be the case with
href="#")
Downside of this solution:
- Doesn't work for Safari (improvement proposals in the comments are welcome)
You can use the following HTML in your <head> element:
<link rel="shortcut icon" href="#" />
I tested this on a forced full refresh, and no favicon requests were seen in Fiddler. (tested against IE8 in compat mode as IE7 standards, and FF 3.6)
Note: this may download the html file twice, so while it works in hiding the error, it comes with a cost.
-
1my tests also indicate that this trick works. However, I'd have the
hreflink to some static (cached) resource that you've already loaded (e.g. css or script file) - to ensure that a dynamic (non-cached) page doesn't get requested twice. (Just to be safe sincehref="#"technically points to the current web page). Commented Mar 15, 2011 at 23:32 -
3I tried in Safari. The favicon request hits the hosting page again. Commented May 16, 2011 at 10:21
-
45I wouldn't suggest this, because it makes the browser (Safari5/Mac, maybe others too) to request the webpage from the server twice.– ManavCommented Jul 18, 2011 at 18:05
-
4
-
3
You can't. All you can do is to make that image as small as possible and set some cache invalidation headers (Expires, Cache-Control) far in the future. Here's what Yahoo! has to say about favicon.ico requests.
answered Aug 24, 2009 at 11:39
-
9He said he doesn't have a favicon. They don't get much smaller than that. And it doesn't make any sense to cache non-existant files.– innaMCommented Aug 24, 2009 at 12:07
-
18If he doesn't have a favicon then he should make one, that was my point. There's no better solution than this one. Isn't it logical? If there's no possibility to stop requests, unless you use caching, what do you do? Commented Aug 24, 2009 at 12:40
-
4You turn it off. If you don't want a favicon, and you also don't want error requests in your error logs, then you should turn it off. Why is that so hard to understand?– B TCommented Jul 3, 2020 at 16:51
-
-
2There can be a good reason to not make a favicon. In my case, I'm trying to update the 401 page to not request the favicon, since that request will also be unauthenticated and have an error. Commented Nov 12, 2020 at 18:06
if you use nginx
# skip favicon.ico
#
location = /favicon.ico {
access_log off;
return 204;
}
-
1This doesn't prevent the request, but I like it as an alternative.– QasimKCommented Apr 23, 2018 at 21:15
-
3
The easiest way to block these temporarily for testing purposes is to open up the inspect page in chrome by right-clicking anywhere on the page and clicking inspect or by pressing Ctrl+Shift+j and then going to the networking tab and then reloading the page which will send all the requests your page is supposed to make including that annoying favicon.ico. You can now simply right click the favicon.ico request and click "Block request URL".
All of the above answers are for devs who control the app source code. If you are a sysadmin, who's figuring out load-balancer or proxying configuration and is annoyed by this favicon.ico shenanigans, this simple trick does a better job. This answer is for Chrome, but I think there should be a similar alternative which you would figure out for Firefox/Opera/Tor/any other browser :)
-
This does not solve the original question. OP is having issue with regular browsing sessions. Commented Nov 20, 2023 at 8:53
-
1@SamSirry I mentioned that this answer is not for regular devs. This thread shows up in Google results, and for ex-sysadmin and DevOps role people like me who are testing some simple API calls from their browser, this method works and, in my opinion, is simple enough for one-off troubleshooting sessions. Commented May 28 at 20:43
Put this into your HTML head:
<link rel="icon" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAADElEQVQI12P4//8/AAX+Av7czFnnAAAAAElFTkSuQmCC">
This is a bit larger than the other answers, but does contain an actually valid PNG image (1x1 pixel white).
-
2
-
1Perhaps a little larger, but man does it work! Thanks! I am dabbling with serverless as well, this will cut down on my function calls by 50%.– RickarooCommented Sep 7, 2023 at 23:06
You can use .htaccess or server directives to deny access to favicon.ico, but the server will send an access denied reply to the browser and this still slows page access.
You can stop the browser requesting favicon.ico when a user returns to your site, by getting it to stay in the browser cache.
First, provide a small favicon.ico image, could be blank, but as small as possible. I made a black and white one under 200 bytes. Then, using .htaccess or server directives, set the file Expires header a month or two in the future. When the same user comes back to your site it will be loaded from the browser cache and no request will go to your site. No more 404's in the server logs too.
If you have control over a complete Apache server or maybe a virtual server you can do this:-
If the server document root is say /var/www/html then add this to /etc/httpd/conf/httpd.conf:-
Alias /favicon.ico "/var/www/html/favicon.ico"
<Directory "/var/www/html">
<Files favicon.ico>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</Files>
</Directory>
Then a single favicon.ico will work for all the virtual hosted sites since you are aliasing it. It will be drawn from the browser cache for a month after the users visit.
For .htaccess this is reported to work (not checked by me):-
AddType image/x-icon .ico
ExpiresActive On
ExpiresByType image/x-icon "access plus 1 month"
-
Don't forget to enable the module: ~ /etc/apache2 # a2enmod expires && service apache2 restart Commented Jan 8, 2017 at 20:31
A very simple solution is put the below code in your .htaccess. I had the same issue and it solve my problem.
<IfModule mod_alias.c>
RedirectMatch 403 favicon.ico
</IfModule>
Reference: http://perishablepress.com/block-favicon-url-404-requests/
answered Nov 12, 2013 at 15:32
-
The article linked to from here is very good, but I believe the syntax in the response is incorrect. Commented Jan 15, 2016 at 20:07
-
3So you get a 403 error (Forbidden) instead of a 404. How is that better? Commented Nov 3, 2022 at 18:51
Elaborating on previous answers, this might be the shortest solution from the HTML file itself:
<link rel="shortcut icon" href="data:" />
Tested working, no error messages or failed requests on Chrome Version 94.0.4606.81
Just make it simple with :
<link rel="shortcut icon" href="#" type="image/x-icon">
It displays nothing!!!!
In Node.js,
res.writeHead(200, {'Content-Type': 'text/plain', 'Link': 'rel="shortcut icon" href="#"'} );
-
1
-
@johnktejik This is making the Node server send an HTTP Header. This
resobject is the response, so anytime you send a new page, a new response to the user, you put your headers first, usually.– foxesqueCommented Jul 28, 2022 at 10:36 -
I need prevent request AND have icon displayed i.e. in Chrome.
Quick code to try in <head>:
<link rel="icon" type="image/png" sizes="16x16" href="data:image/png;base64,
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQBAMAAADt3eJSAAAAMFBMVEU0OkArMjhobHEoPUPFEBIu
O0L+AAC2FBZ2JyuNICOfGx7xAwTjCAlCNTvVDA1aLzQ3COjMAAAAVUlEQVQI12NgwAaCDSA0888G
CItjn0szWGBJTVoGSCjWs8TleQCQYV95evdxkFT8Kpe0PLDi5WfKd4LUsN5zS1sKFolt8bwAZrCa
GqNYJAgFDEpQAAAzmxafI4vZWwAAAABJRU5ErkJggg==" />
Effect:
Full example:
<!DOCTYPE html>
<html>
<head>
<title><- this icon</title>
<link rel="icon" type="image/png" sizes="16x16" href="data:image/png;base64,
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQBAMAAADt3eJSAAAAMFBMVEU0OkArMjhobHEoPUPFEBIu
O0L+AAC2FBZ2JyuNICOfGx7xAwTjCAlCNTvVDA1aLzQ3COjMAAAAVUlEQVQI12NgwAaCDSA0888G
CItjn0szWGBJTVoGSCjWs8TleQCQYV95evdxkFT8Kpe0PLDi5WfKd4LUsN5zS1sKFolt8bwAZrCa
GqNYJAgFDEpQAAAzmxafI4vZWwAAAABJRU5ErkJggg==" />
</head>
<body>
<h1>Check tab icon</h1>
</body>
</html>
answered Feb 5, 2022 at 5:42
-
How does this differ from stackoverflow.com/questions/1321878/… from a year prior?– TylerHCommented Aug 4, 2023 at 13:40
-
@TylerH attributes and visible size I think. Will add some content to make it stand off :D Commented Aug 8, 2023 at 4:58
In our experience, with Apache falling over on request of favicon.ico, we commented out extra headers in the .htaccess file.
For example we had Header set X-XSS-Protection "1; mode=block"
... but we had forgotten to sudo a2enmod headers beforehand. Commenting out extra headers being sent resolved our favicon.ico issue.
We also had several virtual hosts set up for development, and only failed out with 500 Internal Server Error when using http://localhost and fetching /favicon.ico. If you run curl -v http://localhost/favicon.ico and get a warning about the host name not being in the resolver cache or something to that effect, you might experience problems.
It could be as simple as not fetching (we tried that and it didn't work, because our root cause was different) or look around for directives in apache2.conf or .htaccess which might be causing strange 500 Internal Server Error messages.
We found it failed so quickly there was nothing useful in Apache's error logs whatsoever and spent an entire morning changing small things here and there until we resolved the problem of setting extra headers when we had forgotten to have mod_headers loaded!
Sometimes this error comes, when HTML has some commented code and browser is trying to look for something. Like in my case I had commented code for a web form in flask and I was getting this.
After spending 2 hours I fixed it in the following ways:
1) I created a new python environment and then it threw an error on the commented HTML line, before this I was only thrown error 'GET /favicon.ico HTTP/1.1" 404'
2) Sometimes, when I had a duplicate code, like python file existing with the same name, then also I saw this error, try removing those too
If you are not using HTML and it's auto-generated by Flask or some frameworks you can always add a dummy route in the app to just return dummy text to fix this issue.
Or . . . you can just add the favicon :)
Eg for Python Flask Application.
@app.route('/favicon.ico')
def favicon():
return 'dummy', 200
img-src, or spam your error logs, just for an unnecessary favicon