Coveo for Sitecore - {"message":"Parameter 'viewEvent.referrer' is not a valid URI.","type":"InvalidParameter"}

Recently, one of our client reported frequent error logs from Coveo. It was mostly for the Coveo view analytics request which returns bad request with the below error. 

View Request: /coveo/rest/ua/v15/analytics/view?visitor=

{"message":"Parameter 'viewEvent.referrer' is not a valid URI.","type":"InvalidParameter"}

We enabled the Coveo for Sitecore debug logs in \App_Config\Include\Coveo\Coveo.SearchProvider.Custom.config file. 

By enabling the debug log, it spit a huge amount of data to analyze. Upon checking one of the failure, we found the request header Referrer was having the URL with the correct format. 

We also found that user agent was always Android and that too version 9 or 10 which is pretty old. Either someone is using an old phone or someone is sending malicious requests using old user agents. 

When reaching out to Coveo support, they provided an assembly which can spit the payload also in the logs. After placing the assembly, we analyzed the payload and the referrer attribute was having Google App user agent. This referrer attribute which is in Coveo payload is different from the actual request. 

"referrer":"android-app://com.google.android.googlequicksearchbox/"

This is not having a right URL format so Coveo is responding with bad request. This Coveo payload referrer is injected by Coveo JavaScript framework. 

We do have Cloudflare as our edge layer but adding a rule to transform the referrer header may not work for Coveo payload. All the data is sent to Coveo support for further analysis. Waiting for their response. 

Regarding this referrer URL, Google provides the following information.

The android-app://com.google.android.googlequicksearchbox/ referrer indicates that a user has arrived on your site from the Google Search app on an Android device.

• This happens when a user clicks a search result link from within the Google Search app, rather than from a standard web browser.

• The android-app:// URI scheme identifies the referrer as an Android application.

• com.google.android.googlequicksearchbox is the unique package name for the Google Search app on Android.

• This traffic is essentially organic search traffic, and should be classified as such in your analytics.