I've obviously missed something critical here - how is it that a browser requesting something that doesn't exist is being given anything other than a 404 or some handler thereof? If you haven't gone past the last slash then it's still a path and not a file so why is a file being sent?
I know there used to be severe problems for browsers that couldn't handle a 404 when a script src was supposed to be coming from somewhere that didn't have it, is this a similar thing resulting from a bit of duff coding, potentially at both ends?