On Tuesday, April 20, 2004, 10:51:55 PM, Eric Kolve wrote:
I have just released SpamCopURI version 0.11. This fixes a few bugs that had been reported and adds open redirect resolution.
This basically takes a URL from say rd.yahoo.com and attempts to resolve the Location header without ever fetching from the potential spammy site.
Only the URLs that have hosts that match an address list get redirect resolution. As well, redirect resolution is off by default, but can be enabled in the conf file. I have placed several open redirect sites in the conf file. The basic requirement is that the redirect return a 300 level HTTP response when fetching. I placed google.com in there even though they don't have their own redirect domain, but this should be fairly safe since most if not all google URLs are either redirects or searches. Give it a try and tell me what you think. This is all dependent upon LWP, but if you don't have LWP everything else will function as it did before.
Eric, you may want to share your redirection resolution strategies with the 3.0 developers. I haven't heard Justin getting beyond patterns yet. ;-)
Jeff C.