-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Theo Van Dinter writes:
On Tue, Apr 27, 2004 at 03:46:32PM -0700, Justin Mason wrote:
http://images.google.ca/imgres?imgurl=gmib.free.fr/viagra.jpg&imgrefurl=...
eek!
It's double-encoded. We can catch that easily. But first, my question -- does this *work* in an MUA, ie. should we? Simon, could you try it?
I don't know about an MUA, but it doesn't work in any browser I've tried so far. You end up at http://images.google.com/images:
Information returned from request (not including data): <Connection> = <Keep-Alive> <Content-Type> = <text/html> <Content-length> = <161> <Date> = <Tue, 27 Apr 2004 22:59:47 GMT> <Location> = http://images.google.com/images <Server> = <GWS/2.1> <Set-Cookie> = <PREF=ID=2342b69354b6a6f5:LD=en:TM=1083106787:LM=1083106787:S=4Q5Kb3zcm_6V0Tjm; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.ca> <code> = <301>
Try http://images.google.ca/imgres?imgurl=gmib.free.fr/viagra.jpg&imgrefurl=...
(NOTE: with & replaced with just &) that works. (although it still uses google's image results page for the display.)
But just because it ends up at the imgres page doesn't mean we don't have to worry about it. This URL:
http://www.google.com/url?q=http://www.google.com/url?q=%68%74%74%70%3A%2F%2...
also works -- Google redirects it to the target site http://www.expage.com/manger32 successfully -- but SpamAssassin doesn't parse it.
- --j.
-
jm@jmason.org