2018-02-26 3:07 GMT-03:00 David B Funk <dbf...@engineering.uiowa.edu>:
> > Just be careful how you do that "expand redirections until no more > redirections" or you may get caught in a spammer trap. > > If you're going thru a professional redirect site like goo.gl or bit.ly > you're probably pretty safe but if it's a dedicated spammer site be ware. > > I was testing some redirection expantions on URLs from spam and found a > site that clearly had been crafted to foil this kind of thing. > > It was in one of those "check this out" spams which contains one line of > greeting and then a URL. > > When I grabbed it using curl it returned a 301 redirect, so I grabbed that > target, which lead to another 301, lather-rinse-repeat ad nausium. > However if you used a browser it went to the target "burn fat pills" site > in just two redirects. > > So my bet is that the spammers are crafty enough to check things like > browser referrer, cookies, etc to detect/differentiate a browser vs a > link-checker. > > Great! If the spammer uses same redirection URLs, as a loop, the script will ignore redirection on first recurrence. But this script is a beta and it is not is not mature enough to deal with loop redirects of distinct URLs. Maybe add a count limit resolves this issue, like 10 times max redirections. Most likely I will implement this, but my need is for someone to help me implement this script inside the SA, so that some users here in Brazil can use our URIBL easily.
