Scanning for Unsafe URLs - Update 1
So, after writing it, I had an opportunity to tweak the scripts a little. I added a couple more URLs to reject in the irule but I've been having some fun dealing with redirection. I modified the perl script a little to prevent it from automatically following redirects because I was getting some false positives on sites where the url issued a 301 or 302 redirect. This doesn't seem optimal yet so I expect another update will be out soon.
Once doing the change for redirection, however, I had to then tweak the URLs being scanned for to include the full URL. I don't know how trustworthy the IIS URLs are yet--I'm going to try to find a box to test with later this week.
See the original post for the updated scripts.
