The address bar spoofing filter in ie-exploits is breaking search on Amazon website.
To duplicate :
-go to amazon.com
-seach for "linux"
-in the result page, click on "Software" in the Refine your seach column
-on the new result page, check the link corresponding to "More Result" and you'll see the store-name part containing MALICIOUS-LINK because %01 got replaced.
Logged In: YES
user_id=13361
Here is a correct regexp to fix the exploit but to not touch
amazon links
s/(<a[^>]*href[^>]*)(\x01|\x02|\x03|%0[012])\@/$1MALICIOUS-LINK\@/ig
Logged In: NO
...or just add the following to your 'user.action' file:
{-filter{ie-exploits}}
.amazon.*/exec/obidos/search-handle-url
Logged In: YES
user_id=875547
Thanks for the report.
I added your fix in:
http://ijbswa.cvs.sourceforge.net/\*checkout*/ijbswa/current/default.filter?revision=1.22
It will be part of the next release.