Well, I get a frantic set of messages from a client this morning; their site is "automagically" forwarding all users who view the Who's Online to a 3rd party website... Thinking they've been hacked, they're quite worried...
So, I dive in and mess around, and google the site they're being redirected to... seems the User Agent of the site is:
<SCRIPT>window.location='http://www.syncrisis.com'</script> (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)
Also have seen:
"<SCRIPT>window.location='http://www.syncrisis.com'</script> (compatible; MSIE 7.0; Windows NT 5.1)"
Curious if we can get strip_tags on the user agent field in the WOL page so "abusive bots" can't embed scripts... I see it as quite a little security issue...