I'm developing a website, but stuck at some point, where i needed to detect outgoing links on my website, and either forbid the links, or accept that, i don't know how facebook is doing this, but they can do it through facebook.com/l.php that if the link is marked spam, users will get notified about it.
I don't know if that's a php or htaccess, it worked in php using the DOMDOCUMENT, but it's not a real solution for this.
This is not something that you solve on the Apache or .htaccess level. Basically, whenever you're outputting a link, check if it's external, and if it is, change the destination to your redirector.
ReplyDeleteThe redirector can then just check the URL passed, and if it's marked as malicious, it can show a message, and if it's not, then it can either automatically redirect or display some kind of notice that you're leaving the website.
l.php is a script that reads links via $_GET['u']. With the url in the your hand you decide where you want the client to be redirected.
ReplyDeleteSo as it looks, you want the users to teach your application what is spam and what not. For that you will need a button "report spam" beside the url.
I'm not 100% sure how Facebook is implementing it, but what I would recommend is to use JQuery (or another javascript library) to rewrite all external links to a validating PHP script (e.g. Facebook's l.php script), w/ the intended url getting passed as a GET parameter.
ReplyDeleteUsing JQuery, it might look like:
$('a[href]').each(function(){
var safe_href = 'http://yourdomain.com/yourscript.php?url='+$(this).attr('href');
$(this).attr('href', safe_href);
});
You can can then do a database lookup in yourscript.php based on the variable $_GET['url'], and redirect to that url if it's safe or display a message if it isn't.