Do not trust user input - live.com
I was searching for a colleague’s blog in a “legacy search engine” ;-)… and found a page in Kay Giza’s blog which linked “Niel Gräf” to somewhere. It wasn’t his blog, It was a linked “Live Search”:
Kay please don’t take it personal… What we see is a foreign page calling into Live without encoding the URL properly. That is what every non technical publisher will do - because they do not know better!
Clicking the link will open Live.com and will also show show results - If you have German language settings:
But if you click on “Next Page” to browse the results:
So what happens here?
Live.com does not encode the user input properly when using it to format links - that’s bad!
Live.com strips out special characters - not nice.
Hope there will be improvement soon :-)