Can't get the GET header filter to work.

[Shaman]

Thanks everyone, but I’m still confused.
I may be way off the mark here, but it looks like the GET header does not actually contain the URL, but only the part that comes after it. Don’t know what that would be called, for example in this link
http://netspy.ukrpack.net/cgi-bin/proxy/printenv.cgi the URL is http://netspy.ukrpack.net and the GET header is “cgi-bin/proxy/printenv.cgi”

It’s not specific URLs that I want to target. It’s every URL that tries to insert personal details into the GET or POST headers.

A couple of months ago I saw my email address go out in a GET header. It was put there by a program I was trying out. I had blocked it net access during the trial, but it wanted to connect through IE to update some of the display, so I monitored it and allowed it. Bang…. my email address was gone.

Here is that GET header, (with my real email details asterixed out of course)
/pkg/login.php?uid=63592&eid=0008A12B1466&mid=125609959&email=*****%2D*******%40*********%2Ecom&vers=2.01&lang=eng HTTP/1.0

Of course things can be encrypted and so beyond control by simple word filtering. For those occasions I&#8217 like to be able to completely block GET and POST headers that exceed a certain length, so I can examine them and the program responsible before I decide to allow them.
Would that be possible with Proxomitron?