This filter is not confirmed to work!
ScoJo has posted this fileter:
It is possible for URL commands to be leaked through the Referer
header. Bypass.. bweb.. or bout.. a site then click a link, the
referrer will include the commands and your prefix.
This little filter will remove them:
[HTTP headers]
In = FALSE
Out = TRUE
Key = "Referer: Remove URL Commands and Prefix (out)"
Match = "([^:]+:/+)1([^/.]+(..|//))+{1,*}2"
Replace = "12"
ScoJo