in reply to Re: Re: Hacking "explained"
in thread Filtering potentially dangerous URI schemas in <a href="...">
The idea is that it isn't known which headers are used as additional information. This is only security by obscurity of course, but it's slightly better than no extra measures at all.
Makeshifts last the longest.