The plug-in rewriting URL approach is dangerous....
One of the most severe problems that might be caused by using plug-ins
in browsers results from the fact that browsers are not the only
technology to make use of URLs.
If users find that a URL works in one technology (e.g. browser with
plug-in) they may reasonably assume that the URL will work everywhere.
If such an assumption is made then the following will be likely points
of failure.
1) Links in a web page will fail for browsers without a plug-in
2) Links that are transferred to other technologies may fail. e.g.
within PDFs, or emails
3) “Plug-in” domains will not be valid for email addresses (unless the
all the email clients get a matching plug-in)
4) Additional confusion will occur if Internationalised TLDs are
eventually introduced and they do not precisely match the rules created
by the plugin.
5) If International TLDs have the same name as any used by a plug-in,
then users with the plug-ins installed will be unable to reach the
internationalised TLD. e.g. there is a plugin that maps .CM to .com . if
.CM is ever allowed, it will be masked by a plug-in redirecting it to
the .com . This opens up a range of phishing opportunities.
6) If the plug-ins can be updated from external “reference” sources,
there is potential for them to be used directly for phishing, by
directing users to a phishing site set up on a different top-level domain.
In short, although such plug-ins may appear helpful in the short term,
they may severely disadvantage their users in the future.