--- ./wptouch.php	2011-06-21 11:08:17.000000000 +0100
+++ ./wptouch.php	2011-06-21 11:18:27.000000000 +0100
@@ -500,6 +500,9 @@
 			
 			if ( isset( $_GET['wptouch_redirect'] ) ) {
 				$protocol = ($_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';
+				if(preg_match('{\.([^\.]+)\.([a-z]{2,3})(\.[a-z]{2,3})?$}',$_GET['wptouch_redirect'])){
+					$_GET['wptouch_redirect'] = '/';
+				}
 				$redirect_location = $protocol . $_SERVER['SERVER_NAME'] . $_GET['wptouch_redirect'];
 			}