g1smd - 9:16 am on Feb 2, 2012 (gmt 0)
There is an alternative way of fixing this.
Rewrite (that's rewrite, not redirect) those requests and only those requests to a simple PHP script that uses preg_replace to fix up the URLs. The PHP script then sends the required HEADER directives for the 301 status and for the new location.
Unusually, the rewrite code will be placed before any canonical redirects. Necessarily, the code will be placed after any code that blocks malicious requests.