I wrote a cheezy little tool tonight to detect if users are using IE7.0 or not using the res:// handler. Basically it just checks to see if one of the buttons used in the anti-phishing filter are there. If so you have IE7.0. If not, you are using another browser. Firefox for instance drops a security warning when using a res:// location but also replaces the image with a default broken image, which we can detect.
The broken image in Firefox actually has a size, which we can detect (instead of giving an error when I attempt to access the image - which I could still probably get around by measuring the width of something that surrounds it most likely). Anyway, with a small hack I can now test if the user is using IE7.0 regardless if they are spoofing their user agent. Tis a minor issue.