Because they can be used to hide malicious redirects.

But the redirect is in the url, and isn't encrypted in any way? Can't the Steam "unpack" the redirect and then probe the "unpacked" redirect against the list of blocked sites? (and block the whole url if the "unpacked" url is in the list of blocked sites)

Sebastian Nielsen の投稿を引用：

But the redirect is in the url, and isn't encrypted in any way? Can't the Steam "unpack" the redirect and then probe the "unpacked" redirect against the list of blocked sites? (and block the whole url if the unpacked url is in the list of blocked sites)

Here's an older example of how Google Translate has been used to spread malware:

However, the Google Translate dodge is a little more complicated. Clicking on the link takes you to Google Translate, but it also instructs the service to go to a website in France and translate a page there that's written in Russian.

Once the Russian page is translated into English and displayed in an iFrame by Google Translate, GT executes code sent to it by the French website, breaks out of the iFrame and sends the victim to the real destination of the link: the pharmaceutical site.

As you can see, unscrupulous people can use what seems to be a perfectly legitimate website. which then redirects you to a 2nd website only after the page has been translated.

MancSulja: But then they could aswell just post the french link directly if they want to spread the malware?
Thus, the google translate only acts as a hider, and thus blocking the french link (with the "unpack" solution I proposed) would also block any GT links embedding the french link. (but not any GT links embedding "good" links)

Sebastian Nielsen の投稿を引用：

MancSulja: But then they could aswell just post the french link directly if they want to spread the malware?
Thus, the google translate only acts as a hider, and thus blocking the french link (with the "unpack" solution I proposed) would also block any GT links embedding the french link. (but not any GT links embedding "good" links)

And how many times they need to do it? over all it dose not sound like a great idea to unpack a site
I mean the scammer may even do a redirect to redirect to redirect to hide it
The blocking that Valve dose is not always only on sites, some times its also on get words that show many times on these sites, so its one more reason i guess

Easy: Disallow any site that is packed more than once. So a microsoft translator that tries to translate a google translate that in turn are trying to translate a third site, is blocked, regardless of the URL of the third site. Since theres no reason to chain translators or tools.

That could be done by implementing all translators and useful tools (like google maps and such) into one URL list, call it bluelist. Then any site on blacklist are blocked, any site on bluelist is allowed, but unpacked. And unpacked sites that exist on either bluelist or blacklist, are blocked.

And maybe more lenient permissions (like greylist and blacklist, and sites on greylist are only available for long-time friends) when chat is done between 2 friends that have been friends for more than 1 year.

Of course, theres no reason to allow URL shorterners, since Steam can handle long links. But URL shorterners are no problem for me, but translate and such should be allowed, because its hard to link to a swedish article to a english-speaking person.