how can I do this without getting "forbidden". Other sites do it, for example http://twitter.com?status=http%3A//somesite.com works just fine. I've been looking everywhere for an answer. Please can somebody help! Please note my example is automatically encoded (imagine it without the %3A)
You will need to encode the url. A query string with an unencoded url is going to be a problem.
If you don't encode urls inside urls, then whoever is interpreting it will not see it as a valid URL. This is because in your example
http://twitter.com?status=http%3A//somesite.com
The %3A is a colon. But according to the URI specification, the colon is a schema delimiter (http, ftp, irc, whatever), and a uri can only contain one. And if I've read enough of these specs, I'm guessing it says the equivalent to "servers receiving an badly formed url should return an error message" or "..try to interpret it without guaranteeing a positive response".
Technically the // should also be escaped, since they are path delimiters, but only a server serving static content would react to that.
For the URI specification, see http://labs.apache.org/webarch/uri/rfc/rfc3986.html
If you are asking how to do this in Javascript you should use the escape/unescape and handle the special case of the / character.
Take a look at this reference.