It seems you have mod_security installed (
http://www.modsecurity.org/), replace the following part of button code
&url='+escape(document.location.href)+'&referrer='+escape(document.referrer)
with a single quote character, or
insert
.replace('http://','').replace('https://','')
after
document.location.href and document.referrer.
I'll fix it in 1.6.2 (though it is not a messenger fault).
PS: another way is to turn off mod_security completely, create .htaccess file
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>