[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: Bug#35161 acknowledged by developer (HTML mail rendering in right click menu)
From: Florian Weber <Florian.Weber () pfaffenhofen ! de>
Date: 2001-11-23 14:45:15
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 23 November 2001 15:10, Michael Häckel wrote:
> > I'm not sure if that's not what you say, but:
> > More secure would be to have this mail rendered as HTML but no links
> > would be followed (maybe only if they are links to images? or
> > text/plain?) and no scripts would be executed.
> External references in the mail like images are only loaded, when this
> feature is enabled. This is a privacy issue, since the sender of a spam
> mail knows that you read it, if you request the images.
> Scripts are never executed.
> HTML as such is more dangerous, than plain text, because it is more likely,
> that there exist bugs that cause a crash when displaying it.
Right. That's why we proposed making it a "for this mail only" option (hence
the RMB menu entry). You probably don't want HTML spam, but being able to
look at an HTML greeting card (sigh!) without fussing around might still be
nice.
I think Mariusz' idea to only follow "relatively innocent" external references
like text/plain, image/* etc. is quite good, although harder to implement.
Scripts must, of course, never be executed.
- --
With best regards,
Florian Weber
Public pgp key on www.keyserver.net, key ID 1F198651
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7/mD+IHY1JB8ZhlERAj/OAJ9oZh2ZR/yLbINTVTj3k7LcTvheCQCfYEdP
gJifVgfcnVTSnxwtRm+8ZjQ=
=wc1l
-----END PGP SIGNATURE-----
_______________________________________________
kmail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic