Closed
Bug 229122
Opened 21 years ago
Closed 9 years ago
Escapes && and > Operators when Sending Javascript in Mail
Categories
(MailNews Core :: Composition, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 964024
People
(Reporter: gusrichter, Unassigned)
References
Details
Attachments
(1 file)
93 bytes,
text/plain
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Win95; en-US; rv:1.5) Gecko/20031007 Build Identifier: Mozilla/5.0 (Windows; U; Win95; en-US; rv:1.5) Gecko/20031007 SENDING Mail with Mozilla-Mail/Thunderbird containg Javascript, causes the && and > Operators to be converted to their escaped form of && and >. When such mail is received, the Javascript is then inoperable. RECEIVING such Mail with Mozilla-Mail/Thunderbird sent with another client such as NC 4.x works O.K. The problem in Thunderbird is only in Sending Mail. See Bug# 228787 reported under Thunderbird. <script language="javascript"> // sending if(i>1) // and (x==0&&y==restHeight) // results in receiving // if(i>1) // and // (x==0&&y==restHeight) </script> ** See Bug# 228787 Thunderbird where it's reported that under unknown conditions the Operators are NOT escaped. Reproducible: Always Steps to Reproduce: 1. Include the sample script in Mail and send. 2. Open the Mail, look at source, and the Operators are escaped. Actual Results: Results as previously mentioned. Expected Results: Mozilla Mail/News should not escape the Operators before/during Send.
Comment 1•21 years ago
|
||
This isn't a blocker. Changing to Normal severity.
URL: N/A
Severity: blocker → normal
Comment 2•21 years ago
|
||
*** Bug 228787 has been marked as a duplicate of this bug. ***
Reporter | ||
Comment 4•20 years ago
|
||
Changed Component from Mail Back-End to Composition.
Component: Mail Back End → Composition
Updated•20 years ago
|
Product: MailNews → Core
Comment 5•19 years ago
|
||
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
Reporter | ||
Comment 6•19 years ago
|
||
(In reply to comment #5) Tested for this bug on the latest Thunderbird version 1.5 Beta 1 (20050908) and find the problem to be still there. The procedure is to include the script as submitted into mail and the > and && operators will be escaped to > and && respectively. Gus Richter
Comment 7•19 years ago
|
||
The original posters comments are perfectly clear and reproduceable. With the new auto-resolve policy, and given this bug has been ignored for an inordinate length of time IMO I have enter a specific test case and additional comments. The following testing was done with Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20050930 Thunderbird/1.6a1 ID:2005093008 Steps to reproduce: 1. Copy the contents of the attachment sniffamp.txt into an html composition using |Insert | html or key enter the code via the |Insert | html window. (the bug is not a product of copy/paste] 2. Save the composition as unsent, or send it to yourself 3. Observe that the and/if javascript operator has been corrupted escaping the amps to render the script inoperable. Results in the received message javascript console: Error: syntax error Source File: mailbox:///C|/(some message url) Source Code: var geck = document.getElementById&&!document.all ? 1 : 0; The escaping occurs during the send/save process. The same result with the "greater than" operator. The exact core component that converts the composed html is unknown to me. Any help in identifying would be appreciated. Javascript is fully supported in received Mail/News. Why should it be ignored in Composition/Send
Comment 8•19 years ago
|
||
Reporter | ||
Comment 9•18 years ago
|
||
3 year old bug with 1 1/2 year of inactivity. Hoping to put this on someone's radar.
Summary: Escapes && and > Operators when Sending Javascript in Mail/News → Escapes && and > Operators when Sending Javascript in Mail
Comment 10•17 years ago
|
||
sorry for the spam. making bugzilla reflect reality as I'm not working on these bugs. filter on FOOBARCHEESE to remove these in bulk.
Assignee: sspitzer → nobody
Assignee | ||
Updated•16 years ago
|
Product: Core → MailNews Core
Comment 12•9 years ago
|
||
Recommend the closing of this bug as wontfix. Reason is TB had embedded JS script access to spidermonkey killed when FF made a core CAPS change while TB3/3.1 was in pre-release with no resources available to adapt.
Comment 13•9 years ago
|
||
Actually Ron, this has been fixed on trunk just a day ago. Scripts are no longer corrupted, but it's still difficult to get JS to run. I don't think that will ever be re-visited, but you can get scripts to run with up to TB 27, and an older version of the 'Total Message' extension. The capability to run JS in that extension was dropped on more recent versions. Good to see you posting (my bugzilla email addy is good, drop me a line sometime, and we call talk about the 'good old days'
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
Comment 15•9 years ago
|
||
I think you marked the wrong bug as duplicate.
Status: RESOLVED → UNCONFIRMED
Ever confirmed: false
Resolution: DUPLICATE → ---
Comment 16•9 years ago
|
||
Oh sorry. It seems it was already updated to the right bug. Sorry for the spam.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago → 9 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•