SECURITY: mail doesn't respect image security options.

VERIFIED DUPLICATE of bug 28327

Status

MailNews Core
Security
--
major
VERIFIED DUPLICATE of bug 28327
16 years ago
10 years ago

People

(Reporter: John Ellson, Assigned: Mitchell Stoltz (not reading bugmail))

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
The spammers are sending email with embedded image URLs with codes in them, and
then tracking users by recognizing when Mozilla mail fetches those URLs.

There urgently needs to be a security option to fetch no images (or other URLs)
when viewing email.

One fix might be to tie into the "images only from same server"
option so that images that are mutipart attachments are OK, but not external
references.

Comment 1

16 years ago

*** This bug has been marked as a duplicate of 97055 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → DUPLICATE
(Reporter)

Comment 2

16 years ago
Marking it as a duplicate of 97055 is insufficient.

This is a SECURITY problem.   97055 is marked as an enhancement and obviously
isn't being treatyed with sufficient priority!

Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---

Comment 3

16 years ago

*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 16 years ago16 years ago
Resolution: --- → DUPLICATE

Comment 4

16 years ago
Verified dupe. The problem is known.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.