Closed Bug 172883 Opened 23 years ago Closed 23 years ago

Plain text email rendered as HTML

Categories

(SeaMonkey :: MailNews: Message Display, defect)

Product:
SeaMonkey
Component:
MailNews: Message Display
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 172808
Milestone:
mozilla1.2beta

People

(Reporter: gerv, Assigned: sspitzer)

Details

(Whiteboard: [sg:dupe 172808])

If you are sent an email without a Content-Type (I believe that's the trigger condition), any HTML within it is rendered, independent of your View | Message Body As settings. If you have JS turned on for Mail/News, it is executed. Presumably this is because Mozilla is merely wrapping the entire text in HTML/BODY/PRE tags. Bugzilla email is an example of this. Here's a demonstration. First, a script. Remember to turn on scripting in Mail and News, and View Source first to make sure I'm not stealing your cookies :-) <script>alert("Oh, dear");</script> Now a select widget: <select name="wibble"> <option name="foo">Foo</option> <option name="bar">Bar</option> </select> Possibly related: bug 172784. I've marked this bug security-sensitive in case there are further ramifications I haven't discovered. The Security Group should feel free to declassify this if they think it's not a security bug. Gerv
Nul points pour moi. Build ID: 2002100521. OS: Linux, Red Hat 7.1. Gerv
Target Milestone: --- → mozilla1.2beta
CCing some people from bug 172210, which may have caused this. Gerv
ducarroz, is this a dup of #172808?
Yes, this is a dup of 172808 *** This bug has been marked as a duplicate of 172808 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Verified dup
Status: RESOLVED → VERIFIED
Group: security
Whiteboard: [sg:dupe 172808]
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.