Closed
Bug 230274
Opened 21 years ago
Closed 20 years ago
iframes should be disabled if remote images are blocked
Categories
(Thunderbird :: Mail Window Front End, defect)
Tracking
(Not tracked)
People
(Reporter: lk, Assigned: mscott)
References
(Depends on 1 open bug)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20031007 Firebird/0.7 Build Identifier: Thunderbird 0.4 (20031205) I have "Block loading of remote images in mail messages" set, and this works fine. But I just received an email from the International Herald Tribune (a daily news email), and got this error after a few seconds: The operation timed out when attempting to contact ad.doubleclick.net. I looked at the HTML source and found this: <iframe SRC=3D"http://ad.doubleclick.net/adi/newsalert.iht.com;sz=3D468x60;= ord=3D?" WIDTH=3D468 HEIGHT=3D60 MARGINWIDTH=3D0 MARGINHEIGHT=3D0 HSPACE=3D= 0 VSPACE=3D0 FRAMEBORDER=3D0 SCROLLING=3DNO> <A HREF=3D"http://ad.doubleclick.net/jump/newsalert.iht.com;sz=3D468x60;ord= =3D?" TARGET=3D"_top"> <IMG SRC=3D"http://ad.doubleclick.net/ad/newsalert.iht.com;sz=3D468x60;ord= =3D?" BORDER=3D0 WIDTH=3D468 HEIGHT=3D60></A> </iframe> I think the purpose of blocking remote images is to thwart spammers who are trying to verify valid email addresses by embedding the email address into the image URL. Executing iframes or IMG tags within iframes should similarly be disabled. More generally, all non-local URL access should be blocked. Reproducible: Always Steps to Reproduce:
Assignee | ||
Comment 1•21 years ago
|
||
i think you really want to be using: View / Message Body As / Simple HTML or Plain Text. That does what you are looking for.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 2•21 years ago
|
||
Yikes! Not at all, that gets rid of fonts and makes the emails look ugly. What is the purpose of the "Block loading of remote images in mail messages" feature? Why have it if spammers can just get around the problem with an iframe? A big reason why I use Thunderbird is that I can block remote images yet still read nice-looking HTML mail. Being forced to look at ugly emails is not a solution at all.
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
Comment 4•20 years ago
|
||
Probably depends on 64066.
Comment 5•20 years ago
|
||
*** Bug 236494 has been marked as a duplicate of this bug. ***
Comment 6•20 years ago
|
||
re comment 0-2: then it's a dup of 28327 *** This bug has been marked as a duplicate of 28327 ***
Status: NEW → RESOLVED
Closed: 21 years ago → 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•