Closed Bug 244593 Opened 21 years ago Closed 21 years ago

Pref to disable loading of external objects in Mozilla Mail

Categories

(MailNews Core :: Backend, enhancement)

Product:
MailNews Core
Component:
Backend
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 28327

People

(Reporter: bugzilla, Assigned: sspitzer)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; cs-CZ; rv:1.7) Gecko/20040514 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; cs-CZ; rv:1.7) Gecko/20040514 Now there are 3 prefs which can help user to keep his privacy during reading mails. javascript.allow.mailnews mailnews.message_display.allow.plugins mailnews.message_display.disable_remote_image But this is not sufficient. If the user receives HTML mail with tag like <iframe src="http://www.example.com/?userid=43943847384783"></iframe>, the iframe is loaded and the user can be still identified (his IP address, OS, time when he read this mail etc.) Similar problem is for tag <link rel="stylesheet" href="http://www.example.com/?userid=43943847384783"> You can even use external protocols like <img src="rlogin://www.mozilla.org:80"> (see bug #167475). If we want to keep user privacy, there should be some global pref e.g. mailnews.message_display.disable_remote_objects, which will prevent loading all external objects (like iframes, *.css etc.). Reproducible: Always Steps to Reproduce:
*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
For the iframe issue see Bug 243306.
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.