Closed Bug 260962 Opened 21 years ago Closed 21 years ago

Remote css-stylesheets are loaded with remote image loading off

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 28327

People

(Reporter: rhorbas, Assigned: mscott)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040705 hypotext Build Identifier: Mozilla Thunderbird 0.8 (Windows/20040913) I turned the loading of remote images off becaues this is used by spammers to verify mal addresses. But -- remote stylesheets in HTML mails are loaded via http, which also enables spammers to use an unique id: <link rel="stylesheet" type="text/css" href="http://www.somespammer.example/layout.css?id=foo@bar.baz"> Which leads to the same success as loading a pixel gif with an id ... Reproducible: Always Steps to Reproduce: 1. 2. 3. Expected Results: Not load anything from outside.
*** This bug has been marked as a duplicate of 28327 ***
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.