Closed
Bug 262611
Opened 20 years ago
Closed 19 years ago
Loads remote images into RSS messages when "Block remote images" option is on
Categories
(MailNews Core :: Feed Reader, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 245361
People
(Reporter: mozilla.org, Assigned: mscott)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; rv:1.7.3) Gecko/20040913 Firefox/0.10.1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; rv:1.7.3) Gecko/20040913 Firefox/0.10.1
In the Privacy section of my Options, I have selected "Block loading of remote
images in mail messages". The only way to get hyperlinks in RSS entries is to
choose "View" | "Message Body As" | "Original HTML". This view also loads
remote images.
Reproducible: Always
Steps to Reproduce:
1. Add http://slashdot.org/index.rss as an RSS feed
2. Select the "Block loading of remote images in mail messages" Privacy option
3. Select "View" | "Message Body As" | "Original HTML"
4. Read a Slashdot entry
Actual Results:
Lots of images (including ads) are loaded.
Expected Results:
No remote images should be loaded.
I encounter similar bug, but I don't know whether it is separate bug. Do you see
this behaviour in normal e-mail messages?
|
Reporter | |
Comment 2•20 years ago
|
||
Nope, with normal emails everything is fine
|
||
Comment 3•20 years ago
|
||
This is because the web page is loaded within an <iframe> in the RSS msg.
Blocking only applies to the actual text of the message, not the text of the
content being loaded indirectly. By definition, you're going to see the images
on the web page.
Summary: Loads remote images when "Block loading of remote images in mail messages" option is on → Loads remote images into RSS messages when "Block remote images" option is on
|
|
||
Comment 4•20 years ago
|
||
(In reply to comment #3)
> This is because the web page is loaded within an <iframe> in the RSS msg.
> Blocking only applies to the actual text of the message, not the text of the
> content being loaded indirectly. By definition, you're going to see the
> images on the web page.
I was mistaken about this. Images shown within an <iframe> do get blocked, but
there is deliberate code in the blocking routine to make an exception for the
RSS feed. A comment in nsMsgContentPolicy::ShouldLoad() reads:
"special case RSS urls, always allow them to load remote images since the user
explicitly subscribed to the feed." [nsMsgContentPolicy.cpp]
Therefore, marking this bug Invalid.
Note that in current nightlies, an <iframe> with a 'src' attribute pointing to
an external entity will also be blocked, apparently due to the patch checked in
for bug 28327; however, RSS is still unaffected by this.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
|
|
Reporter | |
Comment 5•20 years ago
|
||
Umm, just because I subscribed to the RSS feed doesn't mean I want the images
too. I can subscribe to a mailing list but refuse those images. I don't see
the logic at all.
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
|
Assignee | |
Updated•20 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → WONTFIX
|
||
Comment 6•20 years ago
|
||
(In reply to comment #5)
> Umm, just because I subscribed to the RSS feed doesn't mean I want the images
> too. I can subscribe to a mailing list but refuse those images. I don't see
> the logic at all.
I agree with you on this. I fail to see the logic here as well.
Blocking images should be up the user.
|
||
Comment 7•20 years ago
|
||
(In reply to comment #5)
> Umm, just because I subscribed to the RSS feed doesn't mean I want the images
> too. I can subscribe to a mailing list but refuse those images. I don't see
> the logic at all.
I agree too. RSS feeds should honor the "Block loading of remote images"
setting. Maybe with a list of restriction akin to the "Allow remote images if
..." setting too.
|
||
Comment 8•20 years ago
|
||
(In reply to comment #5)
> Umm, just because I subscribed to the RSS feed doesn't mean I want the images
> too. I can subscribe to a mailing list but refuse those images. I don't see
> the logic at all.
Add me to the list. I really assumed TB just called a Firefox module to render
the web pages in TB and thus, it would end up using the same code. I was shocked
to find unwanted ads in the RSS feature, which I just started using, and LOVE.
They're so much better here than in Firefox except that I have more control in
Firefox.
Mike, your comment makes no sense. Users explicitly add bookmarks for URL's they
like that have all sorts of ads removed by Adblock. How is this any different? I
want the RSS feed. I do not want the ads.
Furthermore, so far, no one has posted the viewpoint of wanted to retain those
images.
If you're concerned about it, how about a simple toggle controlled in the
Options to either allow it to work or not allow it to work. Then all can be happy.
(In reply to comment #5)
> Umm, just because I subscribed to the RSS feed doesn't mean I want the images
> too. I can subscribe to a mailing list but refuse those images. I don't see
> the logic at all.
I agree wholeheartedly.. just because it says the following:
"special case RSS urls, always allow them to load remote images since the user
explicitly subscribed to the feed." [nsMsgContentPolicy.cpp]
I'm also subscribed to the slashdot rss feed, and you know what? I don't want to
see the ads either. If I'm viewing an RSS or regular email <HTML> markup in a
message it doesn't matter, I want control to block remote images if I want!
This seems to parallel the feature in Thunderbird whereby you can check to
"Allow remote images if the sender is in my: Addressbook", and I'm guessing that
whoever coded it reasoned that if you add a subscription to an RSS url then you
want everything (images, etc) that comes with it.
I don't think that this is a fair assumption to make.. you should leave it up to
the user.
Can you re-open this bug please or if there is a duplicate that will resolve
this 'feature' post the bug link?
Many thanks,
Jamie
|
||
Comment 10•19 years ago
|
||
See also bug 296258.
|
||
Comment 11•19 years ago
|
||
*** Bug 296258 has been marked as a duplicate of this bug. ***
|
|
||
Comment 12•19 years ago
|
||
Please reconsider and reopen this bug. This is a significant issue.
|
|
||
Comment 13•19 years ago
|
||
I reopened bug 296258 as a request for a separate pref, leaving this bug as a
request to change the default.
|
|
Reporter | |
Comment 14•19 years ago
|
||
*** This bug has been confirmed by popular vote. ***
Ever confirmed: true
|
|
Reporter | |
Comment 15•19 years ago
|
||
I am not quite sure what comment #14 means:
*** This bug has been confirmed by popular vote. ***
I did not create that comment, and the status of the bug has not changed from RESOLVED/WONTFIX.
Does anyone know when votes are tallied and how many votes are needed on an issue before someone actually pays attention?
|
|
Reporter | |
Comment 16•19 years ago
|
||
Does anyone know how many votes it takes to get a bug re-opened?
|
|
Reporter | |
Comment 17•19 years ago
|
||
It seems to me that since bug 245361
https://bugzilla.mozilla.org/show_bug.cgi?id=245361
isn't marked as "won't fix" and has 43 votes for it I'll just re-opne this and mark it as a dupe.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
|
|
Reporter | |
Comment 18•19 years ago
|
||
*** This bug has been marked as a duplicate of 245361 ***
Status: REOPENED → RESOLVED
Closed: 20 years ago → 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•