Closed Bug 309024 Opened 18 years ago Closed 18 years ago

Mails with vCard are marked as scam

Categories

(SeaMonkey :: MailNews: Message Display, defect)

Product:
SeaMonkey
Component:
MailNews: Message Display
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: mcsmurf, Assigned: iannbugzilla)

Details

(Keywords: fixed-seamonkey1.0, fixed-seamonkey1.1a)

Attachments

(1 file, 2 obsolete files)

Checked in patch v0.1b (Checked in trunk, branch 1.8 & branch 1.8.0)
1.28 KB, patch
Details | Diff | Splinter Review 
When viewing a mail with a vCard in HTML View, the mail is marked as scam. The
problem is the first button in the mail labeled "View Complete Card". This form
element has no action, so
http://lxr.mozilla.org/mozilla/source/mailnews/base/resources/content/phishingDetector.js#78
returns true for isEmailScam. Maybe it should just check the action if it is != "".
View Button only shows up if JS is enabled for mailnews

This patch:
* Checks for non-empty action as well as non-addbook action
Assignee: mail → iann_bugzilla
Status: NEW → ASSIGNED
Attachment #196528 - Flags: review?(neil.parkwaycc.co.uk)
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

Although, I'd prefer it if you could tweak mimevcrd.cpp to use an input
type="button" without a form...
Attachment #196528 - Flags: review?(neil.parkwaycc.co.uk) → review+
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

Easy review
btw: Does TB not display vCards inline? Or does it need such a patch, too?
Attachment #196528 - Flags: superreview?(bienvenu)
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

tbird doesn't display the view complete card, afaik.
Attachment #196528 - Flags: superreview?(bienvenu) → superreview+
Attached patch Unbitrotted patch v0.1a (obsolete) — Splinter Review 
Unbitrotted version of patch, carrying forward r/sr and requesting a= for SM1.0 and SM1.1
Attachment #196528 - Attachment is obsolete: true
Attachment #209524 - Flags: superreview+
Attachment #209524 - Flags: review+
Attachment #209524 - Flags: approval-seamonkey1.1?
Attachment #209524 - Flags: approval-seamonkey1.0?
Comment on attachment 209524 [details] [diff] [review]
Unbitrotted patch v0.1a

>-      isEmailScam = !/^addbook:/.test(forms[index].action);
>+      isEmailScam = forms[i].action != "" && !/^addbook:/.test(forms[index].action);


It looks to me as if that should be |forms[index]| instead of |forms[i]| (also from looking at the first patch)...

With that fix (and given that detection has been tested to work correctly with that patch), a=me for 1.1 and 1.0
Attachment #209524 - Flags: approval-seamonkey1.1?
Attachment #209524 - Flags: approval-seamonkey1.1+
Attachment #209524 - Flags: approval-seamonkey1.0?
Attachment #209524 - Flags: approval-seamonkey1.0+
Checking in (trunk)
phishingDetector.js;
new revision: 1.5; previous revision: 1.4
done
Checking in (branch 1.8)
phishingDetector.js;
new revision: 1.1.2.3; previous revision: 1.1.2.2
done
Checking in (branch 1.8.0)
phishingDetector.js;
new revision: 1.1.2.1.4.2; previous revision: 1.1.2.1.4.1
done
Attachment #209524 - Attachment is obsolete: true
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Keywords: fixed-seamonkey1.0
Resolution: --- → FIXED
Verified FIXED with a new profile using build 2006-03-26-06 of SeaMonkey trunk on Windows XP.
Status: RESOLVED → VERIFIED
Keywords: fixed-seamonkey1.1a
You need to log in before you can comment on or make changes to this bug.