Last Comment Bug 309024 - Mails with vCard are marked as scam
: Mails with vCard are marked as scam
Status: VERIFIED FIXED
: fixed-seamonkey1.0, fixed-seamonkey1.1a
Product: SeaMonkey
Classification: Client Software
Component: MailNews: Message Display (show other bugs)
: Trunk
: All All
: -- normal (vote)
: ---
Assigned To: Ian Neal (Away until 7th Aug)
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-09-18 00:38 PDT by Frank Wein [:mcsmurf]
Modified: 2006-08-20 09:14 PDT (History)
2 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Add check for View button too v0.1 (1.16 KB, patch)
2005-09-18 06:47 PDT, Ian Neal (Away until 7th Aug)
neil: review+
mozilla: superreview+
Details | Diff | Splinter Review
Unbitrotted patch v0.1a (1.16 KB, patch)
2006-01-24 16:31 PST, Ian Neal (Away until 7th Aug)
iann_bugzilla: review+
iann_bugzilla: superreview+
kairo: approval‑seamonkey1.0+
kairo: approval‑seamonkey1.1a+
Details | Diff | Splinter Review
Checked in patch v0.1b (Checked in trunk, branch 1.8 & branch 1.8.0) (1.28 KB, patch)
2006-01-27 04:46 PST, Ian Neal (Away until 7th Aug)
no flags Details | Diff | Splinter Review

Description Frank Wein [:mcsmurf] 2005-09-18 00:38:21 PDT
When viewing a mail with a vCard in HTML View, the mail is marked as scam. The
problem is the first button in the mail labeled "View Complete Card". This form
element has no action, so
http://lxr.mozilla.org/mozilla/source/mailnews/base/resources/content/phishingDetector.js#78
returns true for isEmailScam. Maybe it should just check the action if it is != "".
Comment 1 Ian Neal (Away until 7th Aug) 2005-09-18 06:47:03 PDT
Created attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

View Button only shows up if JS is enabled for mailnews

This patch:
* Checks for non-empty action as well as non-addbook action
Comment 2 neil@parkwaycc.co.uk 2005-09-22 06:08:45 PDT
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

Although, I'd prefer it if you could tweak mimevcrd.cpp to use an input
type="button" without a form...
Comment 3 Frank Wein [:mcsmurf] 2005-11-09 12:37:05 PST
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

Easy review
btw: Does TB not display vCards inline? Or does it need such a patch, too?
Comment 4 David :Bienvenu 2005-11-09 12:45:48 PST
Comment on attachment 196528 [details] [diff] [review]
Add check for View button too v0.1

tbird doesn't display the view complete card, afaik.
Comment 5 Ian Neal (Away until 7th Aug) 2006-01-24 16:31:44 PST
Created attachment 209524 [details] [diff] [review]
Unbitrotted patch v0.1a

Unbitrotted version of patch, carrying forward r/sr and requesting a= for SM1.0 and SM1.1
Comment 6 Robert Kaiser 2006-01-25 07:11:34 PST
Comment on attachment 209524 [details] [diff] [review]
Unbitrotted patch v0.1a

>-      isEmailScam = !/^addbook:/.test(forms[index].action);
>+      isEmailScam = forms[i].action != "" && !/^addbook:/.test(forms[index].action);


It looks to me as if that should be |forms[index]| instead of |forms[i]| (also from looking at the first patch)...

With that fix (and given that detection has been tested to work correctly with that patch), a=me for 1.1 and 1.0
Comment 7 Ian Neal (Away until 7th Aug) 2006-01-27 04:46:38 PST
Created attachment 209829 [details] [diff] [review]
Checked in patch v0.1b (Checked in trunk, branch 1.8 & branch 1.8.0)

Checking in (trunk)
phishingDetector.js;
new revision: 1.5; previous revision: 1.4
done
Checking in (branch 1.8)
phishingDetector.js;
new revision: 1.1.2.3; previous revision: 1.1.2.2
done
Checking in (branch 1.8.0)
phishingDetector.js;
new revision: 1.1.2.1.4.2; previous revision: 1.1.2.1.4.1
done
Comment 8 Stephen Donner [:stephend] 2006-03-26 11:23:52 PST
Verified FIXED with a new profile using build 2006-03-26-06 of SeaMonkey trunk on Windows XP.

Note You need to log in before you can comment on or make changes to this bug.