View->Message Body->As Plain Text fooled by broken clients sending false Content-Type

UNCONFIRMED
Unassigned

Status

Thunderbird
Mail Window Front End
UNCONFIRMED
11 years ago
3 years ago

People

(Reporter: cburroughs, Unassigned)

Tracking

({testcase})

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.6) Gecko/20070806 Firefox/2.0.0.6
Build Identifier: version 2.0.0.6 (20070805)

If a Thunderbird receives an email that claims to be text/plain when it is in fact html View->Message Body->As Plain Text will not sanitize the message.  It will instead display the raw "html". 

Reproducible: Always

Steps to Reproduce:
1. Get email from deceitful client that sends html as text/plain
2. Look at it.
3. Cringe at the tag soup.
Actual Results:  
Sample:
Apparently there has been some confusion about the schedule of the Lab Exam=
.=C2=A0 This is the second week of the Identifications Lab.=C2=A0 The Lab E=
xam is NEXT week Nov. 5-9.=C2=A0 The lab section is only divided for the la=
b exam.=C2=A0 You can figure out your bench/cabinet number this week during=
 lab so that you are on time and ready next week.<br /><p><br type=3D"_moz"=
 /></p><p>

Expected Results:  
Thunderbird to protect my eyes from the evil.

Dealing with broken/deceitful behavior is tricky.  This could be the least bad behavior.
Chris do you have an example that you could attach to the bug ? Do you still have the issue with recent beta of Thunderbird 3 (http://stage.mozillamessaging.com/en-US/thunderbird/early_releases/downloads/) ?
Chris ?
Whiteboard: [closeme 2011-09-15]
(Reporter)

Comment 3

7 years ago
Created attachment 547279 [details]
sample email

Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110514 Lightning/1.0b3pre Thunderbird/3.1.10
Keywords: testcase
Whiteboard: [closeme 2011-09-15]
Hum it seems we are doing the right thing as I don't see any html in the testcase email. But I'm not so much of an expert on that yet.
You need to log in before you can comment on or make changes to this bug.