Closed Bug 527649 Opened 15 years ago Closed 14 years ago

HTML Signature does not display online images when compose opened via mailto: link. Shows fine using 'Write' button.

Categories

(Thunderbird :: Message Compose Window, defect)

Product:
Thunderbird
Component:
Message Compose Window
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
trivial

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 531437

People

(Reporter: mail, Unassigned)

References

Details

Attachments

(2 files)

HTML file that is being used for the signature file.
2.24 KB, text/html
Details
Test HTML Signature file for Thunderbird
600 bytes, text/html
Details 
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1
Build Identifier: version 2.0.0.23 (20090812)

I have a HTML signature with an image hosted on a publically available server. When I create a new email by clicking on the 'Write' button the signature and image show correctly. However, when I click on a mailto: link on a web page to open the compose window then the image does not display. HOWEVER once sent, the image is in the email in the sent items folder and is also in the final, received email - the bug only affects the compose window itself but was rather off-putting when I thought it would not be present in the final email!

Reproducible: Always

Steps to Reproduce:
1. Create a HTML file and set as signature. The one I use is below:

<br /><div id="sig" style="margin: 0; padding: 12px 8px 8px 8px; border-top: 1px #999999 dotted; font-family: 'Lucida Grande', Verdana, Arial, Sans-Serif; font-size: 11px; color: #548ac8; " >
		<p style="margin:0; padding:0;"><img src="http://www.pocketgpsworld.com/images/pgps-mail24.jpg" alt="PGPS" style="float: left; padding: 2px 6px 0 0;">
		  <strong style="color: #548ac8;">Matthew Morley</strong> | Editor &amp; Database Admin | <a href="mailto:darren@pocketgpsworld.com" style="color: #548ac8; text-decoration: none; border-bottom: 1px #999999 dotted;">maft@pocketgpsworld.com</a> | <a href="http://www.pocketgpsworld.com" title="visit PocketGPSWorld.com" style="color: #548ac8; text-decoration: none; border-bottom: 1px #999999 dotted;">PocketGPSWorld.com Limited </a><br />
		Follow us on Twitter at <a href="http://www.twitter.com/pocketgpsworld.com" title="Follow us on Twitter" style="color: #548ac8; text-decoration: none; border-bottom: 1px #999999 dotted;">www.twitter.com/PocketGPSWorld</a> or on Facebook at <a href="http://www.facebook.com/pages/PocketGPSWorldcom/80402580692" title="Follow us on Twitter" style="color: #548ac8; text-decoration: none; border-bottom: 1px #999999 dotted;">www.facebook.com/PocketGPSWorld</a></p></div>
		<div id="disc" style="line-height: 8px; margin:0; padding: 8px; border-bottom: 1px #999999 dotted; font-family: 'Lucida Grande', Verdana, Arial, Sans-Serif; font-size: 8px; color: #548ac8;"><p style="margin:0; padding:0;">The information contained in or attached to this email is intended only for the use of the individual or entity to which it is addressed. If you are not the Intended recipient, you are not authorised to and must not disclose, copy, distribute, or retain this message or any part of it. It may contain information which is confidential and/or covered by legal professional or other privilege (or other rules or laws with similar effect in jurisdictions outside England and Wales). Viruses: Although we have taken steps to ensure this email and attachments are free from any virus, we advise that in keeping with good computer practice, the recipient should ensure they are actually virus free. The contents of this email may not be re-produced in part or in full without the prior permission of the sender.</p></div>


2. Click on a mailto: link on a web site
Actual Results:  
Image does not show in the signature BUT is sent correctly.

Expected Results:  
Image should show in the signature in compose window as well.
Version: unspecified → 2.0
Tested with:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6pre) Gecko/20091110 Shredder/3.0pre ID:20091110032315

I am not able to duplicate your problem.
Chances are "slim to none" that anything like this will ever get fixed in TB 2
if, in fact there is a problem there.

I do see some problems in your html sig code though, assuming that you are trying to actually send a link to the remote sourced image, and not the image itself embedded in the message.

In TB3 (and TB2 as well, I think) when you include a remote sourced image link in a signature, there is no way to prevent it from being converted to a CID and sent with the message. There is a work-around for this to retain the link, by using an Iframe.

Here's what your sig code might look like:
<iframe style="float: left; padding: 2px 6px 0 0; width: 24px; height: 24px;" src="http://www.pocketgpsworld.com/images/pgps-mail24.jpg" alt="PGPS" frameborder="0">
</iframe>

If you use that method, you will retain the remote link in the sig
(In reply to comment #2)
> Tested with:
> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6pre) Gecko/20091110
> Shredder/3.0pre ID:20091110032315
> 
> I am not able to duplicate your problem.
> Chances are "slim to none" that anything like this will ever get fixed in TB 2
> if, in fact there is a problem there.

I'm going to confirm that it won't be fixed in 2.0. Matthew Thunderbird 3.0 RC is going to be released in a few days (if not today) - would you mind confirming that the issue is gone with that version ?
Ludovic,

I will give it a try in TB3 RC. I hadn't realised it was so close to release else I wouldn't have posted the issue!

Thanks
I have similar problem in TB 3 RC. But my images are loaded via HTML template by my extension. Anyway, even if I try to insert image manually it does not work.

To make it work in TB 2 i used 
pref("network.protocol-handler.expose.file", true);

But it no longer works in TB 3.

I suspect it is again conflict with security code. Someone somewhere adjust secutirty code, and now loading image contents in mailto: mail is considered as insecure.

Indeed, mailto: with body coming from link (from external source) may be vunerable to attacks. But body parts from signature or images loaded manually by user should be always considered as safe.

I think this check should not be applied to all images in mailto: mail. 
Part of code which imports mail body from clicked link should just mark any external content links (like images) as unsafe, and security code should disable only this unsafe content, not all content.

I do my tests on Windows, I think "Platform" should be changed to "All". Or I should ill new bug for Windows only?
(In reply to comment #5)
> I have similar problem in TB 3 RC. But my images are loaded via HTML template
> by my extension. Anyway, even if I try to insert image manually it does not
> work.
> 
> To make it work in TB 2 i used 
> pref("network.protocol-handler.expose.file", true);
> 
> But it no longer works in TB 3.

I'm not having a problem here in Winxp and RC1
Here's my code:
<style>
div.sign
	{
	position:relative;
	bottom:0em;
	width:90%;
	background-color:#fffacc;
	border-style:dotted;
	border-width:1px;
        -moz-border-radius: 1em;
	font-style:italic;
	text-align:left;
	padding-bottom:2px;
        margin-bottom:1px;
	
	}

  </style>
<div class="sign"><b><font color="#cc9933">&nbsp; JoeS ...<img
 style="padding-top: 4px;" alt=""
 src="file:///C:/demogifs/mlogo2.gif" height="20"
 width="28"></font></b><font face="Verdana,Helvetica,Arial" size="2"><b>"Get a Gecko" <a  href="http://releases.mozilla.org/pub/mozilla.org/thunderbird/releases/">
TB Release Vers</a> &nbsp; <a
 href="http://ftp.mozilla.org/pub/mozilla.org/thunderbird/nightly/latest-comm-1.9.1/">TB
Trunk w/Plugins</a> &nbsp; <a
 href="http://www.mozilla.org/projects/seamonkey/releases/">Seamonkey</a>&nbsp; 

<br>
</b></font></div>

> 
> I suspect it is again conflict with security code. Someone somewhere adjust
> secutirty code, and now loading image contents in mailto: mail is considered as
> insecure.
> 
> Indeed, mailto: with body coming from link (from external source) may be
> vunerable to attacks. But body parts from signature or images loaded manually
> by user should be always considered as safe.

Are you only seeing the problem when opening TB from a mailto:

> I think this check should not be applied to all images in mailto: mail. 
> Part of code which imports mail body from clicked link should just mark any
> external content links (like images) as unsafe, and security code should
> disable only this unsafe content, not all content.

I am not aware of any recent changes in content policy.
I also get this problem in 2.0.0.23 and the recent 3.0rc1.

Using a simple html signature:

<HTML>
<HEAD>
    <BODY>
        <IMG src="file:///c:/temp/logo.gif">
    </BODY>
</HTML>

The broken image is shown when using mailto: links. The Write button works ok and the recipient gets an image either way.
The problem still exists in 3.0.

To reproduce:

1. create signature file with this content:

<body>

<a href="http://www.oracle.com" target="_blank">
<img border=0 width=114 height=26 id="_x0000_i1025"
src="http://www.oracle.com/dm/design/images/oracle_sig_logo.gif" alt=Oracle>
</a><br>

<a href="mailto:nouser@nocomputer.com?subject=subject&body=<a href=http://www.oracle.com></a>">email to someone</a>

</body>

</html>


2. Click Write

Image and link are displayed. Send this email to yourself.

3. When you receive the email, click on "email to someone". A new window opens, and neither displays the image, nor displays the body as a link but as plain text. This worked in TB 2.
This sounds like a duplicate of, or something very similar to bug 531437. Adding dependency for now.
Depends on: 531437
I have the same problem using TB 3 with a Bitmap signiture. when clicking on a mailto link the signiture doesn't display.
I'd like to reply to this bug report with some details that may be of use. 

I am using Windows XP SP3, Thunderbird 3.0.1. My signature is an HTML file with a link to an image on a web server (full path). The img tag in the signature contains the moz-do-not-send='false' tag. 

There are three operations that result in different views of the signature in the compose window:

1. Composing a new message (usually via the Write Button): 
The compose window comes up with a perfect rendering of the signature, image and all. The sent email is received with the signature intact and the image attached and embedded. No problem here.

2. Reply or Forwarding and existing email with signature insertion: 
The compose window comes up with the quoted message and the signature attached (above or below the quote - doesn't matter). BUT the image is not rendered, instead a placeholder is inserted that looks like square (about 32x32) with a ripped sheet of paper icon (Typical broken image icon). 

If I send the email at this point, the image in the signature is attached and embedded properly in the received email.

Also, I can double click the broken image icon to bring up the image editor dialog. All I have to do at this point is click the Okay button and the image is properly rendered. And everything works as in operation 1 from this point. 

3. Clicking on a mailto: link: 
Again, The compose window comes up with the quoted message and the signature attached (above or below the quote - doesn't matter). BUT the image is not rendered, instead a placeholder is inserted that looks like square (about 32x32) with a ripped sheet of paper icon (Typical broken image icon). 

Again, If I send the email at this point, the image in the signature is attached and embedded properly in the received email.

But, If I double click the broken image icon to bring up the image editor dialog. Pressing the Okay button does not render the image, but rather retains the broken image icon and expand the broken image box to the native size of the image. Sending at this point will still attach and embed the image properly in the received email. 

I don't really see this as a functional problem, as the email signatures look fine in the sent emails. It's just a visual problem in the compose window for the person replying or forwarding to an email. But I hope it will be fixed in future releases. 

I will attach my test signature file for others to test with.
By the way, this test signature fuke is set up with a link to a png image, but I have seen the behavior outlined in my previous post with gif and jpg as well.
Checked on Windows XP and Windows 7
Thunderbird 3.0.4
The signature has a link to a local server file
When clicking on mailto links the image appears as broken
(In reply to comment #14)
> Checked on Windows XP and Windows 7
> Thunderbird 3.0.4
> The signature has a link to a local server file
> When clicking on mailto links the image appears as broken

This is the same in Mac OSX too.
The same in TB 3.1 !
Anybody willing to get this "bug" out? Local images should be easy to detect and not being blocked at least ... Very annoying, even Copy/Paste of Images does not work in these composer windows having been started with a "mailto:" link.
Yes, please... :-)
I'am also confirming this bug and the behavior described in Windows Vista with Thunderbird 3.1.2.
this is duplicate of (already fixed) bug #531437
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: