Closed
Bug 91174
Opened 24 years ago
Closed 23 years ago
Forwarding inline a mail that contains the text <iframe> generate a real frame!
Categories
(MailNews Core :: Composition, defect)
MailNews Core
Composition
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 146584
mozilla1.2alpha
People
(Reporter: bugzilla, Assigned: bugzilla)
References
Details
Attachments
(1 file)
4.73 KB,
text/plain
|
Details |
When forwarding inline the message that I'll attach soon, the text <iframe> get
converted to a real HTML frame!
Assignee | ||
Comment 1•24 years ago
|
||
Assignee | ||
Updated•23 years ago
|
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.0
Updated•23 years ago
|
Target Milestone: mozilla1.0 → mozilla1.2
If I receive a plain text email like "My email is <foo@bar.com>." Mozilla will
render that email address as a "mailto:" hyperlink. If I then forward the plain
text email inline, the text will read "My email is ." (The email address is
converted to a space.)
Should I consider my problem a dup of this bug or enter a new bug?
Comment 4•23 years ago
|
||
I just came across this bug myself (and the dupe 91718). This bug is way more
general than the summary indicates. We interpret and render all html code within
a plain text message when we choose to forward. Thankfully we won't interpret JS
(or at least i couldn't get it to do so), but everything else worked. For instance:
1. Copy the following into a mail message and send it to yourself even as plain
text:
<html>
<body>
<table>
<tr>
<td>
<img src="http://people.netscape.com/claudius/images/buggin.gif">
</td>
<td>
Why am I actually rendered inside a table?
</td>
</tr>
</table>
</body>
</html>
2. If you sent it plain text switch the pref back to compose as html.
3. Click forward message on the message you just sent yourself.
4. The table and image and text in the table is nicely rendered!
I couldn't think of any sort of exploit right away but it seems like we're
inviting trouble and shouldn't be interpreting plain text as html in this
instance - just like we don't when you hit 'Reply-to' instead of forward.
OS: Windows NT → All
Hardware: PC → All
Comment 5•23 years ago
|
||
Adding Mitch: Any security concern here?
Assignee | ||
Comment 6•23 years ago
|
||
*** This bug has been marked as a duplicate of 146584 ***
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Product: MailNews → Core
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•