Ticket #456 (closed defect: duplicate)

Opened 3 years ago

html message image not blocked

Reported by: dmorton Owned by: dmorton
Priority: normal Milestone: 1.0.3
Component: PHP scripts Version: 1.0.2
Severity: major Keywords:
Cc:

Description

A message slipped through the image masking: 

 <td
 background="http://example.com/announce_1.gif"
 valign=center height=57>

More html cleanup is need to block that image.

Change History

Changed 3 years ago by anonymous

Maybe we should look into http://htmlpurifier.org/comparison.html

Changed 3 years ago by rjl

  • status changed from new to closed
  • resolution set to duplicate

This is effectively a duplicate of #26, namely the need for better HTML

sanitization in the mail viewer. The link to HTML Purifier has been added to that ticket.

Note: See TracTickets for help on using tickets.