[dev] Fwd: Re: Patch I submitted

Michael M Slusarz slusarz at bigworm.colorado.edu
Thu Mar 6 11:26:37 PST 2003


Quoting Chuck Hagenbuch <chuck at horde.org>:

| From: Conor Kerr <conor at dev.ceon.net>
| 
| > It does supply a new feature... in my experience about 70% of images
| > attached to emails are set with the Content-Disposition of "attachment"
| > and not "inline", IMP doesn't dispay these images inline as Hotmail,
| > Yahoo and others do... seems like something's missing to me!! :)
| 
| Yes - RFC compliance in those other readers! They are *explicitly*
| ignoring
| a setting that says that the image should *not* be shown inline - and
| this
| is actually a security problem in some cases. Why should we break the
| RFC?

Exactly what Chuck said.  I don't have the RFC in front of me (it's in RFC 
2045), but it says you MUST NOT display a MIME part without further input 
from the user.  Further input does _not_ mean having a preference that 
allows you to turn this off.  Further input does mean you show the 
structure of the message to the user, and at that time (and that time only) 
the user can decide whether the view the MIME part.

michael

______________________________________________
Michael Slusarz [slusarz at bigworm.colorado.edu]
The University of Colorado at Boulder


More information about the dev mailing list