[imp] Problem in Html viewer
Michael M Slusarz
slusarz at bigworm.colorado.edu
Thu Apr 17 14:27:32 PDT 2003
Quoting arn at scs-net.org:
| Hello
|
| I've some problems in the last IMP version (not CVS) when viewing HTML
| attachement, specialy created by Word.
|
| The last one showed the following messages in the beginning of the HTML
| window :
|
| .body { FONT-SIZE: 11px; COLOR: #000000; LINE-HEIGHT: 15px; FONT-FAMILY:
| Verdana, Arial, Helvetica, sans-serif } .bodybold { FONT-SIZE: 18px;
| COLOR:
| #0c2e85; LINE-HEIGHT: 18px; FONT-FAMILY: Verdana, Arial, Helvetica, sans-
| serif } .dates { FONT-SIZE: 13px; COLOR: #666666; LINE-HEIGHT: 17px;
| FONT-
| FAMILY: Verdana, Arial, Helvetica, sans-serif } .bottomdecoration { FONT-
| WEIGHT: bolder; FONT-SIZE: 18px; COLOR: #0c2e85; LINE-HEIGHT: 18px; FONT-
| FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION:
| none } .bodytable { FONT-SIZE: 11px; COLOR: #000000; LINE-HEIGHT: 13px;
| FONT-
| FAMILY: Verdana, Arial, Helvetica, sans-serif } .leftnav { FONT-SIZE:
| 10px;
| COLOR: #ffffff; LINE-HEIGHT: 11px; FONT-FAMILY: Verdana, Arial,
| Helvetica, sans-
| serif }
The HTML viewer tries to "sanitize" HTML messages by stripping out all
possible tags that could be used for an attack. In this case, it looks
like it removed a tag before the message's CSS declaration, so the CSS code
is being displayed directly to the screen. Feel free to modify the viewer
to allow this if you want.
michael
______________________________________________
Michael Slusarz [slusarz at bigworm.colorado.edu]
The University of Colorado at Boulder
More information about the imp
mailing list