[imp] 3 questions
Michael M Slusarz
slusarz at horde.org
Mon Nov 18 22:30:18 UTC 2013
Quoting R Phillips <R.I.Phillips at bath.ac.uk>:
>>> I'm just forcing this in imp/lib/Quota/Ui.php
> ...
>>
>> I'm not following you here.
>
> So users can manage their mailboxes I modify the quota message to
> include a HTML link eg:
>
> 95% of 1025 MB Review your largest emails:
> <a target="_blank" href="https://www.example.com/mailcheck">Mailbox size
> checker</a>
>
> This is fine, until it comes time to click the Refresh icon whereupon
> this changes so the link gets printed out, along with the link text. So
> we end up with something like this (although firebug isn't showing me
> this until I click on the text in the source):
>
> 95% of 1025 MB Review your largest emails:
> <a target="_blank" href="https://www.example.com/mailcheck">Mailbox size
> checker</a><a target="_blank"
> href="https://www.example.com/mailcheck">Mailbox size checker</a>
>
> Happens in Chrome 31.0.xxx and Firefox 25.0 so I assume the javascript
> that goes and fetches the message does something here. A straight
> browser refresh sets things back to normal.
>
> It's probably not the best way to add this message by shoving it in
> imp/lib/Quota/Ui.php but it's position with the quota message highlights
> the users a tool they can use to manage their mail and request quota
> increases. Is there a better way to do this, or should I modify the
> javascript?
You have to modify the javascript. The quota info is being updated
via a setText() call in dimpbase.js - this will automatically escape
any HTML code in the text. You probably want to switch this to
update() - but be aware this means you have to guarantee the text sent
to the browser has been properly HTML escaped to prevent XSS.
michael
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the imp
mailing list