[Kde-pim] Ideas for solution to Bug 63780 :
Jayesh Badwaik
kde at jayeshbadwaik.org
Wed Mar 21 11:41:34 GMT 2012
On Wednesday 21 Mar 2012 11:38:20 laurent Montel wrote:
> Hi,
> I already look at it 2 months ago, and idea it to improve kaddressbook (I
> already created patch for it) to add new status "How to read email from
> specific address"
> and after update messageviewer from this status from email when we got info
> from address. (it's still missing from my patch)
>
> Regards
>
> Le mercredi 21 mars 2012 13:45:52 Jayesh Badwaik a écrit :
> > Hi,
> >
> > I am interested in resolving the feature request given here [0]. The bug
> > title is "Auto-render HTML for certain email addresses". The idea is that
> > for certain messages (especially from the trusted source), it is helpful
> > to
> > have an automatic rendering of HTML messages.
> >
> > In that respect, I have come up with the following solution:
> >
> > 1. Add an enum attribute to the MessageList::Core::MessageItem (say
> > HTMLRender) (possibly bool)
>
> Why ? why store status in each item ?
>
> > 2. Add a MailCommon::FilterActionEnableHTMLRender class (derived from
> > MailCommon::Filter Action) which implements changing the HTMLRender
> > atttribute to proper value
> >
> > 3a. (This is the step I am not sure about)
> > In the KMReaderMainWin class, the bool variable ahtml should be intialized
> > by access the HTMLRender enum from that specific MessageItem instance
> > instead of getting a static variable.
> >
> > 3b. Or may be, the static variable stays as it is, but is turned into an
> > int>
> > which has three options:
> > a. Force Disable HTML for all Mail
> >
> > b. Enable HTML for mail with HTMLRender=yes and Disable for Others
> > c. Enable HTML for all Mail
> >
> > and then inside the code, somewhere, depending on the value of ahtml, we
> > override the HTML value with one decided from HTMLRender enum.
> >
> > --
> > Jayesh Badwaik
> >
> >
> > [0]: https://bugs.kde.org/show_bug.cgi?id=63780
> >
> > _______________________________________________
> > KDE PIM mailing list kde-pim at kde.org
> > https://mail.kde.org/mailman/listinfo/kde-pim
> > KDE PIM home page at http://pim.kde.org/
The property that the message is safe to open is the property of the
particular message, not the particular contact who sent it. Even if there is a
strong implication from the contact to the person, it is not always.
The property is that the mail is "trusted enough" to open with HTML. Consider
the following scenario, someone sends a mail using his own mail server and
thereby, able to send using a "fake" email address probably (say
xyz at somedomain.tld), gleaned from somewhere, say a mailing list
(users at opensourceproject.org). Such thing is difficult to determine and hence,
difficult to prevent(even gmail has had many different false positives in this
case). Now, once that happens, the AddressBook is probably the basic of the
things and will just pass the test and my email will be rendered in HTML.
Instead, I would want the email to be signed by the sender's key. Suppose, I
do not care where the mail comes from as long as it is signed by a specific
key. I should be able to trust that kind of mail with HTML, right?
Hence, I believe the attribute should be in the messaage itself and not in
the addressbook.
--
Jayesh Badwaik
_______________________________________________
KDE PIM mailing list kde-pim at kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
KDE PIM home page at http://pim.kde.org/
More information about the kde-pim
mailing list