[kmail2] [Bug 332228] New: When displaying HTML mails, KMail loads external references before asking the user for permission

[Mike Schneider]

https://bugs.kde.org/show_bug.cgi?id=332228

            Bug ID: 332228
           Summary: When displaying HTML mails, KMail loads external
                    references before asking the user for permission
    Classification: Unclassified
           Product: kmail2
           Version: 4.11.5
          Platform: openSUSE RPMs
               URL: https://emailprivacytester.com
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: kdepim-bugs at kde.org
          Reporter: mike2.schneider at gmail.com

With HTML rendering disabled, KMail asks for permission before rendering a HTML
message. It also asks for permission for loading external references. This
creates the impression that no external references are loaded before having
received permission from the user.

However, as a check with https://emailprivacytester.com reveals, KMail loads at
least some external references (, object tags, iframes, CSS) before asking for
permission. This compromises the privacy of the user.

Expected behaviour: Kmail should not load any external references before given
permission to do so by the user. 

Reproducible: Always

-- 
You are receiving this mail because:
You are the assignee for the bug.