[kmail2] [Bug 393421] No ability to hide the HTML Message Status Bar
Christoph Feck
bugzilla_noreply at kde.org
Fri Feb 22 17:59:52 GMT 2019
https://bugs.kde.org/show_bug.cgi?id=393421
--- Comment #55 from Christoph Feck <cfeck at kde.org> ---
It is a security reason. You could receive an HTML mail that looks like a plain
text mail, and with HTML you have the ability to embed malicious links
everywhere. If you have no way to see that the message is actually an HTML
message, i.e. _outside_ the message viewer, you could click those links without
being aware that they link to sites that you don't see in the text.
I agree, though, that there could be other possibilities to inform the user of
HTML mails, e.g. via statusbar or toolbar icons. But if they are too
non-obvious, you could miss them. In other words, if the security bar is in
your face, it actually works as intended.
Also, the message viewer doesn't know about other UI elements. If you find a
different way that doesn't compromise security, please let us know. Patches to
https://phabricator.kde.org/differential/diff/create/
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list