[kmail2] [Bug 422935] New: Kmail is still loading/rendering HTML while in plain text mode during reply
Kushal Das
bugzilla_noreply at kde.org
Sat Jun 13 19:56:25 BST 2020
https://bugs.kde.org/show_bug.cgi?id=422935
Bug ID: 422935
Summary: Kmail is still loading/rendering HTML while in plain
text mode during reply
Product: kmail2
Version: 5.14.2
Platform: Fedora RPMs
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: kdepim-bugs at kde.org
Reporter: kushaldas at gmail.com
Target Milestone: ---
Kmail is by default in Plain text mode, the HTML part of any message does now
show on the mail view. But, if I click on the reply button, while opening the
reply composer (in plain text mode only) I can see that /usr/bin/kontact is
creating a network call to the original mail's signature image. That means
something in between is loading/rendering the email.
I am not sure if can be exploited by any means. But, sounds scary :)
STEPS TO REPRODUCE
0. Have Wireshark running
1. Receive an email with a remote image in signature
2. Click on reply button
3. Check in the wireshark for an outgoing network connection to that image
OBSERVED RESULT
Kontact creates a new network connection.
EXPECTED RESULT
Kontact should not try to load any image.
SOFTWARE/OS VERSIONS
Windows:
macOS:
Linux/KDE Plasma: Fedora 32 KDE Plasma
(available in About System)
KDE Plasma Version: 5.18.5
KDE Frameworks Version: 5.70.0
Qt Version: 5.13.2
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list