[kontact] [Bug 446419] New: Scam detection triggers on links which read 'http://' but point to 'https://'
Keith
bugzilla_noreply at kde.org
Fri Dec 3 13:59:43 GMT 2021
https://bugs.kde.org/show_bug.cgi?id=446419
Bug ID: 446419
Summary: Scam detection triggers on links which read 'http://'
but point to 'https://'
Product: kontact
Version: 5.18.2
Platform: Gentoo Packages
OS: Linux
Status: REPORTED
Severity: minor
Priority: NOR
Component: mail
Assignee: kdepim-bugs at kde.org
Reporter: keithhacks-kdebug at yahoo.com
Target Milestone: ---
SUMMARY
In the HTML view of an e-mail message, benign links will trigger scam detection
if the displayed URL starts with "http://" but the target URL starts with
"https://" (or vice versa).
STEPS TO REPRODUCE
1. Send an e-mail to yourself, in rich text mode, containing a link with the
text "http://example.com" which leads to "https://example.com".
2. Open the e-mail in HTML view.
OBSERVED RESULT
A "This message may be a scam" warning appears.
EXPECTED RESULT
Scam detection should not be triggered on URLs with an HTTP/HTTPS protocol
mismatch, as long as the domain and path are the same. It's not a meaningful
difference, and displaying the warning in this case may condition users to
ignore it when there *is* a misleading link.
SOFTWARE/OS VERSIONS
Linux: Gentoo
KDE Plasma Version: 5.23.0
KDE Frameworks Version: 5.87.0
Qt Version: 5.15.2
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list