Thomas Bruederli wrote:
This question should be asked to the original author of washtml. In general I'd be conservative when it comes to html cleaning. We may expand the list of allowed protocols but on the basis of a white list.
Protocols like file:// or others that invoke external apps are IMO dangerous and should not be linked directly.
Just my 2 cents...
Ok, I can agree with you, but there's a related issue with html to text conversion. If you send html message with <a href="file://aaa">, the text part contains "http://mymail.domain.com/file://aaa" link on the list. If we're removing file's links in washtml, we should do the same in to text conversion. It's just not coherent.