Is there any (security?) reason to not allow links with any protocol in href attribute (washtml.php)?
2009/4/1 A.L.E.C alec@alec.pl:
Is there any (security?) reason to not allow links with any protocol in href attribute (washtml.php)?
This question should be asked to the original author of washtml. In general I'd be conservative when it comes to html cleaning. We may expand the list of allowed protocols but on the basis of a white list.
Protocols like file:// or others that invoke external apps are IMO dangerous and should not be linked directly.
Just my 2 cents...
~Thomas _______________________________________________ List info: http://lists.roundcube.net/dev/
Thomas Bruederli wrote:
This question should be asked to the original author of washtml. In general I'd be conservative when it comes to html cleaning. We may expand the list of allowed protocols but on the basis of a white list.
Protocols like file:// or others that invoke external apps are IMO dangerous and should not be linked directly.
Just my 2 cents...
Ok, I can agree with you, but there's a related issue with html to text conversion. If you send html message with <a href="file://aaa">, the text part contains "http://mymail.domain.com/file://aaa" link on the list. If we're removing file's links in washtml, we should do the same in to text conversion. It's just not coherent.