anomy-list

• Previous message: Valentas Titarenka: "(no subject)"
• In reply to: Valentas Titarenka: "(no subject)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

On Thu, 2002-04-25 at 13:03, Valentas Titarenka wrote:
> When I send HTML mail with code:
> <P><IMG src="http://bla bla"></P>
>
> After Sanitizer I get:
> <P><IMG DEFANGED_src="http://bla bla"></P>
>
> Maybe you know why?

Given the configuration, no, I don't.

However, that's perfectly sensible - remotely accessed image files can
cause logging of who read the email - very useful for spam, and gives
you information about the system used in some cases. The Anomy Sanitizer
may be spotting this special case, and defanging the attribute
regardless of whether the attribute itself is safe - the contents
aren't.

Dave.

• Next message: Colin Stubbs: "regex matching in anomy HTML"
• Previous message: Valentas Titarenka: "(no subject)"
• In reply to: Valentas Titarenka: "(no subject)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]