| Summary | HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7 |
| Queue | IMP |
| Queue Version | 4.2 |
| Type | Bug |
| State | Not A Bug |
| Priority | 1. Low |
| Owners | |
| Requester | liamr (at) umich (dot) edu |
| Created | 06/10/2008 (6274 days ago) |
| Due | |
| Updated | 06/30/2008 (6254 days ago) |
| Assigned | 06/10/2008 (6274 days ago) |
| Resolved | 06/30/2008 (6254 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
State ⇒ Not A Bug
reopen this, or you can post them elsewhere.
formating because IE allows JS to be embedded in style
information...")
usefully go would be welcome.
Is this documented someplace? (e.g. "When using IE, we strip some
formating because IE allows JS to be embedded in style information...")
Mostly, I think our help desk was expecting the same messages to be
displayed the same across browsers.. and I was surprised that IMP + IE
was filtering some stuff in the name of XSS protection, when it wasn't
on other browsers.
Summary ⇒ HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7
State ⇒ Feedback
styles (expression: ...), so we have to strip them.
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7
Queue ⇒ IMP
Milestone ⇒
Patch ⇒ No
New Attachment: formatting-samples.tar.gz
State ⇒ Unconfirmed
view it in IE6/7, IMP will strip some of the formatting in the name of
protecting us from XSS...
<h1><span XSSCleaned="color: rgb(255, 0, 0);"><strong>
<span XSSCleaned="font-size: xx-large;">
<span XSSCleaned="font-family: Verdana;">Red<br />
</span></span></strong></span></h1>
You can view the message properly using the same IMP installation and
other browsers / platforms. The problem mostly seems to be with
"spans" and "styles". I've also seen it strip formatting from
Mail.app messages.