[#6891] HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7
| Summary | HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7 |
| Queue | IMP |
| Queue Version | 4.2 |
| Type | Bug |
| State | Not A Bug |
| Priority | 1. Low |
| Owners | |
| Requester | liamr (at) umich (dot) edu |
| Created | 06/10/2008 (89 days ago) |
| Due | |
| Updated | 06/30/2008 (69 days ago) |
| Assigned | 06/10/2008 (89 days ago) |
| Resolved | 06/30/2008 (69 days ago) |
| Attachments | formatting-samples.tar.gz  |
| Milestone | |
| Patch | No |
State ⇒ Not A Bug
reopen this, or you can post them elsewhere.
formating because IE allows JS to be embedded in style
information...")
usefully go would be welcome.
Is this documented someplace? (e.g. "When using IE, we strip some
formating because IE allows JS to be embedded in style information...")
Mostly, I think our help desk was expecting the same messages to be
displayed the same across browsers.. and I was surprised that IMP + IE
was filtering some stuff in the name of XSS protection, when it wasn't
on other browsers.
State ⇒ Feedback
Summary ⇒ HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7
styles (expression: ...), so we have to strip them.
New Attachment: formatting-samples.tar.gz
Patch ⇒
Milestone ⇒
Queue ⇒ IMP
Summary ⇒ HTML messages created with IMP and FCKEDIT have formatting stripped while viewing with IE6/7
Type ⇒ Bug
Priority ⇒ 1. Low
State ⇒ Unconfirmed
view it in IE6/7, IMP will strip some of the formatting in the name of
protecting us from XSS...
<h1><span XSSCleaned="color: rgb(255, 0, 0);"><strong>
<span XSSCleaned="font-size: xx-large;">
<span XSSCleaned="font-family: Verdana;">Red<br />
</span></span></strong></span></h1>
You can view the message properly using the same IMP installation and
other browsers / platforms. The problem mostly seems to be with
"spans" and "styles". I've also seen it strip formatting from
Mail.app messages.