On 11/2/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Have you guys tested RoundCube for XSS vulnerabilities, for example > using this list? > http://ha.ckers.org/xss.html > > Is it possible to completely disable the display of HTML messages in > the web interface (ie make sure that HTML parts are only available as > "Content-Type: attachment" http streams)? > > Cc pls ;)
We have a page in the making ironing out a couple issues, but nothing major. Will post more on this next weekish. Till _______________________________________________ List info: http://lists.roundcube.net/dev/
