On 16.05.18 21:50, Lukas Pitschl | GPGTools wrote: > >> Am 16.05.2018 um 06:21 schrieb Patrick Brunschwig <patr...@enigmail.net>: >> >> Content-Type: mutlipart/mixed; boundary="WRAPPER" >> Content-Description: Efail protection wrapper >> >> --WRAPPER >> Content-Type: text/html >> >> <!-- > <PRE style="visibility: visible; display: block; font: fixed; >> font-size: 10px;"> --> >> <!-- '> <PRE style="visibility: visible; display: block; font: fixed; >> font-size: 10px;"> --> >> <!-- "> <PRE style="visibility: visible; display: block; font: fixed; >> font-size: 10px;"> --> >> >> --WRAPPER >> (result of PGP/MIME decryption) >> —WRAPPER— > > Looks alright so far, does the same work for inline PGP? Is there > a particular for the specific inline-styles?
At least in Enigmail, inline-PGP is not affected by remote URL calls. The reason is that Enigmail reads the encrypted message data from the displayed message, and then replaces the displayed message content with the decrypted message. In other words, if the secretly to-be-decrypted message part is not displayed, then Enigmail won't come into action. > In macOS Mail we will disable remote content loading completely > and prevent the user from re-enabling it for encrypted messages. The same is currently being developed in Thunderbird (using the "Simple HTML" mode), together with a clean fix for the DOM tree issues. -Patrick _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
