https://bugs.kde.org/show_bug.cgi?id=377247
Bug ID: 377247
Summary: kMail 2 does not properly escape header
Product: kmail2
Version: 5.4.1
Platform: Neon Packages
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: UI
Assignee: kdepim-bugs@kde.org
Reporter: kdeb...@customcdrom.de
Target Milestone: ---
kMail does not escape the "Sender" headers contents properly before
interpreting the mail text as HTML.
This issue basically is the same as Bug 361173 (Disposition-Notification-To not
correctly escaped in message viewer), just with a different header - maybe the
same problem still lingers for other headers as well?
Here follows an excerpt of a message's "view source / HTML" view:
-------------------------------------------------------------------
<div class="row">
<div class="headerleft">Sender:</div>
<div class="headerright">Gunter Ohrner
<senderaddr...@example.com></senderaddr...@example.com></div>
</div>
-------------------------------------------------------------------
The original "Sender" header contained "Gunter Ohrner
<senderaddr...@example.com>" and the brackets should have been escaped instead
of being interpreted as HTML tags...
Also, for other headers which may contain mail addresses, those addresses are
converted to links by kMail, which would also be a good idea for "Sender"
header. (I think this is not done for the "Disposition-Notification-To" after
the fix, for whatever reason?)
--
You are receiving this mail because:
You are the assignee for the bug.
