Re: RFC2368 security considerations
* Sun Jun 12 2005 Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
> One thing we could do is to restrict the headers accepted from a
> mailto URL to those shown on the compose screen, maybe even minus
> From. Everything else could either be disregarded, or maybe have
> "x-mailto-url" prepended to it.
Good! Ignoring unsafe headers is the securest way.
IMO, Nobody should use other tags than TO, SUBJECT and BODY.
Anyone uses CC or BCC via mailto URL? I don't think Mutt has
to handle them. But, even if mutt accepts them, that is NOT
a violation of the RFC. They are shown on the compose menu.
Well, setting $edit_headers, I am not affected by this issue.
All the headers are shown on my editor (except REFERENCES).
So, maybe we can make a new variable or command to restrict
the headers. (regex?)
I don't think X-Mailto-URL solves the problem unless it is
shown somewhere users certainly look. (editor?)
Thomas, Thanks for taking care of this small problem.
I believe you'll implement the best solution.
--
tamo