Re: RFC2368 security considerations
On 2005-06-13 17:10:59 +0200, Thomas Roessler wrote:
> The idea is not to include any particular URL, but rather the
> following: When a mailto header suggests adding a From address, then
> it's added to the message as X-Mailto-URL-From -- so people who use
> edit-headers still can see it, but at the same time, no "dangerous"
> headers are set.
But what about Bcc? If X-Mailto-URL-Bcc is added, then addresses that
should have been in Bcc would be visible to all users.
--
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / SPACES project at LORIA