Re: RFC2368 security considerations

To: mutt-dev@xxxxxxxx
Subject: Re: RFC2368 security considerations
From: Vincent Lefevre <vincent@xxxxxxxxxx>
Date: Mon, 13 Jun 2005 20:20:21 +0200
In-reply-to: <20050613151059.GT17359@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
Mail-followup-to: mutt-dev@xxxxxxxx
References: <20050610090018.GA5066@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20050612164644.GK17359@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20050613150351.GA24746@xxxxxxxxxxxxx> <20050613151059.GT17359@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.9-vl-20050611i

On 2005-06-13 17:10:59 +0200, Thomas Roessler wrote:
> The idea is not to include any particular URL, but rather the
> following: When a mailto header suggests adding a From address, then
> it's added to the message as X-Mailto-URL-From -- so people who use
> edit-headers still can see it, but at the same time, no "dangerous"
> headers are set.

But what about Bcc? If X-Mailto-URL-Bcc is added, then addresses that
should have been in Bcc would be visible to all users.

-- 
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / SPACES project at LORIA

Follow-Ups:
- Re: RFC2368 security considerations
  - From: Thomas Roessler

References:
- RFC2368 security considerations
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security considerations
  - From: Thomas Roessler
- Re: RFC2368 security considerations
  - From: Vincent Lefevre
- Re: RFC2368 security considerations
  - From: Thomas Roessler

Prev by Date: Re: RFC2368 security considerations
Next by Date: Re: RFC2368 security considerations
Previous by thread: Re: RFC2368 security considerations
Next by thread: Re: RFC2368 security considerations
Index(es):
- Date
- Thread