Re: RFC2368 security considerations

To: mutt-dev@xxxxxxxx
Subject: Re: RFC2368 security considerations
From: TAKAHASHI Tamotsu <ttakah@xxxxxxxxxxxxxxxxx>
Date: Mon, 20 Jun 2005 22:02:54 +0900
In-reply-to: <20050612220227.GA3046@xxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
Mail-followup-to: mutt-dev@xxxxxxxx
References: <20050610090018.GA5066@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20050612164644.GK17359@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20050612211935.GA22199@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20050612220227.GA3046@xxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.9i

* Mon Jun 13 2005 Oswald Buddenhagen <ossi@xxxxxxx>
> On Mon, Jun 13, 2005 at 06:19:35AM +0900, TAKAHASHI Tamotsu wrote:
> > IMO, Nobody should use other tags than TO, SUBJECT and BODY.
> > Anyone uses CC or BCC via mailto URL?
> >
> i see no reason to exclude cc: (and secondary to: fields, fwiw) and it
> might be actually useful.
> 
> > They are shown on the compose menu.
> > 
> exactly.

Okay.
The conclusion on this list may be one of the following three patches:

http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.4
Accept unsafe headers, prepend "X-Mailto-URL-" to them
except for BCC and CC, and edit them later.

http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.5
Accept unsafe headers, prepend "X-Mailto-URL-" to them
except for CC, and edit them later.

http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.6
Ignore unsafe headers except for CC. Edit CC later.

-- 
tamo

References:
- RFC2368 security considerations
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security considerations
  - From: Thomas Roessler
- Re: RFC2368 security considerations
  - From: TAKAHASHI Tamotsu
- Re: RFC2368 security considerations
  - From: Oswald Buddenhagen

Prev by Date: [2005-06-19] CVS repository changes
Next by Date: group-reply - bug or feature?
Previous by thread: Re: RFC2368 security considerations
Next by thread: Re: RFC2368 security considerations
Index(es):
- Date
- Thread