Re: RFC2368 security considerations
* Mon Jun 13 2005 Oswald Buddenhagen <ossi@xxxxxxx>
> On Mon, Jun 13, 2005 at 06:19:35AM +0900, TAKAHASHI Tamotsu wrote:
> > IMO, Nobody should use other tags than TO, SUBJECT and BODY.
> > Anyone uses CC or BCC via mailto URL?
> >
> i see no reason to exclude cc: (and secondary to: fields, fwiw) and it
> might be actually useful.
>
> > They are shown on the compose menu.
> >
> exactly.
Okay.
The conclusion on this list may be one of the following three patches:
http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.4
Accept unsafe headers, prepend "X-Mailto-URL-" to them
except for BCC and CC, and edit them later.
http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.5
Accept unsafe headers, prepend "X-Mailto-URL-" to them
except for CC, and edit them later.
http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.6
Ignore unsafe headers except for CC. Edit CC later.
--
tamo