Bug 401780 - Add option to disable emails from automatically opening URLs
Summary: Add option to disable emails from automatically opening URLs
Status: RESOLVED FIXED
Alias: None
Product: kmail2
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-12-05 16:55 UTC by Ben Daines
Modified: 2018-12-27 20:06 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Ben Daines 2018-12-05 16:55:16 UTC 
I've noticed that some emails will automatically open web pages upon opening the email.  Unfortunately I cannot share an example email as it contains way too much personal information.  This situation is not only annoying (I assure you it's extremely annoying), but is a security risk as well.  An option to disable it should be added.  

I'm not HTML wizard, but it seems like this line in the header may be what's doing it.  

https://www.w3schools.com/tags/att_meta_http_equiv.asp
Comment 1 Jonathan Marten 2018-12-06 09:02:02 UTC 
Is this as described in https://www.kde.org/info/security/advisory-20181128-1.txt?
If so, it is fixed in KDE Applications 18.12.0.
Comment 2 Ben Daines 2018-12-06 18:59:38 UTC 
Sure looks to be the same.
Comment 3 Christoph Feck 2018-12-27 20:06:01 UTC 
Thanks for the update; changing status. If you still see security issues, please add a comment or report directly to https://www.kde.org/info/security/