401780 – Add option to disable emails from automatically opening URLs

Bug 401780 - Add option to disable emails from automatically opening URLs

Summary: Add option to disable emails from automatically opening URLs

Status:	RESOLVED FIXED

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-12-05 16:55 UTC by Ben Daines
Modified:	2018-12-27 20:06 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Ben Daines 2018-12-05 16:55:16 UTC

I've noticed that some emails will automatically open web pages upon opening the email.  Unfortunately I cannot share an example email as it contains way too much personal information.  This situation is not only annoying (I assure you it's extremely annoying), but is a security risk as well.  An option to disable it should be added.  

I'm not HTML wizard, but it seems like this line in the header may be what's doing it.  

https://www.w3schools.com/tags/att_meta_http_equiv.asp

Comment 1 Jonathan Marten 2018-12-06 09:02:02 UTC

Is this as described in https://www.kde.org/info/security/advisory-20181128-1.txt?
If so, it is fixed in KDE Applications 18.12.0.

Comment 2 Ben Daines 2018-12-06 18:59:38 UTC

Sure looks to be the same.

Comment 3 Christoph Feck 2018-12-27 20:06:01 UTC

Thanks for the update; changing status. If you still see security issues, please add a comment or report directly to https://www.kde.org/info/security/