Am 07.07.18 18:55 schrieb(en) Jack via balsa-list:
Unfortunately, that's just not always realistic. I agree, almost always, those images are completely unnecessary (even from legit senders) but I seem to frequently get emails where the entire message is embedded in the image.
Really? From my experiences, it's either dumb spam, or the image is embedded into a <a href=…> container to redirect you to an infected web site or even immediately download malware if you click on it. Putting the message text into an image prevents the security scanners' text analysis heuristics from detecting it (that's why Spamassassin's HTML_IMAGE_ONLY_XX rules exist). Anyway, balsa (and other mua's) let *you* choose: if you are /really sure/ you want to load the image, just click the button…
I tried again just prior to your commit, and I get instead: lbh_navigation_policy_decision uri about:blank, type 5, used
Hmmm, this indicates that the second approach (the “if (g_ascii_strcasecmp(uri, "about:blank") != 0)…” variant) may fix your issue, /without/ removing the EFail mitigation.
which would have been printed by .._TYPE_OTHER or ..._TYPE_RELOAD, which still doesn't make much sense to me.
Yes, agree.
Out of curiosity - clicking WHERE would trigger the WEBKIT_NAVIGATION_TYPE_LINK_CLICKED ? Would that be clicking some link withing the displayed content?
Yes. At least for the current git version, it is displayed when you click on a link in the message (which in turn opens the browser).
Also, I'm using webkit-gtk 2.18.6, and have been for at least several months. It's currently the only version available on Gentoo, so I'll have to check their forums/bugsystem to see if there is any move to upgrade.
I see. Debian stretch also comes with 2.18.6, I'll install a vm with it and try if I can reproduce the issue, stay tuned. Best Albrecht.
Attachment:
pgpRTMO_hWuyZ.pgp
Description: PGP signature