Mailman / Bugs / #1089 HTML attachment escaped in archive

#1089 HTML attachment escaped in archive

Milestone: 2.1 (stable)

Status: open

Owner: nobody

Labels: Pipermail (108)

Priority: 5

Updated: 2005-12-25

Created: 2005-12-25

Creator: Schoinobates Volans

Private: No

Send email to a list with an HTML attachment. Go to
archive. Click on attachment link. See the HTML source
instead of the rendered HTML. Use "view source" feature
of browser. See that all HTML tags are themselves
HTML-escaped.

An example is at
http://kitenet.net/pipermail/sayma/attachments/20051214/2ce1af82/10454316-0001.htm

Discussion

Sascha Silbe - 2011-02-08

Any chance to get this fixed? I just got hit this by this 5 year old bug. :-/
If you consider it an XSS issue, please just change the MIME type (to text/plain or application/octet-stream) and get rid of the double escaping. A double-escaped HTML file is of no use to anyone.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

HTML attachment escaped in archive

Group

Searches

Help

#1089 HTML attachment escaped in archive

Discussion