sublime-rules icon indicating copy to clipboard operation
sublime-rules copied to clipboard

Published 20 hours ago verified publisher icon sublime-security

New insight: Salesforce HTML attachment

Open aidenmitchell opened this issue 1 year ago • 4 comments
trafficstars

To call out attachments sent from Salesforce (example):

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="Refresh" content="0; URL=https://sublime.my.salesforce.com/sfc/p/2b111156a/a/Vo0000002a/dskalfjiwaejfiwofjdklsanvdasjfl"></head><body><div>Attachment not opening? Click this link: <a href="https://sublime.my.salesforce.com/sfc/p/2b111156a/a/Vo0000002a/dskalfjiwaejfiwofjdklsanvdasjfl">testdocument.pdf</a></div></html>

aidenmitchell avatar Apr 08 '24 15:04 aidenmitchell

Putting on my analyst hat. What should I infer from seeing this insight?

morriscode avatar Apr 08 '24 17:04 morriscode

The attached HTML file is from Salesforce, so it's probably safe. Nice indicator with any HTML rules.

aidenmitchell avatar Apr 08 '24 17:04 aidenmitchell

Thanks, I think it still feels very ambiguous for user consumption. If I had to ask about it, users aren't going to know what to do with this information. If this is true all the time, then it should be a negation in the HTML rules yeah?

morriscode avatar Apr 09 '24 12:04 morriscode

then it should be a negation in the HTML rules yeah?

usually these trigger Any HTML file* rules, do we want to negate there? Seems incongruent to those rules.

Maybe a better name is good? Something like "Salesforce marketing attachment"?

aidenmitchell avatar Apr 09 '24 17:04 aidenmitchell