imp icon indicating copy to clipboard operation
imp copied to clipboard
verified publisher icon horde

add 'sandbox' attr to Horde_Mime_Part iframes

Open midahp opened this issue 7 months ago • 0 comments

the "allow-same-origin" value is needed. Otherwise the email can not be displayed

This is meant as an additional countermeasure against XSS attacks in html emails. I am not 100% sure this won't break some html emails. In my tests it did not lead to any issues.

midahp avatar May 19 '25 07:05 midahp