privacy problem: text/html parts pull in network resources
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Jan 29 10:03:43 PST 2015
On Wed 2015-01-28 18:57:25 -0500, Jinwoo Lee wrote:
> Do you mind if I add a boolean defcustom, which determines whether to
> block remote images? Its default value will be T (block), but people
> who want to see remote images can customize it.
I have no objection to this kind of knob in an already fiddly config
space. In the other thread, i see the discussion of whether this should
expose something fancier than a boolean, but given the number of
possible rendering backends, i don't know how well we can support any of
these options reliably.
What should notmuch do when the customization variable is set to t
(block remote images) but the html rendering backend doesn't support
blocking remote images?
It seems dangerous/disingenuous to offer the option to the user but not
be able to enforce it in this case. Should having this set to t
restrict the range of html renderers to only those that we can force to
respect it?
--dkg
More information about the notmuch
mailing list