privacy problem: text/html parts pull in network resources
Jinwoo Lee
jinwoo68 at gmail.com
Thu Jan 29 10:14:27 PST 2015
On Thu, Jan 29, 2015 at 10:03 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On Wed 2015-01-28 18:57:25 -0500, Jinwoo Lee wrote:
>> Do you mind if I add a boolean defcustom, which determines whether to
>> block remote images? Its default value will be T (block), but people
>> who want to see remote images can customize it.
>
> I have no objection to this kind of knob in an already fiddly config
> space. In the other thread, i see the discussion of whether this should
> expose something fancier than a boolean, but given the number of
> possible rendering backends, i don't know how well we can support any of
> these options reliably.
>
> What should notmuch do when the customization variable is set to t
> (block remote images) but the html rendering backend doesn't support
> blocking remote images?
>
> It seems dangerous/disingenuous to offer the option to the user but not
> be able to enforce it in this case. Should having this set to t
> restrict the range of html renderers to only those that we can force to
> respect it?
I'm not very knowledgeable in the notmuch codebase, but I think I agree
with your concern about this customization variable being dangerous or
misleading users.
+1 to restricting renderers.
>
> --dkg
> _______________________________________________
> notmuch mailing list
> notmuch at notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch
More information about the notmuch
mailing list