Re: [sqwebmail] X-Face patch for sqwebmail - Milan Obuch - net.sourceforge.lists.courier-sqwebmail

5 messages in net.sourceforge.lists.courier-sqwebmailRe: [sqwebmail] X-Face patch for sqwe...

From	Sent On	Attachments
Milan Obuch	Dec 21, 2007 4:46 am	.c
Milan Obuch	Dec 21, 2007 4:47 am
Sam Varshavchik	Dec 21, 2007 5:24 pm
Milan Obuch	Dec 22, 2007 12:46 am
Sam Varshavchik	Dec 22, 2007 7:05 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: [sqwebmail] X-Face patch for sqwebmail	Actions...
From:	Milan Obuch (cour...@dino.sk)
Date:	Dec 22, 2007 12:46:21 am
List:	net.sourceforge.lists.courier-sqwebmail

On Saturday 22 December 2007 02:24:50 Sam Varshavchik wrote:

Milan Obuch writes:

Hi, today I played a bit with X-Face header and a patch for sqwebmail has bee created. It turns out to be actually simple and not too hard to create after I did some digging in the code. It is not yet in final shape, but it works, is usable as a proof of concept. I use external X-Face convertor for this, publicly available. I would like to get feedback on this.

Ugh, there's a reason why sqwebmail refuses to display images on external web sites that are linked from HTML mail. And that's exactly what this does.

There's just no fundamental way to do this with complete security, unless sqwebmail itself downloads the image via HTTP, and has complete control of the HTTP headers in the image request. It's fine to do this in standalone mail or news clients, but this is a completely different situation here.

And even with standalone clients there are still some potential problems here, with revealing one's IP address, should this web site get hacked.

I agre with this, what I need to get is something else.

To put it in another words - I used external XFace convertor I can't write it myself. I did first test with /cgi-bin/xface2png script, but it did not the actual conversion, I just verify I can get header to convert in the right shape to process.

As a related, I could not find place where inline/attachment images are extracted for download. I mean, their URLs looks something like http://server/cgi-bin/webmail/login/milan/EC4F99FF139F596BFF3ACA5015974C40/1198312584?folder=INBOX&form=fetch&pos=4&mimeid=1.2 I could use slightly modified version, such as http://server/cgi-bin/webmail/login/milan/EC4F99FF139F596BFF3ACA5015974C40/1198312584?folder=INBOX&form=fetch&pos=4&mimeid=xface or something similar, but I did not find where this mime part is processed/extracted/decoded to binary. Could you point me to the right place?

As a result, using either path, there will be no external reference. Would you consider it then acceptable? That's the final question ;)

Regards, Milan

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: