locked Re: HTML safety in posted messages


 

Mark,

That's an interesting thought but I'm not sure it would improve
anything. At this point, I've got to believe that most(all?) modern
email clients have been hardened against these kinds of attacks.
Except for dinosaurs like me, who insist on using an Email client that hasn't seen an update since 2006 (Eudora Classic). On the other hand, when using its internal HTML rendering it supports so few HTML features (and no scripts at all) that it might be considered hardened. Or perhaps just petrified.

One benefit of having the emails match the archive is just that: the same user experience. But of course the downside is the flip side of that: some group might depend on a feature that is safe (enough) for them, but stripped in the archive.

Oh well, it was just a thought.

-- Shal

Join main@beta.groups.io to automatically receive all group messages.