[MlMt] Show HTML source doing The Wrong Thing

[Benny Kjær Nielsen]

On 8 Dec 2012, at 21:35, Seebs wrote:

Sorry about the late reply.

> On 7 Dec 2012, at 9:58, Benny Kjær Nielsen wrote:
>
>> Yes, some kind of HTML indications and buttons have been on my todo 
>> for a long time. It's one of many things postponed until after I 
>> refactor the message headers view.
>
> Heh.
>
> In case I have forgotten to mention it: I would love the ability to 
> drag-select headers in the header view.

That would also be a side-effect of the refactoring.

>> But that still won't solve the cases where the plain text body part 
>> is some kind of fixed “no plain text available” text.
>
> True, but in those cases, it's usually *obvious* that there is 
> intended to be an HTML portion. And since 90% or more of the ones I 
> get, the HTML portion is spam and possibly malware... I am pretty 
> happy with that.

Ok, I've changed the default implementation to prefer HTML whenever the 
plain text body part only contains whitespace.

> Side note: Does your HTML rendering do JavaScript? My intuition is 
> that the right answer should probably be "never, ever, do that", 
> because someone who really wants to can save the message and execute 
> it some other way.

Whenever HTML from an email is shown then JavaScript is disabled. When 
MailMate wraps plain text in HTML then JavaScript is enabled to handle 
the Quick Look button of attachments and probably more in the future. 
Previously it was also used for the “Show Details” part of 
decrypted/verified messages and you might have noticed that it actually 
didn't work when displaying HTML messages.

-- 
Benny