[Mailman-Developers] html question

Terri Oda terri at toybox.ca
Tue Jun 9 08:02:36 CEST 2015


On 2015-06-08 7:52 AM, Barry Warsaw wrote:
> On Jun 08, 2015, at 02:13 PM, Abhilash Raj wrote:
>
>> Postorius just queries the core via REST API the for the message and
>> dumps the message code in the "View". Probably we need to identify if
>> the message contains a text/html part and then render that
>> appropriately.
>
> Although we do have to be careful not to provide a vector for malware
> attacking list admins.

Indeed.  We should use a known parser to defang anything we re-display 
and absolutely positively not write a new one.  There's probably 
something suitable in django already.

  Terri



More information about the Mailman-Developers mailing list