[rt-users] view original html attachment?
Thomas Sibley
trs at bestpractical.com
Mon Jun 27 10:02:10 EDT 2011
On 06/26/2011 12:07 PM, Adam Thompson wrote:
> Is there a way to view a text/html part in its original format? When I
> click on “download attachment”, I get the HTML delivered to me as
> text/plain, which… err… impedes readability a little bit.
>
> The situation is that I forwarded an HTML-formatted email into RT to
> create a ticket, but the HTML sanitizer in RT renders the content
> unreadable (table formatting breaks down completely), so want to view
> the HTML part in its original glory. Can I do this without downloading
> the HTML part to local disk and opening it in a browser?
Displaying as unsanitized HTML is a security risk that allows cross-site
scripting attacks. If you really want to, you can set the option below.
From etc/RT_Config.pm:
=item C<$TrustHTMLAttachments>
If C<TrustHTMLAttachments> is not defined, we will display them as
text. This prevents malicious HTML and JavaScript from being sent in a
request (although there is probably more to it than that)
=cut
Set($TrustHTMLAttachments, undef);
Thomas
More information about the rt-users
mailing list