Results 1 to 9 of 9
Like Tree5Likes
  • 3 Post By Nafetz
  • 1 Post By Garfonso
  • 1 Post By Garfonso
  1.    #1  
    Hi,
    I found several discussions and also a patch request for a feature, which is very important for me.
    In my own thread to this topic I did some experiments with changing the file loaded into the webview element of the email application. I continued the experiments and finished a first patch wich is a little bit "ugly" but seems to work. Maybe someone with better knowledge can help to make this a little bit more professional.

    How it works:

    I took the file message-assistant.jsjsjs $and$ $manipulated$ $the$ $callings$ $of$ $the$ $function$ $setMessageBody$. $In$ $this$ $function$ $the$ $webview$ $widget$ $is$ $filled$ $with$ $the$ $email$-$content$.
    Now every time before this function is called, I check if there is an internet connection. If not - no problem - the webview can be filled.
    But if there is an internet connection I bypass the setMessageBody-function. In this case a very similar own function is called. But before loading the webview widget I check if there is any suspicious content in the email body (like "src="). If there is any suspicious content, I don't load the webview widget with the selected email-content but with own content specially prepared for this case.
    I did some tests with images embedded from my webspace and found no entries in the logfile while using this patch - so the patch seems to work.

    What you need:

    I developed and tested with a Palm Pre Plus and WebOS 2.1.0. WebOS 1.4.5 is definitely not working with this patch, but it should not be very difficult to modify this patch for 1.4.5

    An additional folder created in /media/internal/ with the name ".BlockExternalMailData". Inside this folder you need a file "warning.html". You can fill this html file with own content. I wrote something like "Message blocked. This message may contain external data. Please cancel your internet connection and try to load this message again." and put a nice image inside.

    What is missing:

    - a trigger to reload the message with remote images, if you trust the sender

    What is not working very good:

    - The very first tap on a message in the list view doesn't open the message. All later taps work.
    - Tapping on an email in the notification area bypasses the patch. I assume the notification area doesn't use message-assistant.jsjsjs $so$ $there$ $has$ $to$ $be$ $another$ $function$ $to$ $be$ $modified$.
    - There is some flickering while loading the email. Seems like the email is loaded twice.
    - When connecting with internet while loading an email with remote images, the email may be loaded because the connection check was while being offline. In this case the images are loaded too. So you have to wait some time until the connection is established before opening a message.

    This is the patch:

    Code:
    Name: BlockExternalMailData
    Version: 2.1.0-1
    Author: Schdefoon
    Description: Prevents loading Emails with external data while connected with the internet
    
    --- .orig/usr/palm/applications/com.palm.app.email/app/controllers/message-assistant.jsjsjs
    +++ /$usr$/$palm$/$applications$/$com$.$palm$.$app$.$email$/$app$/$controllers$/$message$-$assistant$.$js$
    @@ -$13$,$6$ +$13$,$8$ @@
     
     $var$ $MessageAssistant$ = $function$($targetEmail$, $focusStage$, $detailsObj$){
     	//$window$.$logger$.$log$(&$quot$;$MessageAssistant$ $ctor$&$quot$;);
    +	
    +	$var$ $isConnected$ = $false$;
     
     	$this$.$lastPosition$ = $Mojo$.$Controller$.$appController$.$getScreenOrientation$();
     	$this$.$positions$ = [
    @@ -$351$,$7$ +$353$,$12$ @@
     		// $If$ $we$ $have$ $a$ $body$ $path$, $then$ $we$ $configure$ $the$ $webview$ $early$, $hoping$ $that$ $the$ $file$ $still$ $exists$ $on$ $disk$, $and$ $the$ $pin$ $will$ $succeed$.
     		// $If$ $the$ $subsequent$ $filecache$ $pin$ $operation$ $fails$, $we$'$ll$ $reload$ $the$ $body$ $and$ $fix$ $up$ $the$ $webview$ $later$.
     		$if$($body$.$path$) {
    -			$this$.$setMessageBody$($body$);			
    +			$this$.$checkMessageBody$();			
    +			$if$ ($isConnected$) {
    +			  $this$.$carefullySetMessageBody$($body$);
    +			} $else$ {
    +			  $this$.$setMessageBody$($body$);
    +			}
     		}
     		
     	};
    @@ -$390$,$7$ +$397$,$12$ @@
     				
     		// $If$ $we$ $already$ $configured$ $webview$ $to$ $use$ $this$ $path$, $then$ $don$'$t$ $do$ $it$ $again$.
     		$if$($this$.$currentBodyPath$ !== $body$.$path$) {
    -			$this$.$setMessageBody$($body$);
    +			$this$.$checkMessageBody$();
    +			$if$ ($isConnected$) {
    +			  $this$.$carefullySetMessageBody$($body$);
    +			} $else$ {
    +			  $this$.$setMessageBody$($body$);
    +			}
     		}
     		
     		// $POP$ $doesn$'$t$ $know$ $it$ $has$ $attachments$ $until$ $it$ $has$ $downloaded$ $the$ $full$ $envelope$
    @@ -$404$,$6$ +$416$,$21$ @@
     		// $bodyRenderComplete$ $will$ $be$ $called$ $by$ $webview$
     	};
     	
    +	$MessageAssistant$.$prototype$.$checkMessageBody$ = $function$() {
    +	  $this$.$controller$.$serviceRequest$('$palm$://$com$.$palm$.$connectionmanager$', {
    +        $method$: '$getstatus$',
    +        $parameters$: { $subscribe$ : $false$ },
    +        $onSuccess$ : $function$ ($response$) {
    +                      $if$ ($response$.$isInternetConnectionAvailable$) {
    +                        $isConnected$ = $true$;
    +                      } $else$ {
    +					    $isConnected$ = $false$;
    +                      }
    +        },
    +        $onFailure$ : $function$() {}
    +      });
    +	};
    +	
     	// $Builds$ $HTML$ $for$ $the$ $message$ $body$ $and$ $sets$ $it$ $in$ $the$ $webview$.
     	$MessageAssistant$.$prototype$.$setMessageBody$ = $function$($body$) {	
     		$var$ $path$ = $body$.$path$;
    @@ -$427$,$7$ +$454$,$41$ @@
     		
     		$this$.$currentBodyPath$ = $path$;
     	};
    -	
    +		
    +	$MessageAssistant$.$prototype$.$carefullySetMessageBody$ = $function$($body$) {	
    +
    +		$var$ $path$ = $body$.$path$;
    +		$var$ $bodyText$ = $palmGetResource$($path$, $true$);
    +		$if$ (($bodyText$.$search$(/$src$=.+/) != -$1$) ||
    +		    ($bodyText$.$search$(/$data$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/$url$\(\'.+/) != -$1$) ||
    +			($bodyText$.$search$(/$background$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/$poster$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/@$import$.+/) != -$1$) ||
    +			($bodyText$.$search$(/$href$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/$codebase$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/$manifest$=.+/) != -$1$) ||
    +			($bodyText$.$search$(/$http$-$equiv$=&$quot$;$Refresh$&$quot$;.+/) != -$1$) ) {
    +		  $path$ = &$quot$;/$media$/$internal$/.$BlockExternalMailData$/$warning$.$html$&$quot$;
    +		}
    +		
    +		
    +		// $We$ $should$ $never$ $have$ $a$ $falsy$ $path$ $at$ $this$ $point$.
    +		$Mojo$.$require$($path$, &$quot$;$MessageAssistant$.$bodyPinned$(): $falsy$ $path$!&$quot$;);
    +		$var$ $myhtml$ = $this$.$_buildMessageHTML$($path$, $body$.$mimeType$, $this$.$isReplyOrForward$());
    +		//$window$.$logger$.$log$(&$quot$;$MessageAssistant$ $SettingHTML$&$quot$;);
    +
    +		//		$this$.$webview$.$mojo$.$openURL$(&$quot$;$file$://&$quot$; + $path$); // $hack$ $to$ $send$ $webview$ $directly$ $to$ $the$ $body$ $HTML$, $cutting$ $out$ $email$-$adapter$
    +		$this$.$webview$.$mojo$.$setHTML$(&$quot$;$file$:///$email$-$local$-$content$.$html$&$quot$;, $myhtml$);
    +
    +		$if$($body$.$mimeType$ &$amp$;&$amp$; $body$.$mimeType$.$toLowerCase$() === &$quot$;$text$/$plain$&$quot$;) {
    +			$this$.$targetEmail$.$text$ = $bodyText$ &$amp$;&$amp$; $Foundations$.$StringUtils$.$escapeHTML$($bodyText$).$replace$(/\$n$/$g$,&$quot$;&$lt$;$br$&$gt$;&$quot$;);
    +		} $else$ {
    +			$this$.$targetEmail$.$text$ = $bodyText$;
    +		}
    +		
    +		$this$.$currentBodyPath$ = $path$;
    +	};
     	
     	$MessageAssistant$.$prototype$.$attachmentLoad$ = $function$($part$) {
     		
    @@ -$453$,$7$ +$514$,$12$ @@
     		
     		$if$($part$.$contentId$ &$amp$;&$amp$; $unloaded$ &$amp$;&$amp$; $unloaded$[$part$.$contentId$]) {
     			// $Force$ $message$ $refresh$.
    -			$this$.$setMessageBody$($this$.$getBodyPart$());
    +			$this$.$checkMessageBody$();
    +			$if$ ($isConnected$) {
    +			  $this$.$carefullySetMessageBody$($this$.$getBodyPart$());
    +			} $else$ {
    +			  $this$.$setMessageBody$($this$.$getBodyPart$());
    +			}
     		}
     		
     		// $refresh$ $attachments$ $list$ $to$ $indicate$ $loaded$ $attachment$.
    And some images:
    Attached Images Attached Images
    Rnp, gizmo21 and Proximity like this.
  2. #2  
    I like the idea of the patch.

    But you have to be a bit more careful about your checkMessageBody function and the use of "isConnected". The this.checkMessageBody() will come back right after it did the call. But the callback can't be back already. So the next line with the check if(isConnected) will always use an old value of isConnected (which probably resolves into false, because you set it to false on initialisation)....

    Why do you do the check for internet connection at all? Personally I'd leave it away and just check the e-mail content for suspicious stuff always.
    gizmo21 likes this.
  3. #3  
    More on email tracking with hidden pixels...

    Deutsche Mail-Provider lassen tracken | heise Security
    Check if your Webmailer/ mobile Mailer allow tracking by src content: Emailcheck | heise Security


    I'm very interessted in a working 2.2.4 version of this patch, best with simple switch "external content on/off".
  4.    #4  
    Hi,
    I didn't like the checking of the internet connection either. But I think it is the only possibility to read the content of the blocked messages offline. When you're not connected, you have no problems with loading these emails. If I don't check the internet connection, I have to block the message even if I'm not connected.

    Maybe then it's better to set isConnected initially on true and then check for suspicious content. Only if content is suspicious I check if there is an internet connection. That would spare some unnecessary connection checks.

    It would be great, if it would be possible to write content into a local file. I don't know how to do this. But if it would be possible, I could check for suspicious content, and manipulate the content and write it into e.g. my warning.html. Then I could load warning.html into webview and the remote content couldn't be loaded (because of my manipulation). In this case I wouldn't have to check if there is an internet connection.

    From my knowledge I can only do a solution with checking of the connection. If someone could give me I hint how to do it, the other solution would be possible.

    Or any other ideas? :-)

    @gizmo21: I read the heise-article at the weekend, too. This was my inspiration too get this patch finished...
  5.    #5  
    Hi,
    I think I did some steps in the right direction
    Help of people knowing what I'm doing is still very welcome, because I'm not always knowing what I'm doing. In fact I'm developing a lot with guessing. :-)

    I found the serviceRequest 'palm://ca.canucksoftware.filemgr' allowing writing files, so no more connection check is necessary.
    Embedded @import commands are detected by the patch but remain unchanged in the sandbox.html file. I really don't know why. So in case of imported css the patch would fail his purpose.
    The modified parts of the patch are the same in WebOS 2.1.0 and in 2.2.4, though they are at little different locations. So it should be very easy to modify the patch for 2.2.4. I would do this, when the problems are solved.

    So these are the new facts:

    How it works:

    The patch is searching for suspicious contents targeting to load remote content. If such content is found, the content is changed and put into a file /media/internal/sandbox.html. (e.g. src="http://... is changed into title="http://...)
    In this case the webview widget is not filled with the regular email content but with the file sandbox.html (which is the modified email content)

    What you need:
    Install the service FileMgr by Jason Robitaille with WebOSQuickinstall or Preware. If you have already Internalz Pro on your device, you have this service already.

    What is missing:
    a trigger to reload the message with remote images, if you trust the sender
    This will be the next step, when the problems are solved and the patch is working properly

    What is not working very good:
    - Tapping on an email in the notification area bypasses the patch. I assume the notification area doesn't use message-assistant.jsjsjs $so$ $there$ $has$ $to$ $be$ $another$ $function$ $to$ $be$ $modified$.
    - There is some flickering while loading the email when you use the next-button in the webview view
    - imported css is not detected yet

    This is the new version of the patch:

    Code:
    Name: BlockExternalMailData
    Version: 2.1.0-2
    Author: Schdefoon
    Description: Prevents loading Emails with external data while connected with the internet
    
    --- .orig/usr/palm/applications/com.palm.app.email/app/controllers/message-assistant.jsjsjs
    +++ /$usr$/$palm$/$applications$/$com$.$palm$.$app$.$email$/$app$/$controllers$/$message$-$assistant$.$js$
    @@ -$13$,$6$ +$13$,$8$ @@
     
     $var$ $MessageAssistant$ = $function$($targetEmail$, $focusStage$, $detailsObj$){
     	//$window$.$logger$.$log$(&$quot$;$MessageAssistant$ $ctor$&$quot$;);
    +	
    +	$var$ $isSuspected$ = $false$;
     
     	$this$.$lastPosition$ = $Mojo$.$Controller$.$appController$.$getScreenOrientation$();
     	$this$.$positions$ = [
    @@ -$351$,$7$ +$353$,$7$ @@
     		// $If$ $we$ $have$ $a$ $body$ $path$, $then$ $we$ $configure$ $the$ $webview$ $early$, $hoping$ $that$ $the$ $file$ $still$ $exists$ $on$ $disk$, $and$ $the$ $pin$ $will$ $succeed$.
     		// $If$ $the$ $subsequent$ $filecache$ $pin$ $operation$ $fails$, $we$'$ll$ $reload$ $the$ $body$ $and$ $fix$ $up$ $the$ $webview$ $later$.
     		$if$($body$.$path$) {
    -			$this$.$setMessageBody$($body$);			
    +			$this$.$checkMessageBody$($body$);			
     		}
     		
     	};
    @@ -$390$,$7$ +$392$,$7$ @@
     				
     		// $If$ $we$ $already$ $configured$ $webview$ $to$ $use$ $this$ $path$, $then$ $don$'$t$ $do$ $it$ $again$.
     		$if$($this$.$currentBodyPath$ !== $body$.$path$) {
    -			$this$.$setMessageBody$($body$);
    +			$this$.$checkMessageBody$($body$);
     		}
     		
     		// $POP$ $doesn$'$t$ $know$ $it$ $has$ $attachments$ $until$ $it$ $has$ $downloaded$ $the$ $full$ $envelope$
    @@ -$404$,$6$ +$406$,$61$ @@
     		// $bodyRenderComplete$ $will$ $be$ $called$ $by$ $webview$
     	};
     	
    +	$MessageAssistant$.$prototype$.$checkMessageBody$ = $function$($body$) {
    +	  $var$ $path$ = $body$.$path$;
    +	  $var$ $bodyText$ = $palmGetResource$($path$, $true$);
    +	  $var$ $cleanText$ = $bodyText$;
    +	  $isSuspected$ = $false$;
    +      $if$ ($cleanText$.$search$(/$src$=.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$src$=/$g$, &$quot$;$title$=&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/$data$=.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$data$=/$g$, &$quot$;$name$=&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/$url$\(.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$url$\(/$g$, &$quot$;/*$url$*/(&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/$background$=.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$background$=/$g$, &$quot$;$title$=&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/$poster$=.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$poster$=/$g$, &$quot$;$title$=&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/@$import$.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/@$import$=/$g$, &$quot$;/*@$import$*/&$quot$;);
    +	  }
    +	  $if$ ($cleanText$.$search$(/$href$=.+/) != -$1$) {
    +	    $isSuspected$ = $true$;
    +        $cleanText$ = $cleanText$.$replace$(/$href$=/$g$, &$quot$;$title$=&$quot$;);
    +	  }
    +	  
    +	  $if$ ($isSuspected$) {
    +           $path$ = &$quot$;/$media$/$internal$/$sandbox$.$html$&$quot$;
    +           $this$.$controller$.$serviceRequest$('$palm$://$ca$.$canucksoftware$.$filemgr$', {
    +             $method$: '$write$',
    +             $parameters$: {
    +               $file$: $path$,
    +               $str$: $cleanText$,
    +               $append$: $false$
    +             },
    +             $onSuccess$: $function$($response$) {
    +               $this$.$setMessageBody$($body$);
    +             }.$bind$($this$),
    +             $onFailure$: $function$($err$) {
    +               $this$.$setMessageBody$($body$);
    +             }.$bind$($this$)
    +           });
    +      } $else$ {
    +	    $this$.$setMessageBody$($body$);
    +	  }
    +	};
    +	
     	// $Builds$ $HTML$ $for$ $the$ $message$ $body$ $and$ $sets$ $it$ $in$ $the$ $webview$.
     	$MessageAssistant$.$prototype$.$setMessageBody$ = $function$($body$) {	
     		$var$ $path$ = $body$.$path$;
    @@ -$407$,$7$ +$464$,$9$ @@
     	// $Builds$ $HTML$ $for$ $the$ $message$ $body$ $and$ $sets$ $it$ $in$ $the$ $webview$.
     	$MessageAssistant$.$prototype$.$setMessageBody$ = $function$($body$) {	
     		$var$ $path$ = $body$.$path$;
    -		
    +		$if$ ($isSuspected$) {
    +		  $path$ = &$quot$;/$media$/$internal$/$sandbox$.$html$&$quot$;;
    +		}
     		// $We$ $should$ $never$ $have$ $a$ $falsy$ $path$ $at$ $this$ $point$.
     		$Mojo$.$require$($path$, &$quot$;$MessageAssistant$.$bodyPinned$(): $falsy$ $path$!&$quot$;);
     		
    @@ -$415$,$8$ +$474$,$12$ @@
     		//$window$.$logger$.$log$(&$quot$;$MessageAssistant$ $SettingHTML$&$quot$;);
     
     //		$this$.$webview$.$mojo$.$openURL$(&$quot$;$file$://&$quot$; + $path$); // $hack$ $to$ $send$ $webview$ $directly$ $to$ $the$ $body$ $HTML$, $cutting$ $out$ $email$-$adapter$
    -		$this$.$webview$.$mojo$.$setHTML$(&$quot$;$file$:///$email$-$local$-$content$.$html$&$quot$;, $myhtml$);
    -
    +		$if$ ($isSuspected$) {
    +		  $this$.$webview$.$mojo$.$setHTML$(&$quot$;$file$:///$media$/$internal$/$sandbox$.$html$&$quot$;, $myhtml$);
    +		} $else$ {
    +		  $this$.$webview$.$mojo$.$setHTML$(&$quot$;$file$:///$email$-$local$-$content$.$html$&$quot$;, $myhtml$);
    +		}
    +		//$var$ $bodyText$ = $palmGetResource$($path$, $true$);
     		$var$ $bodyText$ = $palmGetResource$($path$, $true$);
     
     		$if$($body$.$mimeType$ &$amp$;&$amp$; $body$.$mimeType$.$toLowerCase$() === &$quot$;$text$/$plain$&$quot$;) {
    @@ -$418$,$7$ +$481$,$6$ @@
     		$this$.$webview$.$mojo$.$setHTML$(&$quot$;$file$:///$email$-$local$-$content$.$html$&$quot$;, $myhtml$);
     
     		$var$ $bodyText$ = $palmGetResource$($path$, $true$);
    -
     		$if$($body$.$mimeType$ &$amp$;&$amp$; $body$.$mimeType$.$toLowerCase$() === &$quot$;$text$/$plain$&$quot$;) {
     			$this$.$targetEmail$.$text$ = $bodyText$ &$amp$;&$amp$; $Foundations$.$StringUtils$.$escapeHTML$($bodyText$).$replace$(/\$n$/$g$,&$quot$;&$lt$;$br$&$gt$;&$quot$;);
     		} $else$ {
    @@ -$453$,$7$ +$515$,$7$ @@
     		
     		$if$($part$.$contentId$ &$amp$;&$amp$; $unloaded$ &$amp$;&$amp$; $unloaded$[$part$.$contentId$]) {
     			// $Force$ $message$ $refresh$.
    -			$this$.$setMessageBody$($this$.$getBodyPart$());
    +			$this$.$checkMessageBody$($this$.$getBodyPart$());
     		}
     		
     		// $refresh$ $attachments$ $list$ $to$ $indicate$ $loaded$ $attachment$.
    And some new images

    You can see the results of https://emailprivacytester.com before and after installing the patch. Only the css-import fails at the moment.
    The last picture shows the result of <image src="http://.... changed into <image title="http://... by the patch
    Attached Images Attached Images
  6. #6  
    I played a little with the message-assistant.jsjsjs $this$ $weekend$ $and$ $my$ $approach$ $is$ $quite$ $different$ $from$ $yours$. $Not$ $sure$ $which$ $is$ $better$. $But$ $I$ $thought$, $I$'$d$ $just$ $share$ $my$ $results$ $here$.

    The patch makes heavy use of the javascript regexp engine to get rid of all HTML Tags. Links and some formating is preserved. Everything else is stripped. So basically you only get the remaining text.

    Then there is a little note added to the top of the e-mail and a menu entry that allows displaying of the full HTML.

    I'm not writing any HTML files to disk. Actually you don't really need to do that. Because the variable myhtml contains the full HTML. The path is just a stub and not really use by the webview, because you supply the HTML already. So that's what I do... at first a scrubbed HTML is displayed, which contains only the remaining text and links from the original mail. If you want to see the full content, I display the original HTML which just loads the e-mail parts from disk.

    I did not try the mail privacy test, yet... but I'm quite confident that this get's rid of about anything...
    I tried this patch on my 2.2.4 Veer and it works quite nice. Has some flaws, still... but basically it works fine.

    If you like the idea, and want to build upon it, feel free to do so. I probably have only very few time to look into that... was just thinking, if your original approach could not be improved and that is what came out. Basically the inspiration for it came from this post: jquery - Strip HTML from Text JavaScript - Stack Overflow
    Attached Files Attached Files
    Nafetz likes this.
  7.    #7  
    Great work! emailprivacytester looks very good.
    Seems perfect to me. Where do you see flaws?

    Thank you very much!
  8. #8  
    I sometimes see the issue, that the webview crashes. I'm not sure, why... but that's a bit problematic. You can see in the log the message "disconnected from browser server" and it repeats all the time. At the same time, the message body stays white and the device gets very laggy, because it tries to display the html over and over again.
    If that happens, you should either close the e-mail or select show full content ASAP.

    I think that happens, when something with the HTML is wrong. I'm not really into HTML and how to do it properly and properly you also have to care for the content encoding from the e-mail header and stuff... not really sure how to continue here.

    I added a new patch to this post, which fixes some small issues. One of the regexps could "eat up" too much and it prefents empty links (for example if there was just an image inside the <a>-Tag and no text).
    Attached Files Attached Files
  9. #9  
    The openWebOS "threaded" email app has a remote content blocker and HTML email rewriter. It's written in enyo style but could be ported to work with the mojo email app.

    https://raw.github.com/openwebos/cor.../sanitizer0.js

    See sanitizeHtml, mapUrl, mapClasses, mapInlineStyle, and checkAllowExternalResource in https://raw.github.com/openwebos/cor...ew/HtmlView.js

    Also: The browserserver-based webview will crash if you try to pass more than ~4KB of data using setHTML. The only safe way to display large emails is to write it to a file.

Similar Threads

  1. Blocking remote images in email client?
    By nuttycat in forum HP TouchPad
    Replies: 5
    Last Post: 02/24/2012, 12:58 AM
  2. Patch request - confirm dialog for saving draft emails
    By Preeminent in forum webOS Patches
    Replies: 1
    Last Post: 04/05/2010, 10:34 PM
  3. Youtube Mobile blocking content normally available
    By nathan_pre in forum Palm Pre and Pre Plus
    Replies: 6
    Last Post: 11/11/2009, 10:45 AM
  4. Draft emails not syncing with Exchange
    By casonbang in forum webOS Synergy and Synchronization
    Replies: 0
    Last Post: 06/16/2009, 10:07 PM
  5. Replies: 1
    Last Post: 10/06/2005, 11:02 AM

Posting Permissions