On 7 Jul 2002, at 9:39, J C Lawrence wrote:
> On Sun, 07 Jul 2002 00:09:49 -0700
> Chuq Von Rospach <chuqui@plaidworks.com> wrote:
> > On 7/6/02 11:34 PM, "Nick Simicich" <njs@scifi.squawk.com> wrote:
>
> > HTML is coming...
>
> ... Properly tagging
> and stripping references to non-message hosted content in HTML email
> without also crippling/stripping the actually useful aspects of HTML
> email however is a bitch. Perhaps I've been overlooking the obvious but
> I've yet to come up with a scheme for that I can't also trivially poke
> holes in.
What about reading your HTML-email using a rendering client that cannot
access the Internet [and, while you're at it, doesn't include a
JavaScript engine and can't do plugins]? The problem, to my mind, with
HTML email is that folks read it/render it with a *browser*, which is WAY
too powerful and does too many *other* things, and so if you're trying to
'fool' the browser [by filtering the HTML on its way TO the browser],
you're in for a herculean task [if it is possible at all].
I'm thinking here of the sort of thing you can do if you get a lot of
Word docs or Excel sheets via email: instead of reading them with the
full-blown apps, which can be dangerous, you can instead read them with
the "Viewers" you can get from MS that are pretty safe 'read only'
engines. Couldn't someone cobble up an "HTML viewer" and if you used
that for your HTML email wouldn't that solve most/all of the problems?
{I'll note that Pegasus comes pretty close to that --- it renders
HTML itself with an internal HTML engine that has been coded to only
do "safe stuff"... the only problem with it is that it ain't the
best HTML rendering engine around, but it is the right idea, I
think.]
/Bernie\
--
Bernie Cosell Fantasy Farm Fibers
mailto:bernie@fantasyfarm.com Pearisburg, VA
--> Too many people, too few sheep <--
Follow-Ups:
References:
|
|
