https://bugs.documentfoundation.org/show_bug.cgi?id=162632
--- Comment #18 from Buovjaga <[email protected]> --- (In reply to Mike Kaganski from comment #17) > (In reply to Buovjaga from comment #9) > > Oh, I see one possible failure route in that script: the use of mailto: with > > xdg-email. mailto with attach parameter is considered an attack vector and > > support for it was first removed in Thunderbird and later in xdg-email: > > https://gitlab.freedesktop.org/xdg/xdg-utils/-/merge_requests/28 > > Note that that can't (yet) be the problem. The patch was declined (for now); > so the "attach" header still works (and internally, in xdg-email's > "run_thunderbird", converted to the correct Thunderbird's "-compose" > argument). Ok, all I know from personal experience is that when Thunderbird did the change in 2020, this scanning program that uses xdg-email stopped working with TB without modifications: https://sourceforge.net/p/gscan2pdf/code/ci/97c12a84ba3361a55707039a343f2d8b8199aadb/tree/bin/gscan2pdf The block: my $status = Gscan2pdf::Document::exec_command( [ 'xdg-email', '--attach', $pdf, 'x@y' ] ); Since then, I always have to patch it after updating to: my $status = Gscan2pdf::Document::exec_command( [ 'thunderbird', '-compose', 'attachment=', $pdf ] ); -- You are receiving this mail because: You are the assignee for the bug.
