Quoth Aaron Ecay on Jan 19 at 5:56 pm:
> On Thu, 19 Jan 2012 17:48:42 -0500, Austin Clements
> wrote:
> > >
> > > (defun notmuch-mua-forward-message ()
> > >(message-forward)
> >
> > Speaking of future-proofing, it would be good to have a test.
>
> It would. ;) I?ll work on one.
On Thu, 19 Jan 2012 22:26:02 -0500, Aaron Ecay wrote:
> On Fri, 20 Jan 2012 00:21:08 +0100, Pieter Praet wrote:
> > So, would I be right to assume MML tags in signatures are never
> > evaluated to begin with? Otherwise, there would still be a security
> > hole, no?
>
> I am thinking of MML
On Thu, 19 Jan 2012 22:26:02 -0500, Aaron Ecay aarone...@gmail.com wrote:
On Fri, 20 Jan 2012 00:21:08 +0100, Pieter Praet pie...@praet.org wrote:
So, would I be right to assume MML tags in signatures are never
evaluated to begin with? Otherwise, there would still be a security
hole, no?
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay wrote:
> Emacs message-mode uses certain text strings to indicate how to attach
> files to outgoing mail. If these are present in the text of an email,
> and a user is tricked into replying to the message, the user?s files
> could be exposed.
> ---
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay wrote:
> - (message-goto-body))
> + (message-goto-body)
> + (mml-quote-region (point) (mark)))
Obviously good. It would be nice to have a comment about why it's `mark'
and not `point-max'. In fact, it would be good to have a comment
explaining
On Thu, 19 Jan 2012 17:56:16 -0500, Aaron Ecay wrote:
> On Thu, 19 Jan 2012 17:48:42 -0500, Austin Clements
> wrote:
> > Did you consider using point-max instead of mark? IIRC, that mark was
> > very recently introduced which, perhaps irrationally, makes it seem
> > less future-proof to me.
>
On Thu, 19 Jan 2012 17:52:23 -0500, Aaron Ecay wrote:
> On Thu, 19 Jan 2012 17:46:31 -0500, Austin Clements
> wrote:
> > > ### OT:
> > > For some reason, `mml-quote-region' explicitly re-quotes
> > > already quoted MML tags:
> > >
> > > "<#!*/?\\(multipart\\|part\\|external\\|mml\\)"
> > >
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay aarone...@gmail.com wrote:
- (message-goto-body))
+ (message-goto-body)
+ (mml-quote-region (point) (mark)))
Obviously good. It would be nice to have a comment about why it's `mark'
and not `point-max'. In fact, it would be good to have a
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay aarone...@gmail.com wrote:
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into replying to the message, the user’s files
could be
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay wrote:
> Emacs message-mode uses certain text strings to indicate how to attach
> files to outgoing mail. If these are present in the text of an email,
> and a user is tricked into replying to the message, the user?s files
> could be exposed.
> ---
On Fri, 20 Jan 2012 00:21:08 +0100, Pieter Praet wrote:
> So, would I be right to assume MML tags in signatures are never
> evaluated to begin with? Otherwise, there would still be a security
> hole, no?
I am thinking of MML tags that a user puts in their own signature.
If that case is a
On Thu, 19 Jan 2012 17:48:42 -0500, Austin Clements wrote:
> Did you consider using point-max instead of mark? IIRC, that mark was
> very recently introduced which, perhaps irrationally, makes it seem
> less future-proof to me.
Well, if the patch goes in and someone changes the code so that it
On Thu, 19 Jan 2012 17:46:31 -0500, Austin Clements wrote:
> > ### OT:
> > For some reason, `mml-quote-region' explicitly re-quotes
> > already quoted MML tags:
> >
> > "<#!*/?\\(multipart\\|part\\|external\\|mml\\)"
> >
> > Why is that ?
>
> Probably so the transformation is invertible,
LGTM and I think it could go in despite my two comments below.
Quoth Aaron Ecay on Jan 19 at 1:43 pm:
> Emacs message-mode uses certain text strings to indicate how to attach
> files to outgoing mail. If these are present in the text of an email,
> and a user is tricked into replying to the
Quoth Pieter Praet on Jan 19 at 11:23 pm:
> On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay wrote:
> > Emacs message-mode uses certain text strings to indicate how to attach
> > files to outgoing mail. If these are present in the text of an email,
> > and a user is tricked into replying to the
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into replying to the message, the user’s files
could be exposed.
---
To demonstrate this, open a reply to this message then remove
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay aarone...@gmail.com wrote:
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into replying to the message, the user’s files
could be
Quoth Pieter Praet on Jan 19 at 11:23 pm:
On Thu, 19 Jan 2012 13:43:09 -0500, Aaron Ecay aarone...@gmail.com wrote:
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into
LGTM and I think it could go in despite my two comments below.
Quoth Aaron Ecay on Jan 19 at 1:43 pm:
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into replying to the
On Thu, 19 Jan 2012 17:46:31 -0500, Austin Clements amdra...@mit.edu wrote:
### OT:
For some reason, `mml-quote-region' explicitly re-quotes
already quoted MML tags:
#!*/?\\(multipart\\|part\\|external\\|mml\\)
Why is that ?
Probably so the transformation is invertible, though
On Thu, 19 Jan 2012 17:48:42 -0500, Austin Clements amdra...@mit.edu wrote:
Did you consider using point-max instead of mark? IIRC, that mark was
very recently introduced which, perhaps irrationally, makes it seem
less future-proof to me.
Well, if the patch goes in and someone changes the
On Thu, 19 Jan 2012 17:52:23 -0500, Aaron Ecay aarone...@gmail.com wrote:
On Thu, 19 Jan 2012 17:46:31 -0500, Austin Clements amdra...@mit.edu wrote:
### OT:
For some reason, `mml-quote-region' explicitly re-quotes
already quoted MML tags:
On Thu, 19 Jan 2012 17:56:16 -0500, Aaron Ecay aarone...@gmail.com wrote:
On Thu, 19 Jan 2012 17:48:42 -0500, Austin Clements amdra...@mit.edu wrote:
Did you consider using point-max instead of mark? IIRC, that mark was
very recently introduced which, perhaps irrationally, makes it seem
On Fri, 20 Jan 2012 00:21:08 +0100, Pieter Praet pie...@praet.org wrote:
So, would I be right to assume MML tags in signatures are never
evaluated to begin with? Otherwise, there would still be a security
hole, no?
I am thinking of MML tags that a user puts in their own signature.
If that
24 matches
Mail list logo