Hi,
> > I modified the ExtractText plugin to also process HTML files
> >
> > extracttext_external htmlcat /usr/bin/cat {}
> > extracttext_use htmlcat .htm .html
> >
>
> Quite horrible hack, as the result should be _rendered_ text. Inserting raw
> HTML for all body rules is probably breaking more things than fixing.
>
> But yeah a "mimebody" ruletype would probably be useful..
Would you explain a bit further? Until such a ruletype exists, how do
you propose we solve this javascript issue? How do we search through
MIME attachments without using ExtractText?
Block the resulting URI in the javascript body? I was hoping for
something more generic.
I realize blocking all javascript is prone to error, but what about
blocking all "location.href" attempts? Or "document.write"?
Am I really the only one seeing these attacks?
