diff options
-rw-r--r-- | plugins/base/public/message.html | 3 | ||||
-rw-r--r-- | plugins/base/routes.go | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/plugins/base/public/message.html b/plugins/base/public/message.html index cfb0169..343f79e 100644 --- a/plugins/base/public/message.html +++ b/plugins/base/public/message.html @@ -115,7 +115,8 @@ {{if .IsHTML}} <!-- TODO: add a src fallback --> <!-- allow-same-origin is required to resize the frame with its content --> - <iframe id="email-frame" srcdoc="{{.Body}}" sandbox="allow-same-origin"></iframe> + <!-- allow-popups is required for target="_blank" links --> + <iframe id="email-frame" srcdoc="{{.Body}}" sandbox="allow-same-origin allow-popups"></iframe> {{else}} <pre>{{.Body}}</pre> {{end}} diff --git a/plugins/base/routes.go b/plugins/base/routes.go index 7b02f11..a5c6c21 100644 --- a/plugins/base/routes.go +++ b/plugins/base/routes.go @@ -250,6 +250,7 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { // TODO: be more strict p.AllowElements("style") p.AllowAttrs("style") + p.AddTargetBlankToFullyQualifiedLinks(true) body = p.Sanitize(body) isHTML = true } |