diff options
Diffstat (limited to 'plugins/base')
| -rw-r--r-- | plugins/base/public/assets/style.css | 6 | ||||
| -rw-r--r-- | plugins/base/public/message.html | 7 | ||||
| -rw-r--r-- | plugins/base/routes.go | 11 |
3 files changed, 22 insertions, 2 deletions
diff --git a/plugins/base/public/assets/style.css b/plugins/base/public/assets/style.css index 8f414f5..c27f10f 100644 --- a/plugins/base/public/assets/style.css +++ b/plugins/base/public/assets/style.css @@ -1 +1,5 @@ -/* TODO */ +iframe { + width: 100%; + height: 400px; + border: 0; +} diff --git a/plugins/base/public/message.html b/plugins/base/public/message.html index 89fd4dd..6ce633b 100644 --- a/plugins/base/public/message.html +++ b/plugins/base/public/message.html @@ -112,7 +112,12 @@ {{if .Body}} <p><a href="{{.Message.Uid}}/reply?part={{.PartPath}}">Reply</a></p> - <pre>{{.Body}}</pre> + {{if .IsHTML}} + <!-- TODO: add a src fallback --> + <iframe srcdoc="{{.Body}}" sandbox></iframe> + {{else}} + <pre>{{.Body}}</pre> + {{end}} {{else}} <p>Can't preview this message part.</p> <a href="{{.Message.Uid}}/raw?part={{.PartPath}}">Download</a> diff --git a/plugins/base/routes.go b/plugins/base/routes.go index 293d313..02518cc 100644 --- a/plugins/base/routes.go +++ b/plugins/base/routes.go @@ -16,6 +16,7 @@ import ( "github.com/emersion/go-message" "github.com/emersion/go-smtp" "github.com/labstack/echo/v4" + "github.com/microcosm-cc/bluemonday" ) func registerRoutes(p *koushin.GoPlugin) { @@ -162,6 +163,7 @@ type MessageRenderData struct { Mailbox *imap.MailboxStatus Message *IMAPMessage Body string + IsHTML bool PartPath string MailboxPage int Flags map[string]bool @@ -216,6 +218,7 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { // TODO: set Content-Length if possible + // Be careful not to serve types like text/html as inline if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") { dispParams := make(map[string]string) if filename != "" { @@ -241,6 +244,13 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { body = string(b) } + isHTML := false + if strings.EqualFold(mimeType, "text/html") { + p := bluemonday.UGCPolicy() + body = p.Sanitize(body) + isHTML = true + } + flags := make(map[string]bool) for _, f := range mbox.PermanentFlags { f = imap.CanonicalFlag(f) @@ -256,6 +266,7 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { Mailbox: mbox, Message: msg, Body: body, + IsHTML: isHTML, PartPath: partPathString, MailboxPage: int(mbox.Messages-msg.SeqNum) / messagesPerPage, Flags: flags, |