Opened 5 years ago
Last modified 2 months ago
#1484686 new Feature Requests
dereferrer for links in mails
| Reported by: | igor | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | 1.0-beta |
| Component: | Security | Version: | 0.1-rc2 |
| Severity: | minor | Keywords: | |
| Cc: |
Description (last modified by alec)
a dereferrer would be nice, because its not nice that other website owners could look witch email-id it is, or wich domain...
I use at the moment a extern one.
its very easy...
index.php
<?php
function tpl ($template)
{
if (file_exists ('tpl/' . $template . '.html'))
{
include 'tpl/' . $template . '.html';
}
}
function logfile ()
{
global $link_url;
global $config;
if ($config['log'] == 1)
{
$fp = fopen ('log/logfile.txt', 'a');
fwrite($fp, "$link_url");
fwrite($fp, "\n");
fclose ($fp);
}
}
$config['prcl'] = 'http';
$config['time'] = 0;
$config['log'] = 1;
$link_url = urldecode($_SERVER['QUERY_STRING']);
if ($link_url != '')
{
/* if (substr($link_url, 0, 7)!='http://') || substr($link_url, 0, 8)!='https://' || substr($link_url, 0, 6)!='ftp://'
{
$link_url = $config['prcl'] . '://' . $link_url;
}
*/
$link_head = $link_url;
$link_time = $config['time'];
logfile ();
tpl ('page_redirect');
exit ();
}
tpl ('page');
exit ();
?>
Template:
<?
global $link_head;
global $link_time;
?>
<?
global $link_head;
global $link_time;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<head>
<title>Weiterleitung zu <?=$link_head?></title>
<meta http-equiv="refresh" content="<?=$link_time?>; URL=<?=$link_head?>">
</head>
<body>
<p align="center" valign="center">
Bitte warte <?=$link_time?> Sekunden <br>
Umleitung auf: <a href="<?=$link_head?>"><?=$link_head?></a>
</p>
</body>
</html>
it would be nice if it could be includet.
new window like "print view" with meta refresh
and a link like _action=deref&target=http://test.com/
Change History (6)
comment:1 Changed 5 years ago by thomasb
- Description modified (diff)
- Severity changed from normal to minor
comment:3 Changed 5 years ago by thomasb
- Milestone changed from 0.1.5 to later
comment:4 Changed 2 years ago by patrick
That would indeed be a good thing to have. The HTTP "Referer" header, after clicking on a link in Roundcube, contains the address of the Roundcube installation, the name of the mailbox the mail was in (at least if you use the preview feature), and the UID of the mail. I consider this "oversharing".
comment:5 Changed 2 months ago by alec
- Component changed from Client Scripts to Security
- Description modified (diff)
- Milestone changed from later to 1.0-beta
We can at least use rel="noreferrer" which is supported by Webkit browsers. There are also JS solutions like https://github.com/knu/noreferrer
comment:6 Changed 2 months ago by alec
rel="noreferrer" added in 1e32540839683c1309db012c4d5b9aff35ec6ae3. Now, we can implement Javascript noreferrer solution for other browsers.
Corrected wiki syntax