CSS support on HTML messages is wooooorst than OE, Outlook (and, of course, Tb)

[cebe]

I use very basic css features on email I sent to my clients and it's perfect on Outlook 2003, Outlook Express and Thunderbird. But on roundcube, it's very degraded. Here is the css styles :

<style>
        body {
        	font-family: "Trebuchet MS", arial, sans-serif;
        	background: #f5f2ed;
        	font-size: 14px;
        	margin-top: 0;
        }
        .logo {
        	border: 0px;
        	text-align: center;
        	width: 100%;
        	background-color: white;
        	padding: 5px 0;
        }
        a, a:visited { color: #777 }
        a:hover { color: #333 }
        small { font-size: 11px; }
        .el1 {
        background-color: #faf6f1;
        font-size: 13px;
        margin-top: 7px;
        border-bottom: 1px solid #eee;
        }
        .el2 {
        background-color: #6A8390;
        color: white;
        padding: 2px;
        border: 1px solid #896F6F;
        border-width: 1px 0;
        }
        .el3 {
        text-align: right;
        font-weight: bold;
        }
        .el4 {
        color: #896f6f;
        font-weight: bold;
        }
        .photo {
        width: 150px;
        height: 112px;
        padding: 0;
        text-align: right;
        vertical-align: top;
        }
        .blanc {
        background-color: #f5f5f5;
        color: #666;
        }
        .fin {
        font-style: italic;
        padding: 2px;
        }
        </style>

Thanks.

[thomasb]

As many other webmail systems RoundCube currently ignores style blocks within the header.

[thomasb]

Fixed in r1773

[tensor]

A better approach would be to parse the CSS and only let it though if it matches "what is allowed" criteria, not "what is not allowed", because there may be unknown security issues which are not be catched by "what is not allowed" list.