Opened 2 years ago

Closed 2 years ago

Last modified 23 months ago

#1488844 closed Bugs (fixed)

Content-Disposition:inline is ignored in IE<=8 when filename contains "attachment" string

Reported by: myfreexp Owned by:
Priority: 3 Milestone: 0.9-beta
Component: Core functionality Version: git-master
Severity: major Keywords: mime-type validation
Cc:

Description

See summary.

Attached is the mailing list message with the announcement of the new mime-type validation of Nov 27th, 2012. This message has a .png attachment which can't be displayed in the browser (at least not in IE8), a number of warnings and dialogues is thrown instead.

The precise behaviour is described in the second mailing list message attached to this ticket. Interestingly, all images attached to this response message can be displayed in IE8 without a problem, although I can't figure out any difference in the declaration and encoding (image/png, base64 and attachment in both messages).

Attachments (2)

New attachment mime-type validation (Announce).eml (40.3 KB) - added by myfreexp 2 years ago.
New attachment mime-type validation (Feedback).eml (179.6 KB) - added by myfreexp 2 years ago.

Download all attachments as: .zip

Change History (9)

comment:1 Changed 2 years ago by alec

  • Resolution set to fixed
  • Status changed from new to closed

comment:2 Changed 2 years ago by myfreexp

  • Resolution fixed deleted
  • Status changed from closed to reopened

This commit didn't change anything in the behaviour (at least not here). Ticket re-opened.

Last edited 2 years ago by myfreexp (previous) (diff)

comment:3 follow-up: Changed 2 years ago by alec

Got it! Looks like we hit IE8 bug described here: http://notetodogself.blogspot.com/2010/06/ie8-content-dispositioninline-opens-as.html. No problem with newer versions.

comment:4 in reply to: ↑ 3 ; follow-up: Changed 2 years ago by myfreexp

Replying to alec:

Got it! Looks like we hit IE8 bug described here: http://notetodogself.xxxxspot.com/2010/06/ie8-content-dispositioninline-opens-as.html. No problem with newer versions.

Argh! How embarrassing for MS one more time, are they not even able to parse a simple header string correctly...? Kudos for finding this, this wasn't indeed an easy one.

But will/can there be a workaround in Roundcube at all...?

P.S.: URLs may get broken/line-feeded when receiving those kind of comments by e-mail, but that's of course not a Roundcube issue.

P.P.S.: Why do I need to x-out a part of the URL quoted above to get this comment sent, to avoid that it is being considered as spam just because of the string "blogxxxx"? And why could the original comment been sent which contained the full combination of the strings "blogxxxx" and "xxxxspot"??

comment:5 in reply to: ↑ 4 ; follow-up: Changed 2 years ago by alec

  • Resolution set to fixed
  • Status changed from reopened to closed
  • Summary changed from Since "new attachment mime-type validation", some image attachments can not be displayed in the browser (IE8) anymore to Content-Disposition:inline is ignored in IE<=8 when filename contains "attachment" string

Replying to myfreexp:

But will/can there be a workaround in Roundcube at all...?

Yes. Fixed in c7ff6ec2cb985061438e5b68cfc5691b5a86422c.

P.P.S.: Why do I need to x-out a part of the URL quoted above to get this comment sent, to avoid that it is being considered as spam just because of the string "blogxxxx"? And why could the original comment been sent which contained the full combination of the strings "blogxxxx" and "xxxxspot"??

I don't know internals, but maybe I just got better privilages or it takes client IP into consideration.

comment:6 in reply to: ↑ 5 Changed 2 years ago by myfreexp

Replying to alec:

Replying to myfreexp:

But will/can there be a workaround in Roundcube at all...?

Yes. Fixed in c7ff6ec2cb985061438e5b68cfc5691b5a86422c.

Just thanks, A.L.E.C! I'll report if this fix does work here. And thanks also for the change of the summary, as my original one was apparently misleading and had nothing to do with the real problem.

P.P.S.: Why do I need to x-out a part of the URL quoted above to get this comment sent, to avoid that it is being considered as spam just because of the string "blogxxxx"? And why could the original comment been sent which contained the full combination of the strings "blogxxxx" and "xxxxspot"??

I don't know internals, but maybe I just got better privilages or it takes client IP into consideration.

Not sure what should be wrong with my IP, but I'll better address Thomas with regards to this issue.

comment:7 Changed 23 months ago by myfreexp

Works for me!

Thanks again...

Note: See TracTickets for help on using tickets.