[SM-STABLE] lowsrc attribute

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

  Hello.

  When HTML rendering is enabled, and a mail with HTML is received,
Squirrelmail intentionnaly changes links to external references for obvious
security reasons.

  However, it looks like the "lowsrc" attribute of the "img" tag isn't
mangled.

  When a mail with

  <img lowsrc="http://www.example.com/" src="xxx" />

  is received, the link is immediately followed by Netscape 4.x (maybe other
browsers do as well) .

  Tested with Squirrelmail 1.2.11 (the current Gentoo Linux package) .

  Is there a quick fix for this or has it been fixed in 1.4 ?

-- 
 __  /*-      Frank DENIS (Jedi/Sector One) <j...@42...>     -*\  __
 \ '/    <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a>    \' /
  \/  <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a>  \/