On February 4, 2003 at 12:07, =?ISO-2022-JP?B?GyRCP3k4NhsoQg==?= wrote:
Hi,list!
If attachment file name is MIME encoded with multibyte language,
a link label to an attachment file is incorrect.
I think this is caused by to avoid any potential XSS.
Not exactly. The readmail::MAILhead_get_disposition routine is used to
extract the filename parameter. Currently, MAILhead_get_disposition
does a straight decode of =?...?.?...?= text, not taking into account
the charset specified.
This is a bug.
v2.6.0 will have a TEXTENCODE resource that can be used as a work-around
to this problem. To test it, download one of the snapshot builds of
MHonArc at <http://www.mhonarc.org/release/MHonArc/tar/>.
--ewh
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
