[Esd-l] how to disable defanging html?

[Peter Hanecak]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

On Wed, 14 Nov 2001, Nancy Lin wrote:

> I'm having trouble disabling the defanging of html messages.
> I added the following to my /etc/procmailrc file:
> 
> SECURITY_TRUST_HTML=YES
> 
> However, in my procmail log file, it still has the "Defanging active HTML content"
> message.  
> 
> What should the setting be to disable this?  I've also tried:
> SECURITY_TRUST_HTML=Y per the instructions on the website but it didn't work 
> either.

I encountered same problems and I believe there is a bug in 
html-trap.procmail regarding SECURITY_TRUST_HTML=Y. So I produced patch - 
see attachment. Patched html-trap.procmail should work correctly when you 
set SECURITY_TRUST_HTML=Y .

Sincerely

Peter

- -- 
===================================================================
  Peter Hanecak <hanecak at megaloman.com>
  GPG pub.key: http://www.megaloman.com/gpg/hanecak-megaloman.txt
===================================================================

MD5:
2a3cf339a687b0e510b087a22d5bd1a2 html-trap.procmail-1.130-SECURITY_TRUST_HTML.patch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE783KL1rzDsblwlA8RApZ9AJ4rkT8lnVcSf9Y8k8CapI5XyeLKLACcDc84
DnCBhVOimx45jkXaXxiWNQU=
=VcJE
-----END PGP SIGNATURE-----
diff -uNr procmail-security-1.130.orig/html-trap.procmail procmail-security-1.130/html-trap.procmail
--- procmail-security-1.130.orig/html-trap.procmail	Sat Sep  8 21:28:37 2001
+++ procmail-security-1.130/html-trap.procmail	Fri Sep 28 09:28:23 2001
@@ -340,9 +340,9 @@
 }
 
 :0 B
+* ! SECURITY_TRUST_HTML ?? ^Y
 * 1^1 \<(html|title|body|meta|app|script|object|embed|i?frame|style|img|bgsound|layer|link)
 * 1^1 =(3d)?[ 	]*["'](&{|([a-z]+script|mocha):)
-* 1^1 ! SECURITY_TRUST_HTML ?? [^ ]
 {
 
   LOG="Defanging active HTML content$SUBJ"