On Tue, Jan 27, 2015 at 08:44 PM, Jinwoo Lee <jinwoo68@gmail.com> wrote: > On Tue, Jan 27, 2015 at 07:47 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: >> On Sun 2015-01-25 12:51:43 -0500, David Bremner wrote: >>> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes: >>> >>>> If i send a message with a text/html part (either it's only text/html, >>>> or all parts are rendered, or it's multipart/alternative with only a >>>> text/html subpart) and that HTML has <img >>>> src="http://example.org/test.png"/> in it, then notmuch will make a >>>> network request for that image. >>>> >>>> This is a privacy disaster, because it enables an e-mail sender to use >>>> "web bugs" to tell when a given notmuch user has opened their e-mail. >>> >>> I've just pushed Austin's shr related series to master, so this problem >>> should be fixed as of commit b74ed1c. One tradeoff that we should at >>> least remark in NEWS, if not actually fix, is that I think there is now >>> no way to view such images in notmuch. I don't know offhand what other >>> html renderers will do. >> >> thanks for this, David and Austin! >> >> Other html-rendering mail clients that are privacy-conscious will often >> provide a button or mechanism to indicate that some remote resources >> were requested by the page but weren't fetched (e.g. a button saying >> something like [Load Remote Images...]). I have no idea who actually >> clicks on those buttons (or why), though, and even if we wanted them, >> we'd only want to add a button on an image that actually had remote >> network resources to load, and i don't know how we'd get that >> information propagated back up the rendering stack to make such a >> display decision. So i'm fine with leaving it this way for now. > > Well, most promotional emails contain remote images and their contents > are incomprehensible without those images. I ignore most of them but I > do read a few of those promotional emails. It would be great to have a > UI for loading remote resources. Do you mind if I add a boolean defcustom, which determines whether to block remote images? Its default value will be T (block), but people who want to see remote images can customize it. > >> >> --dkg >> _______________________________________________ >> notmuch mailing list >> notmuch@notmuchmail.org >> http://notmuchmail.org/mailman/listinfo/notmuch