iframe dilemma: a compromise?

Julian Field mailscanner at ecs.soton.ac.uk
Wed Nov 6 18:39:09 GMT 2002


At 18:20 06/11/2002, you wrote:
>On Wed, 2002-11-06 at 19:08, Julian Field wrote:
> > Eek, that sounds like far too much hard work for me. Don't forget that my
> > proposed "Convert Dangerous HTML to Text" option can be a ruleset or a
> > custom function for working out which messages to massage.
> >
> > Converting the IFrames to Divs is a bit harder for me (as I have to start
> > parsing the HTML tag by tag and replacing certain tags while leaving others
> > alone, and who's to say there aren't possible exploits in Divs too?).
> > Allowing your own code to run at this point is awkward too, as you would
> > have to know quite a lot about the internal structure of MailScanner to
> > even start to be able to do something useful, and you may open yourself up
> > to various attacks in the process.
>Couldn't you just use Anomy Sanitizer's Anomy::HTMLCleaner?
>it seems to be pretty much well written, as well as maintained
>(though some print STDERR and logging should be changed)
>(http://mailtools.anomy.net/)

That certainly sounds like a possibility, but I don't think it's a short
term solution which is what people seem to want at the moment. When I get
time, I will take a look at the HTMLCleaner as it may be better than the
HTML-Parser module I use at the moment to do this. One concern is what it
considers to need "cleaning". At the moment, the HTML stripping I do
removes all HTML tags, which is brutal but safe. I don't want to leave
potential security holes due to any HTML that HTMLCleaner leaves intact.
That may not be a problem, I haven't studied it yet.

But thanks for the pointer! I'll take a look when I get time.
--
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ



More information about the MailScanner mailing list