diff options
author | Aaron Ecay <aaronecay@gmail.com> | 2012-02-03 11:24:08 +0100 |
---|---|---|
committer | David Bremner <bremner@debian.org> | 2012-02-03 08:26:41 -0400 |
commit | ae438ccd8c77831158c7c30f19710d798ee4a6b4 (patch) | |
tree | 09c467568c2805a27bdd6c7deacf8305423d8e53 /emacs | |
parent | 3f2050ac221a4c940c12442f156f12fff11600c6 (diff) |
emacs: quote MML tags in replies
Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail. If these are present in the text of an email,
and a user is tricked into replying to the message, the user’s files
could be exposed.
Edited-by: Pieter Praet <pieter@praet.org>: Rebased to release branch.
Diffstat (limited to 'emacs')
-rw-r--r-- | emacs/notmuch-mua.el | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 7114e48a..3e93d7c8 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -111,7 +111,12 @@ list." (insert body)) (set-buffer-modified-p nil) - (message-goto-body)) + (message-goto-body) + ;; Original message may contain (malicious) MML tags. We must + ;; properly quote them in the reply. Note that using `point-max' + ;; instead of `mark' here is wrong. The buffer may include user's + ;; signature which should not be MML-quoted. + (mml-quote-region (point) (point-max))) (defun notmuch-mua-forward-message () (message-forward) |