Results 1 to 7 of 7

Thread: URL zimlet in plaintext?

  1. #1
    Baylink is offline Elite Member
    Join Date
    Aug 2008
    Location
    St Pete FL USA
    Posts
    392
    Rep Power
    6

    Default URL zimlet in plaintext?

    As I read my mailing list mail in forced plaintext mode, occasionally, I'll mouse over a URL someone's typed into a message in plaintext.

    And a popup will come up telling me the URL, which I already know.

    I assume that's the URL Zimlet; can't it be modified to notice that the message window is in plaintext, and realize that there's no way to Phish there and that its services are not needed?
    Jay R. Ashworth - ZCS 6.0.9CE/CentOS5 - St Pete FL US - Music - Blog - Photography - IANAL - IAAMA
    Try to Ask Questions The Smart Way -- you'll get better answers.

    Put your product and version in your profile/signature - All opinions strictly my own, even though I have an employer these days.
    If you [SOLVE] something, please tell everyone how for the archives
    And, please... read what people write, and answer the questions they asked, not the ones they didn't.

  2. #2
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    sounds like a good idea! these sorts of things should be filed as an rfe in bugzilla.

  3. #3
    Baylink is offline Elite Member
    Join Date
    Aug 2008
    Location
    St Pete FL USA
    Posts
    392
    Rep Power
    6

    Default

    Ah, yes... the long-standing "what's a bug, and what's a feature" discussion. :-)

    If that's what the URL Zimlet was designed to do: assist in avoiding phishing attacks, then I think a fairly good case can be made that that is *not* an RFE: it's doing something it doesn't need to do: text messages can't phish, since they can't hide "real" URLs under links -- any links in the message were created by the MUA -- and indeed, probably by the URL zimlet -- in the first place.
    Jay R. Ashworth - ZCS 6.0.9CE/CentOS5 - St Pete FL US - Music - Blog - Photography - IANAL - IAAMA
    Try to Ask Questions The Smart Way -- you'll get better answers.

    Put your product and version in your profile/signature - All opinions strictly my own, even though I have an employer these days.
    If you [SOLVE] something, please tell everyone how for the archives
    And, please... read what people write, and answer the questions they asked, not the ones they didn't.

  4. #4
    tdesorbaix is offline Zimlet Guru & Moderator
    Join Date
    Apr 2007
    Location
    Paris, France
    Posts
    367
    Rep Power
    8

    Default

    As far as I know, the zimlet url is not designed to assist in avoiding phishing attacks.
    It is only designed to detect links and allow you to click on it.
    It can also show you a thumbnail in the tooltip if you activate it in the config_template.xml
    If the preview thumbnail is disabled, then it will be replaced by a "URL: the url"

    If you don't want to have any tooltip on url, edit the following in the zimlet :
    -In the com_zimbra_url.zip, edit the url.js file
    -replace the following :
    Code:
    Com_Zimbra_Url.prototype.toolTipPoppedUp =
    function(spanElement, obj, context, canvas) {
    	var url = obj;
    	if (/^\s*true\s*$/i.test(this.getConfig("stripUrls"))) {
    		url = url.replace(/[?#].*$/, "");
    	}
    	
    	if(this._disablePreview){
    		this._showUrlThumbnail(url,canvas);
    	} else if (this._alexaId) {
    		this._showAlexaThumbnail(url, canvas);
    	} else {
    		// Pre-load placeholder image
    		(new Image()).src = this.getResource('blank_pixel.gif');
    		this._showFreeThumbnail(url, canvas);
    	}
    };
    by :
    Code:
    Com_Zimbra_Url.prototype.toolTipPoppedUp =
    function(spanElement, obj, context, canvas) {
    };
    -Deploy your modified zimlet

  5. #5
    Baylink is offline Elite Member
    Join Date
    Aug 2008
    Location
    St Pete FL USA
    Posts
    392
    Rep Power
    6

    Default

    I was pretty clear, I thought.

    I don't want to see a tooltip if I am in plaintext mode -- since it's not really useful.

    I'm sure that it *is* useful -- and in fact for helping spot phishes -- if one is viewing HTML, and I wouldn't want to break it for that.
    Jay R. Ashworth - ZCS 6.0.9CE/CentOS5 - St Pete FL US - Music - Blog - Photography - IANAL - IAAMA
    Try to Ask Questions The Smart Way -- you'll get better answers.

    Put your product and version in your profile/signature - All opinions strictly my own, even though I have an employer these days.
    If you [SOLVE] something, please tell everyone how for the archives
    And, please... read what people write, and answer the questions they asked, not the ones they didn't.

  6. #6
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    you're assuming it's just there for phising attacks - it's not, it's also there for convenience like many other zimlets. some people find it very useful for turning URLs in text messages into clickable links. some find it annoying and disable the zimlet (me!).

    it's not a bug, just clearly it doesn't work precisely how you like it. as usual, fix it yourself or log a bug/rfe.

  7. #7
    Baylink is offline Elite Member
    Join Date
    Aug 2008
    Location
    St Pete FL USA
    Posts
    392
    Rep Power
    6

    Default

    Ok, yeah; I see what you mean. If you like those silly popups -- and like you, I don't -- then it would be useful even in text mode.

    I do want to make a point, here, though.

    "Fix it yourself" is probably practical in the context of a Zimlet.

    But I don't think it's necessarily a reasonable response to, well, to things like this bug, for example. Getting to the point where one is practically capable of just off-hand fixing that, if one decides it's actually broken, entails getting married to an *enormous* code base, in at least 2 and maybe 3 different languages, with a truly amazing amount of scaffolding to hold them together; I think it's actually worse than trying to make a small change in Firefox.

    Unless you're the guy who *wrote* it, in which case a) it's more like "Oh yeah: that's *here*. Zzzzap! Ok, what's next?" and b) that's part of what we're paying for. I'm a designer by vocation; figuring out what things could be done better for users and how -- and telling coders -- is what I've gotten paid for for over 20 years; it's a reflex. I know it offends open source coders, but there's not much I can do about it.

    And both of those reasons are why I feel that it's a bit disingenous to dismiss such things with "we look forward to your patch", in this environment. :-)
    Last edited by Baylink; 09-17-2008 at 09:32 AM.
    Jay R. Ashworth - ZCS 6.0.9CE/CentOS5 - St Pete FL US - Music - Blog - Photography - IANAL - IAAMA
    Try to Ask Questions The Smart Way -- you'll get better answers.

    Put your product and version in your profile/signature - All opinions strictly my own, even though I have an employer these days.
    If you [SOLVE] something, please tell everyone how for the archives
    And, please... read what people write, and answer the questions they asked, not the ones they didn't.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  2. Outlook 2007 Beta error
    By bersrker in forum Zimbra Connector for Outlook
    Replies: 13
    Last Post: 07-17-2008, 07:38 AM
  3. Replies: 5
    Last Post: 01-11-2008, 05:34 AM
  4. Url zimlet issue when url contains a ?
    By NOZIL in forum Zimlets
    Replies: 0
    Last Post: 05-24-2007, 08:33 AM
  5. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •