/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* Most of this code is copied from mimethsa. If you find a bug here, check that * class, too. */ /* This runs the entire HTML document through the Mozilla HTML parser, and then outputs it as string again. This ensures that the HTML document is syntactically correct and complete and all tags and attributes are closed. That prevents "MIME in the middle" attacks like efail.de. The base problem is that we concatenate different MIME parts in the output and render them all together as a single HTML document in the display. The better solution would be to put each MIME part into its own