Request #9129: Allow admin to define list of safe e-mail addresses that will not...

diff --git a/imp/config/mime_drivers.php.dist b/imp/config/mime_drivers.php.dist
index b8dc816..013ef97 100644 (file)
--- a/imp/config/mime_drivers.php.dist
+++ b/imp/config/mime_drivers.php.dist
@@ -96,7 +96,10 @@ $mime_drivers['imp']['html'] = array(
      * Set to 0 to disable this check. */
     'limit_inline_size' => 1048576,
     /* Check for phishing exploits? */
-    'phishing_check' => true
+    'phishing_check' => true,
+    /* A list of from e-mail addresses that are considered "safe" for purposes
+     * of image blocking (if enabled). */
+    'safe_addrs' => array()
 );
 
 /**

diff --git a/imp/docs/CHANGES b/imp/docs/CHANGES
index 18b882b..91ef26d 100644 (file)
--- a/imp/docs/CHANGES
+++ b/imp/docs/CHANGES
@@ -2,6 +2,8 @@
 v5.0-git
 --------
 
+[mms] Allow admin to define list of safe e-mail addresses that will not
+      experience HTML image blocking (Request #9129).
 [mms] HTML compose editor uses Horde language for UI (Request #9084;
       leandro.damascena@gmail.com).
 [mms] Add config option to disable multipart/related conversions

diff --git a/imp/lib/Mime/Viewer/Html.php b/imp/lib/Mime/Viewer/Html.php
index ab410bb..6fb6aec 100644 (file)
--- a/imp/lib/Mime/Viewer/Html.php
+++ b/imp/lib/Mime/Viewer/Html.php
@@ -244,8 +244,7 @@ class IMP_Horde_Mime_Viewer_Html extends Horde_Mime_Viewer_Html
         if ($inline &&
             $GLOBALS['prefs']->getValue('html_image_replacement') &&
             preg_match($this->_img_regex, $this->_mimepart->getContents()) &&
-            (!$GLOBALS['prefs']->getValue('html_image_addrbook') ||
-             !$this->_inAddressBook())) {
+            !$this->_inAddressBook()) {
             $data = $this->blockImages($data);
 
             $status[] = array(
@@ -347,21 +346,21 @@ class IMP_Horde_Mime_Viewer_Html extends Horde_Mime_Viewer_Html
      */
     protected function _inAddressBook()
     {
-        /* If we don't have a contacts provider available, give up. */
-        if (!$GLOBALS['registry']->hasMethod('contacts/getField')) {
-            return false;
+        $from = Horde_Mime_Address::bareAddress($this->_params['contents']->getHeaderOb()->getValue('from'));
+
+        if ($GLOBALS['prefs']->getValue('html_image_addrbook') &&
+            $GLOBALS['registry']->hasMethod('contacts/getField')) {
+            $params = IMP::getAddressbookSearchParams();
+            try {
+                if ($GLOBALS['registry']->call('contacts/getField', array($from, '__key', $params['sources'], false, true))) {
+                    return true;
+                }
+            } catch (Horde_Exception $e) {}
         }
 
-        $params = IMP::getAddressbookSearchParams();
-        $headers = $this->_params['contents']->getHeaderOb();
-
-        /* Try to get back a result from the search. */
-        try {
-            $res = $GLOBALS['registry']->call('contacts/getField', array(Horde_Mime_Address::bareAddress($headers->getValue('from')), '__key', $params['sources'], false, true));
-            return count($res);
-        } catch (Horde_Exception $e) {
-            return false;
-        }
+        /* Check admin defined e-mail list. */
+        $safe_addrs = $this->getConfigParam('safe_addrs');
+        return (!empty($safe_addrs) && in_array($from, $safe_addrs));
     }
 
 }