diff --git a/css/html-response.css b/css/html-response.css new file mode 100644 index 0000000000..2b5c86d04b --- /dev/null +++ b/css/html-response.css @@ -0,0 +1,7 @@ +* { + font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Cantarell, Ubuntu, 'Helvetica Neue', Arial, 'Noto Color Emoji', sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; +} + +body { + color: var(--color-main-text); +} diff --git a/lib/Controller/MessagesController.php b/lib/Controller/MessagesController.php index b9882970b6..9c4dbb62cf 100755 --- a/lib/Controller/MessagesController.php +++ b/lib/Controller/MessagesController.php @@ -336,12 +336,13 @@ public function getSource(int $id): JSONResponse { * @TrapError * * @param int $id + * @param bool $plain do not inject scripts if true (default=false) * * @return HtmlResponse|TemplateResponse * * @throws ClientException */ - public function getHtmlBody(int $id): Response { + public function getHtmlBody(int $id, bool $plain=false): Response { try { try { $message = $this->mailManager->getMessage($this->currentUserId, $id); @@ -364,7 +365,8 @@ public function getHtmlBody(int $id): Response { true )->getHtmlBody( $id - ) + ), + $plain ); // Harden the default security policy diff --git a/lib/Http/HtmlResponse.php b/lib/Http/HtmlResponse.php index 9fbc6cdc34..5918dc16a8 100644 --- a/lib/Http/HtmlResponse.php +++ b/lib/Http/HtmlResponse.php @@ -25,6 +25,7 @@ namespace OCA\Mail\Http; +use OCP\Util; use OCP\AppFramework\Http\Response; class HtmlResponse extends Response { @@ -32,22 +33,32 @@ class HtmlResponse extends Response { /** @var string */ private $content; - private $injectedStyles = <<content = $content; + $this->plain = $plain; } /** - * Simply sets the headers and returns the file contents + * Inject scripts if not plain and return message html content. * - * @return string the file contents + * @return string message html content */ public function render(): string { - return '' . $this->content; + if ($this->plain) { + return $this->content; + } + + $nonce = \OC::$server->getContentSecurityPolicyNonceManager()->getNonce(); + $scriptSrc = Util::linkToAbsolute('mail', 'js/htmlresponse.js'); + return '' + . $this->content; } } diff --git a/package-lock.json b/package-lock.json index eef5b54a77..0dd1107917 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8024,6 +8024,11 @@ "integrity": "sha1-xg7taebY/bazEEofy8ocGS3FtQE=", "dev": true }, + "iframe-resizer": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/iframe-resizer/-/iframe-resizer-4.2.11.tgz", + "integrity": "sha512-fj5vX5kkpRbMb5Qje6veIDzqoJpnCEqUDdSOwASOeQHYmb8hLYX6Ev2yXf3jjMs2MclwcYY3chyZ3diGKcr8DA==" + }, "ignore": { "version": "5.1.8", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.8.tgz", diff --git a/package.json b/package.json index 381780ca5d..9b70f55659 100644 --- a/package.json +++ b/package.json @@ -49,6 +49,7 @@ "dompurify": "^2.2.0", "html-to-text": "^5.1.1", "ical.js": "^1.4.0", + "iframe-resizer": "^4.2.11", "js-base64": "^3.5.2", "lodash": "^4.17.20", "md5": "^2.3.0", diff --git a/src/components/Message.vue b/src/components/Message.vue index 2d5c49dbc0..c3fc1fa000 100644 --- a/src/components/Message.vue +++ b/src/components/Message.vue @@ -24,7 +24,7 @@
- + @@ -74,6 +74,11 @@ export default { required: true, type: Object, }, + fullHeight: { + required: false, + type: Boolean, + default: false, + }, }, computed: { from() { diff --git a/src/components/MessageHTMLBody.vue b/src/components/MessageHTMLBody.vue index 180027cb8a..b0af31512d 100644 --- a/src/components/MessageHTMLBody.vue +++ b/src/components/MessageHTMLBody.vue @@ -7,9 +7,9 @@
-
-