Email display - HTML iFrame, or not?

psten00 · October 5, 2023, 9:26pm

My app is storing emails parsed from Postmark, including the full HTML body. In certain instances, I want to display the full HTML version of the email in the app.

I have used the HTML element for this - but is there a security concern with using this approach? If someone emailed some bad HTML in the email body, could that cause issues?

Would switching this to an iFrame help with this?

tylerboodman · October 6, 2023, 6:30am

Yes use iframe

I’ve had HTML the email break the entire app page because it had conflicting css/html

Just view an email from Discord and you’ll see what I mean

My issue still is links inside the email the user can click on, and it will actually navigate to the new page inside the HTML element. Still need to work on fixing that

Topic		Replies	Views
HTML formatting of text messing with app formatting Need help	3	85	July 31, 2024
HTML Blocking app Need help	2	227	December 3, 2023
Picture message Need help	3	357	May 30, 2018
iFrame security risk for my app? Questions	3	1428	September 16, 2022
Question about iFrames and Security Questions	0	140	January 30, 2024

Email display - HTML iFrame, or not?

Related topics