42 lines
1.3 KiB
Twig
42 lines
1.3 KiB
Twig
{% extends 'layout.twig' %}
|
|
|
|
{% block body %}
|
|
|
|
<div style="float: right; text-align: end;">
|
|
<a href="/{{ address }}">
|
|
← Return to inbox</a>
|
|
<br>
|
|
<a href="/{{ address }}/delete/{{ uid }}">
|
|
Delete Email</a>
|
|
<br>
|
|
<a href="/login">
|
|
Logout</a>
|
|
</div>
|
|
<hr>
|
|
<div style="text-align: center;">
|
|
<h1>{{ mail.subject }}</h1>
|
|
</div>
|
|
{% if mail.html %}
|
|
<div>
|
|
|
|
{# TODO:
|
|
Find a better solution for this monstrocity.
|
|
Replaces clean html tag with styled one for readabbility.
|
|
Realistically, the entire iFrame or even website itself might be vulnerable.
|
|
srcdoc='html' seems like a very, very unsafe method to me, unfortunately I havent found a better solution.
|
|
#}
|
|
|
|
<iframe sandbox="allow-popups allow-popups-to-escape-sandbox" csp="script-src 'none'" srcdoc='{{ mail.html|replace({'<html>': '<html style="color: white"'}) }}'></iframe>
|
|
</div>
|
|
{% elseif mail.textAsHtml %}
|
|
<div class="mail_body">
|
|
{{ mail.textAsHtml|raw }}
|
|
</div>
|
|
{% else %}
|
|
<div class="mail_body"></div>
|
|
{% endif %}
|
|
<h3 style="text-align: center;display: block;">{{ mail.from.text }} | {{ mail.date| date }}</h3>
|
|
|
|
|
|
{% endblock %}
|