I cannot seem to find any docs indicating that this is possible, is there a way to send a MIME formatted message using PHPMailer?
I'm not using $mail->setFrom, $mail->Subject, $mail->Body etc. because the content I have is already in mime format ie. a block of text similar to below
From: Some One <someone#example.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="XXXXboundary text"
Subject: This is a test
This is a multipart message in MIME format.
--XXXXboundary text
Content-Type: text/plain
this is the body text
--XXXXboundary text
Content-Type: text/plain;
Content-Disposition: attachment;
filename="test.txt"
this is the attachment text
--XXXXboundary text--
Out of the box, no. It might be possible if you wrote a new client class that made use of the low-level SMTP class, but this is really not PHPMailer's purpose and it won't do this in its current form. You might be better off using Symfony's or Laminas' email components.
Related
I want to show html body in mail, I was sending mail through SMTP server using windows service. I write the request in a file & pass this file to MIME.Load() method to read that file and extract the data from that file, but here I get body in plain text format, & so empty body shows when actual email sent. I code for this as below, I use C# for coding
var message = MimeMessage.Load(emailFile);
I have html body but when I checked this message it gives me only plain text and does not shows its html version. I don't understand here how to set or change plain text body to html body in Mime. Does anyone knows about the solution. Thanks
In my current project, we are sending some user chosen services to the mail address provided in input.
We are using a HTML file to format the services and copying this html template to 'mail.Body' before sending the email.
The emails are sent using Sendgrid
When recieving this in gmail ,only for some clients (Set-A) ,even for short email '[Message clipped] View entire message' is shown at the bottom of the email.
We use similar html template to send it for different clients(Set -B), but '[Message clipped] View entire message' is NOT DISPLAYED in this mail ,even when the email is longer.
Tried minified HTML template , but still 'View entire message' is shown at bottom of gmail for only Set-A clients.
The HTML file size before copying to mail body for Set-A (40.11KB) is smaller than that of Set-B (49.09KB).
So I am assuming size is not the problem for this
I compared both the HMTL templates, no difference in styles or other HTML tags. Just the text content is different.
Kindly advise how to avoid this 'View Entire message' option being displayed.
For me it had to do with the character set of the email body. Email body "Hej på dig!" and "Content-Type: text/plain; charset=UTF-8" would reproduce the bug.
You need to make sure that the email body is indeed encoded as declared (check using "show original"). After converting the body from ISO-8859-1 to UTF-8 the problem went away.
I have the below code in the controller.
The parameters base64String, fileName are being sent from the browser.
var fileContent = Convert.FromBase64String(base64String);
return File(fileContent, contentType, fileName);
How do I address the XSS threat here?
The above code is based on a fix recommended here
Kendo UI Grid Export to Excel / PDF not working on IE9
I'm assuming you are not returning HTML to your users (you are returning PDFs or Excel files, or something else for download by the browser instead of for render).
The general guidelines are as follows:
Set the correct Content-Type header.
Set the following response header: X-Content-Type-Options: nosniff. Browsers such as Internet Explorer will try and auto detect the content type and ignore the one you've just set.
Set the Content-Disposition header so the browser downloads the file rather than displaying it: Content-Disposition: attachment; filename="bar.pdf"
Following the above should ensure that any script code contained in the file is not executed by your browser. Be aware that IE (again!) can sometimes process script in XML files, so you should test for this.
I have a .jade view that contains this:
iframe(width='800', height='166', scrolling='no', frameborder='no', src= srcStr)
And I try to render it using an input source url from the user by doing this:
var string = req.body.code;
res.render('embedview', { srcStr: string});
Now, the rendered page will just show an iframe without any content, even though the iframe code looks correct (with a src="..." attribute) when I view its source. Almost seems like it first loads the iframe with src="" and then pastes the source url in without reloading.
It is not an issue with your jade markup or HTML markup generated. I got your snippet to work fine for me once I provided a url to a page that supports being iframed from a different domain.
www.google.com for example does not support this. You can see in the response below for curl -v http://www.google.com the header X-Frame-Options
< HTTP/1.1 200 OK
< Date: Wed, 22 Aug 2012 22:21:45 GMT
< Expires: -1
< Cache-Control: private, max-age=0
< Content-Type: text/html; charset=ISO-8859-1
...
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Transfer-Encoding: chunked
You can turn this option off if you control the code for the page being served.
This is a security measure to prevent click jacking. You can read more about it here
https://developer.mozilla.org/en-US/docs/The_X-FRAME-OPTIONS_response_header
I'm dynamically generating a text file in PHP, so it has a .php extension but a text/plain MIME type. All browsers display the file as nicely preformatted text, except IE8.
Googling tells me that they've added security where if the HTTP header content type doesn't match the expected content type (I think based on the extension and some sniffing) then it forces the file to be downloaded. In my case I have to open it, and also give it permission to open the file I just told it open! That's probably a Win7 annoyance though. Serving a static plain text file works fine, of course.
So can I stop IE8 from downloading the file and get it to view it normally? The code has to run on multiple shared hosting environments, so I think I'm stuck with the .php extension.
Add this to your HTTP header:
X-Content-Type-Options: nosniff
It's an IE8 feature to opt-out of its MIME-sniffing.
Source
Alternatively, you can "trick" IE8 into thinking that it is indeed serving up a text file. These 2 lines do it for me and don't involve using non-standardized "X-" headers:
Header("Content-Type: text/plain");
Header("Content-Disposition: inline; filename=\"whatever.txt\"");