Menu
I'm currently working on a application which includes the functionality to display email in a web gui and now I'm wondering what's best practice for displaying email in a web browser, first I though that I should use an iframe but when looking in the source of the major web mail clients they don't seem to use iframes so that's why I'm asking here. I'm worried that styles and scripts from the mail will affect the rest of my site (also xss) but I still want the emails to be shown the way they are intended to be shown.
485
Major (web)mail clients will remove some portions of your code. Like background-images from tables, style applied to the body tag, remove javascript, etc. They do that to ensure it won't affect their own design and functionalities.
You have to do the same.
You would most certainly have a div where you put your cleaned email body. How you clean the email body is up to what you agree to allow...
72
answered Dec 21 '25 03:12
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
