odd behaviour when "Google Analytics Opt-out Add-on" is installed

[Flyingmana]

if "Google Analytics Opt-out Add-on" is installed, mailcatcher has the following code as part of the mail plain text view:
window["_gaUserPrefs"] = { ioo : function() { return true; } }

https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh

[sj26]

This is a problem with the addon, not with mailcatcher.

[Flyingmana]

thats possible, but it does not add this snippet to everything, So I assumed its easy to fix on mailcatchers side by adjusting the js/fetching method.

[sj26]

I'd be happy to accept a patch improving JavaScript message retrieval.

[Flyingmana]

providing a patch will not be possible for me, as iam not experienced with ruby applications and how to run them locally.

But I think I found the causing part of the code here:

mailcatcher/assets/javascripts/mailcatcher.js.coffee

Line 278 in f80a80e

text = text.replace(/((http|ftp|https):\/\/[\w\-_]+(\.[\w\-_]+)+([\w\-\.,@?^=%&amp;:\/~\+#]*[\w\-\@?^=%&amp;\/~\+#])?)/g, """<a href="$1" target="_blank">$1</a>""")

what exactly should this replace do?

The problem occurs, because the plugin already injected the <script> tag when message_iframe.text() happens. But text() removes script tags, without removing the content of them.

Why does the script tag land there at all? because its an iframe, and it injects the script tag on document load I assume.

It seems for me, as there is in general an odd handling of script tags. Why not remove them fully, or encode them?
Also it lets trough other html tags like strong and span, so I would not assume thats meant as a filter.

[sj26]

Ah right. This should be fixed by #242, then.