@schukai/monster 4.32.0 → 4.32.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/CHANGELOG.md +16 -0
  2. package/package.json +1 -1
  3. package/source/components/content/viewer/html.mjs +111 -111
  4. package/source/components/content/viewer/message.mjs +763 -573
  5. package/source/components/content/viewer/style/html.pcss +25 -2
  6. package/source/components/content/viewer/stylesheet/html.mjs +7 -14
  7. package/source/components/content/viewer/stylesheet/message.mjs +6 -13
  8. package/source/components/form/select.mjs +2 -0
  9. package/source/components/notify/style/message.pcss +1 -1
  10. package/source/components/notify/stylesheet/message.mjs +7 -14
package/source/components/content/viewer/message.mjs CHANGED
@@ -14,10 +14,10 @@
14
14
 
15
15
  import { instanceSymbol } from "../../../constants.mjs";
16
16
  import {
17
- assembleMethodSymbol,
18
- CustomElement,
19
- registerCustomElement,
20
- updaterTransformerMethodsSymbol,
17
+ assembleMethodSymbol,
18
+ CustomElement,
19
+ registerCustomElement,
20
+ updaterTransformerMethodsSymbol,
21
21
  } from "../../../dom/customelement.mjs";
22
22
 
23
23
  import { sanitizeHtml } from "../../../dom/sanitize-html.mjs";
@@ -37,6 +37,12 @@ export { MessageContent };
37
37
  */
38
38
  const containerElementSymbol = Symbol("containerElement");
39
39
 
40
+ /**
41
+ * @privacy
42
+ * @type {symbol}
43
+ **/
44
+ const showPrivacyImagesSymbol = Symbol("showPrivvacyImages");
45
+
40
46
  /**
41
47
  * @private
42
48
  * @type {symbol}
@@ -57,375 +63,428 @@ const embeddedImageUrlsSymbol = Symbol("embeddedImageUrls");
57
63
  * @summary An HTML content component that can display sanitized HTML.
58
64
  */
59
65
  class MessageContent extends CustomElement {
60
- constructor() {
61
- super();
62
- this[embeddedImageUrlsSymbol] = [];
63
- }
64
-
65
- /**
66
- * This method is called by the `instanceof` operator.
67
- * @return {symbol}
68
- */
69
- static get [instanceSymbol]() {
70
- return Symbol.for(
71
- "@schukai/monster/components/content/viewer/message-content@@instance",
72
- );
73
- }
74
-
75
- /**
76
- * To set the options via the HTML tag, the attribute `data-monster-options` must be used.
77
- * @see {@link https://monsterjs.org/en/doc/#configurate-a-monster-control}
78
- *
79
- * The individual configuration values can be found in the table.
80
- *
81
- * @property {Object} templates Template definitions
82
- * @property {string} templates.main Main template
83
- * @property {string} content The HTML string to be displayed.
84
- * @property {Object} features Features to enable or disable specific functionalities.
85
- * @property {boolean} features.sanitize Whether to sanitize the HTML content (removes scripts, etc.). Defaults to true.
86
- * @property {object} sanitize Sanitization options.
87
- * @property {function} sanitize.callback A callback function to sanitize the HTML content. Defaults to a built-in sanitizer. You can use libraries like DOMPurify for this purpose.
88
- * @property {Object} message The message object containing email details.
89
- * @property {Object} message.from The sender's information.
90
- * @property {string|null} message.from.name The sender's name.
91
- * @property {string|null} message.from.address The sender's email address.
92
- * @property {Object} message.to The recipient's information.
93
- * @property {string|null} message.to.name The recipient's name.
94
- * @property {string|null} message.to.address The recipient's email address.
95
- * @property {Array} message.cc An array of CC recipients.
96
- * @property {string|null} message.subject The subject of the email.
97
- * @property {string|null} message.date The date of the email, formatted as a string.
98
- * @property {string|null} message.messageID The unique identifier of the email message.
99
- * @property {Array} message.parts An array of parts of the email, which can include text, HTML, attachments, etc.
100
- * @property {Array} message.attachments An array of attachments processed from the email parts.
101
- * @property {Object} message.headers Additional headers of the email.
102
- */
103
- get defaults() {
104
- return Object.assign({}, super.defaults, {
105
- templates: {
106
- main: getTemplate(),
107
- },
108
-
109
- templateFormatter: {
110
- marker: {
111
- open: null,
112
- close: null,
113
- },
114
- i18n: true,
115
- },
116
-
117
- content: "", // Default content is an empty slot
118
-
119
- features: {
120
- sanitize: true, // Enable sanitization by default
121
- },
122
-
123
- sanitize: {
124
- callback: sanitizeHtml.bind(this),
125
- },
126
-
127
- labels: getTranslations(),
128
-
129
- message: {
130
- from: {
131
- name: null,
132
- address: null,
133
- },
134
- to: {
135
- name: null,
136
- address: null,
137
- },
138
- cc: [],
139
- subject: null,
140
- date: null,
141
- messageID: null,
142
- parts: [],
143
- attachments: [], // Added for processed attachments
144
- headers: [],
145
- },
146
- });
147
- }
148
-
149
- /**
150
- * Returns the updater transformer methods for this component.
151
- * @returns {{sanitizeHtml: ((function(*): (*))|*)}}
152
- */
153
- [updaterTransformerMethodsSymbol]() {
154
- return {
155
- sanitizeHtml: (value) => {
156
- if (this.getOption("features.sanitize")) {
157
- return this.getOption("sanitize.callback")(value);
158
- }
159
- return value;
160
- },
161
- };
162
- }
163
-
164
- /**
165
- * Sets the content of the MessageContent component.
166
- * @param {Object} message The message object containing parts, headers, etc.
167
- * @returns {MessageContent}
168
- */
169
- setMessage(message) {
170
- if (!isObject(message)) {
171
- throw new Error("message must be an object");
172
- }
173
-
174
- this[embeddedImageUrlsSymbol].forEach((url) => URL.revokeObjectURL(url));
175
- this[embeddedImageUrlsSymbol] = [];
176
-
177
- this.setOption("message.from.name", message?.from?.name || null);
178
- this.setOption("message.from.address", message?.from?.address || null);
179
- this.setOption("message.to.name", message?.to?.name || null);
180
- this.setOption("message.to.address", message?.to?.address || null);
181
-
182
- const dateTime = message?.date ? new Date(message.date) : null;
183
- const localeDateTime = dateTime?.toLocaleString(navigator.language, {
184
- year: "numeric",
185
- month: "long",
186
- day: "numeric",
187
- hour: "2-digit",
188
- minute: "2-digit",
189
- });
190
-
191
- this.setOption("message.date", localeDateTime || null);
192
- this.setOption("message.cc", message?.cc || []);
193
- this.setOption("message.subject", message?.subject || null);
194
- this.setOption("message.messageID", message?.messageID || null);
195
-
196
- function escapeHTML(str) {
197
- return str
198
- .replace(/&/g, "&")
199
- .replace(/</g, "&lt;")
200
- .replace(/>/g, "&gt;")
201
- .replace(/"/g, "&quot;")
202
- .replace(/'/g, "&#39;");
203
- }
204
-
205
- const headers = [];
206
- for (const [key, value] of Object.entries(message?.headers || {})) {
207
- if (key && value) {
208
- let valueString = value;
209
- if (isArray(valueString)) {
210
- valueString = "<ul>";
211
- for (const item of value) {
212
- const escapedItem = escapeHTML(item);
213
- valueString += `<li>${escapedItem}</li>`;
214
- }
215
- valueString += "</ul>";
216
- }
217
-
218
- headers.push({
219
- key: key,
220
- value: valueString,
221
- });
222
- }
223
- }
224
-
225
- this.setOption("message.headers", headers || []);
226
-
227
- let htmlContent = "";
228
- let plainTextContent = "";
229
- const attachments = [];
230
- const embeddedImages = {};
231
-
232
- const processParts = (parts) => {
233
- if (!parts || !Array.isArray(parts)) {
234
- return;
235
- }
236
-
237
- for (const part of parts) {
238
- try {
239
- if (part.parts && part.parts.length > 0) {
240
- processParts(part.parts);
241
- } else if (
242
- part.dispositionType === "attachment" &&
243
- part.contentType
244
- ) {
245
- part["index"] = attachments.length; // Füge Index hinzu, um die Reihenfolge zu verfolgen
246
- part["fileSize"] = part.content ? part.content.length : 0; // Dateigröße in Bytes
247
- part["humanReadableSize"] = part.content
248
- ? `${(part.content.length / 1024).toFixed(2)} KB`
249
- : "0 KB"; // Menschlich lesbare Größe
250
-
251
- attachments.push(part);
252
- } else if (
253
- part.contentType &&
254
- part.contentType.startsWith("text/html")
255
- ) {
256
- htmlContent = part.content;
257
- } else if (
258
- part.contentType &&
259
- part.contentType.startsWith("text/plain")
260
- ) {
261
- if (!htmlContent) {
262
- plainTextContent = part.content;
263
- }
264
- } else if (
265
- part.dispositionType === "inline" &&
266
- part.contentType &&
267
- part.contentType.startsWith("image/")
268
- ) {
269
- const cid =
270
- part?.["contentId"] ||
271
- (part.filename
272
- ? part.filename.split(".").slice(0, -1).join(".")
273
- : null);
274
-
275
- if (cid) {
276
- embeddedImages[cid] = part;
277
- } else {
278
- console.warn(
279
- "Inline image part found without Content-ID or filename:",
280
- part,
281
- );
282
- }
283
- }
284
- } catch (e) {
285
- console.error("Error processing part:", part, e);
286
- }
287
- }
288
- };
289
-
290
- if (message?.parts) {
291
- processParts(message.parts);
292
- }
293
-
294
- if (!htmlContent && plainTextContent) {
295
- htmlContent = plainTextContent.replace(/\n/g, "<br>");
296
- }
297
-
298
- for (const cid in embeddedImages) {
299
- const imagePart = embeddedImages[cid];
300
- if (imagePart.content && imagePart.contentType) {
301
- try {
302
- const base64ImageContent = imagePart.content.replace(/\s/g, "");
303
- const imageContentType = imagePart.contentType;
304
- let cleanCid = imagePart.contentId;
305
-
306
- if (cleanCid) {
307
- cleanCid = cleanCid.trim();
308
- cleanCid = cleanCid.replace(/[\u0000-\u001F\u007F-\u009F]/g, ""); // Steuerzeichen entfernen
309
- } else {
310
- cleanCid = imagePart.filename
311
- ? imagePart.filename.split(".").slice(0, -1).join(".")
312
- : null;
313
- if (!cleanCid) {
314
- console.warn(
315
- "Content-ID or filename not found for an image part. Cannot replace CID in HTML.",
316
- );
317
- continue; // Überspringe dieses Bild, wenn CID fehlt
318
- }
319
- }
320
-
321
- const decodedContent = atob(base64ImageContent);
322
- const uint8Array = new Uint8Array(decodedContent.length);
323
- for (let i = 0; i < decodedContent.length; i++) {
324
- uint8Array[i] = decodedContent.charCodeAt(i);
325
- }
326
-
327
- const blob = new Blob([uint8Array], { type: imageContentType });
328
- const objectUrl = URL.createObjectURL(blob);
329
- this[embeddedImageUrlsSymbol].push(objectUrl); // Speichern zur späteren Widerrufung
330
-
331
- const imgRegex =
332
- /(<img\b(?:(?!src\s*=)[^>])*?)(?:\s+src\s*=\s*(["'])(?:\s*cid:[^'"]*|\s*)\2)?([^>]*>)/gi;
333
- htmlContent = htmlContent.replace(
334
- imgRegex,
335
- `$1 src="${objectUrl}"$3`,
336
- );
337
- } catch (e) {
338
- console.error(
339
- `Error processing embedded image with CID '${cid}':`,
340
- e,
341
- );
342
- htmlContent = htmlContent.replace(
343
- new RegExp(`cid:${cid}`, "g"),
344
- "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAA C0lEQVR42mP8Xw8AAo8GgAAAAgA+cQIPQAAAABJRU5ErkJggg==",
345
- );
346
- }
347
- }
348
- }
349
-
350
- this[contentContainerElementSymbol].setOption("content", htmlContent);
351
- this.setOption("message.attachments", attachments);
352
-
353
- this.setOption("message.parts", message?.parts || []);
354
-
355
- return this;
356
- }
357
-
358
- /**
359
- * Handles the click event for an attachment download button.
360
- * @param {Event} event
361
- * @param {Object} part The attachment part data.
362
- */
363
- onDownloadAttachmentClick(event, part) {
364
- event.preventDefault();
365
-
366
- if (part.content && part.filename && part.contentType) {
367
- try {
368
- // Assuming part.content is base64 encoded. Adjust if your content is raw binary.
369
- const decodedContent = atob(part.content);
370
- const uint8Array = new Uint8Array(decodedContent.length);
371
- for (let i = 0; i < decodedContent.length; i++) {
372
- uint8Array[i] = decodedContent.charCodeAt(i);
373
- }
374
- const blob = new Blob([uint8Array], { type: part.contentType });
375
-
376
- const url = URL.createObjectURL(blob);
377
- const a = document.createElement("a");
378
- a.href = url;
379
- a.download = part.filename;
380
- document.body.appendChild(a);
381
- a.click();
382
- document.body.removeChild(a);
383
- URL.revokeObjectURL(url);
384
- } catch (e) {
385
- console.error("Error downloading attachment:", e);
386
- alert(
387
- "Could not download file. Content might not be base64 or is corrupted.",
388
- );
389
- }
390
- } else {
391
- alert("Attachment content not available for download.");
392
- }
393
- }
394
-
395
- /**
396
- * @return {string}
397
- */
398
- static getTag() {
399
- return "monster-message-content";
400
- }
401
-
402
- /**
403
- * @return {MessageContent}
404
- */
405
- [assembleMethodSymbol]() {
406
- super[assembleMethodSymbol]();
407
- initControlReferences.call(this);
408
- initEventHandler.call(this);
409
- }
410
-
411
- /**
412
- * @return {Array}
413
- */
414
- static getCSSStyleSheet() {
415
- return [MessageStyleSheet];
416
- }
417
-
418
- /**
419
- * Cleans up any resources when the element is removed from the DOM.
420
- * Note: This method relies on the CustomElement base class calling it.
421
- * If CustomElement does not have a disconnectedCallback equivalent,
422
- * manual cleanup or a different strategy will be needed.
423
- */
424
- disconnectedCallback() {
425
- super.disconnectedCallback?.(); // Call super's disconnectedCallback if it exists
426
- this[embeddedImageUrlsSymbol].forEach((url) => URL.revokeObjectURL(url));
427
- this[embeddedImageUrlsSymbol] = [];
428
- }
66
+ constructor() {
67
+ super();
68
+ this[embeddedImageUrlsSymbol] = [];
69
+ }
70
+
71
+ /**
72
+ * This method is called by the `instanceof` operator.
73
+ * @return {symbol}
74
+ */
75
+ static get [instanceSymbol]() {
76
+ return Symbol.for(
77
+ "@schukai/monster/components/content/viewer/message-content@@instance",
78
+ );
79
+ }
80
+
81
+ /**
82
+ * To set the options via the HTML tag, the attribute `data-monster-options` must be used.
83
+ * @see {@link https://monsterjs.org/en/doc/#configurate-a-monster-control}
84
+ *
85
+ * The individual configuration values can be found in the table.
86
+ *
87
+ * @property {Object} templates Template definitions
88
+ * @property {string} templates.main Main template
89
+ * @property {string} content The HTML string to be displayed.
90
+ * @property {Object} features Features to enable or disable specific functionalities.
91
+ * @property {boolean} features.sanitize Whether to sanitize the HTML content (removes scripts, etc.). Defaults to true.
92
+ * @property {object} sanitize Sanitization options.
93
+ * @property {function} sanitize.callback A callback function to sanitize the HTML content. Defaults to a built-in sanitizer. You can use libraries like DOMPurify for this purpose.
94
+ * @property {Object} message The message object containing email details.
95
+ * @property {Object} message.from The sender's information.
96
+ * @property {string|null} message.from.name The sender's name.
97
+ * @property {string|null} message.from.address The sender's email address.
98
+ * @property {Object} message.to The recipient's information.
99
+ * @property {string|null} message.to.name The recipient's name.
100
+ * @property {string|null} message.to.address The recipient's email address.
101
+ * @property {Array} message.cc An array of CC recipients.
102
+ * @property {string|null} message.subject The subject of the email.
103
+ * @property {string|null} message.date The date of the email, formatted as a string.
104
+ * @property {string|null} message.messageID The unique identifier of the email message.
105
+ * @property {Array} message.parts An array of parts of the email, which can include text, HTML, attachments, etc.
106
+ * @property {Array} message.attachments An array of attachments processed from the email parts.
107
+ * @property {Object} message.headers Additional headers of the email.
108
+ */
109
+ get defaults() {
110
+ return Object.assign({}, super.defaults, {
111
+ templates: {
112
+ main: getTemplate(),
113
+ },
114
+
115
+ templateFormatter: {
116
+ marker: {
117
+ open: null,
118
+ close: null,
119
+ },
120
+ i18n: true,
121
+ },
122
+
123
+ privacy: {
124
+ visible: true,
125
+ },
126
+
127
+ content: "",
128
+
129
+ features: {
130
+ sanitize: true,
131
+ },
132
+
133
+ sanitize: {
134
+ callback: sanitizeHtml.bind(this),
135
+ },
136
+
137
+ labels: getTranslations(),
138
+
139
+ message: {
140
+ from: {
141
+ name: null,
142
+ address: null,
143
+ },
144
+ to: {
145
+ name: null,
146
+ address: null,
147
+ },
148
+ cc: [],
149
+ subject: null,
150
+ date: null,
151
+ messageID: null,
152
+ parts: [],
153
+ attachments: [], // Added for processed attachments
154
+ headers: [],
155
+ },
156
+ });
157
+ }
158
+
159
+ /**
160
+ * Returns the updater transformer methods for this component.
161
+ * @returns {{sanitizeHtml: ((function(*): (*))|*)}}
162
+ */
163
+ [updaterTransformerMethodsSymbol]() {
164
+ return {
165
+ sanitizeHtml: (value) => {
166
+ if (this.getOption("features.sanitize")) {
167
+ return this.getOption("sanitize.callback")(value);
168
+ }
169
+ return value;
170
+ },
171
+ };
172
+ }
173
+
174
+ /**
175
+ * Sets the content of the MessageContent component.
176
+ * @param {Object} message The message object containing parts, headers, etc.
177
+ * @returns {MessageContent}
178
+ */
179
+ setMessage(message) {
180
+ const self = this;
181
+ if (!isObject(message)) {
182
+ throw new Error("message must be an object");
183
+ }
184
+
185
+ this[embeddedImageUrlsSymbol].forEach((url) => URL.revokeObjectURL(url));
186
+ this[embeddedImageUrlsSymbol] = [];
187
+
188
+ this.setOption("message.from.name", message?.from?.name || null);
189
+ this.setOption("message.from.address", message?.from?.address || null);
190
+ this.setOption("message.to.name", message?.to?.name || null);
191
+ this.setOption("message.to.address", message?.to?.address || null);
192
+
193
+ const dateTime = message?.date ? new Date(message.date) : null;
194
+ const localeDateTime = dateTime?.toLocaleString(navigator.language, {
195
+ year: "numeric",
196
+ month: "long",
197
+ day: "numeric",
198
+ hour: "2-digit",
199
+ minute: "2-digit",
200
+ });
201
+
202
+ this.setOption("message.date", localeDateTime || null);
203
+ this.setOption("message.cc", message?.cc || []);
204
+ this.setOption("message.subject", message?.subject || null);
205
+ this.setOption("message.messageID", message?.messageID || null);
206
+
207
+ function escapeHTML(str) {
208
+ return str
209
+ .replace(/&/g, "&amp;")
210
+ .replace(/</g, "&lt;")
211
+ .replace(/>/g, "&gt;")
212
+ .replace(/"/g, "&quot;")
213
+ .replace(/'/g, "&#39;");
214
+ }
215
+
216
+ const headers = [];
217
+ let mainMimeType = null;
218
+ for (const [key, value] of Object.entries(message?.headers || {})) {
219
+ if (key && value) {
220
+ let valueString = value;
221
+ if (isArray(valueString)) {
222
+ valueString = "<ul>";
223
+ for (const item of value) {
224
+ const escapedItem = escapeHTML(item);
225
+ valueString += `<li>${escapedItem}</li>`;
226
+ }
227
+ valueString += "</ul>";
228
+ }
229
+ if (key.toLowerCase() === "content-type") {
230
+ mainMimeType = valueString.split(";")[0].trim();
231
+ }
232
+
233
+ headers.push({
234
+ key: key,
235
+ value: valueString,
236
+ });
237
+ }
238
+ }
239
+
240
+ this.setOption("message.headers", headers || []);
241
+
242
+ let htmlContent = "";
243
+ let plainTextContent = "";
244
+ const attachments = [];
245
+ const embeddedImages = {};
246
+
247
+ let maxDepth = 10; // Max recursion depth to prevent infinite loops
248
+ const processParts = (parts, depth = 0) => {
249
+ if (depth > maxDepth) {
250
+ console.warn(
251
+ `Max recursion depth exceeded for parts: ${JSON.stringify(parts)}`,
252
+ );
253
+ return;
254
+ }
255
+
256
+ if (!parts || !Array.isArray(parts)) {
257
+ return;
258
+ }
259
+
260
+ for (const part of parts) {
261
+ try {
262
+ if (part.parts && part.parts.length > 0) {
263
+ processParts(part.parts, depth + 1);
264
+ } else if (
265
+ part.dispositionType === "attachment" &&
266
+ part.contentType
267
+ ) {
268
+ part["index"] = attachments.length; // Füge Index hinzu, um die Reihenfolge zu verfolgen
269
+ part["fileSize"] = part.content ? part.content.length : 0; // Dateigröße in Bytes
270
+ part["humanReadableSize"] = part.content
271
+ ? `${(part.content.length / 1024).toFixed(2)} KB`
272
+ : "0 KB"; // Menschlich lesbare Größe
273
+
274
+ attachments.push(part);
275
+ } else if (
276
+ part.contentType &&
277
+ part.contentType.toLowerCase().startsWith("text/html")
278
+ ) {
279
+ htmlContent = part.content;
280
+ } else if (
281
+ part.contentType &&
282
+ part.contentType.toLowerCase().startsWith("text/plain")
283
+ ) {
284
+ if (!htmlContent) {
285
+ plainTextContent = part.content;
286
+ }
287
+ } else if (
288
+ // part.dispositionType === "inline" &&
289
+ part.contentType &&
290
+ part.contentType.toLowerCase().startsWith("image/")
291
+ ) {
292
+ const cid =
293
+ part?.["contentId"] ||
294
+ (part.filename
295
+ ? part.filename.split(".").slice(0, -1).join(".")
296
+ : null);
297
+
298
+ if (cid) {
299
+ embeddedImages[cid] = part;
300
+ } else {
301
+ console.warn(
302
+ "Inline image part found without Content-ID or filename:",
303
+ part,
304
+ );
305
+ }
306
+ }
307
+ } catch (e) {
308
+ console.error("Error processing part:", part, e);
309
+ }
310
+ }
311
+ };
312
+
313
+ if (message?.parts) {
314
+ processParts(message.parts);
315
+ }
316
+
317
+ if (!htmlContent && plainTextContent) {
318
+ htmlContent = plainTextContent.replace(/\n/g, "<br>");
319
+ }
320
+ for (const cid in embeddedImages) {
321
+ const imagePart = embeddedImages[cid];
322
+ if (imagePart.content && imagePart.contentType) {
323
+ try {
324
+ const base64ImageContent = imagePart.content.replace(/\s/g, "");
325
+ const imageContentType = imagePart.contentType;
326
+ let cleanCid = imagePart.contentId;
327
+
328
+ if (cleanCid) {
329
+ cleanCid = cleanCid.trim();
330
+ cleanCid = cleanCid.replace(/[\u0000-\u001F\u007F-\u009F]/g, ""); // Steuerzeichen entfernen
331
+ } else {
332
+ cleanCid = imagePart.filename
333
+ ? imagePart.filename.split(".").slice(0, -1).join(".")
334
+ : null;
335
+ if (!cleanCid) {
336
+ console.warn(
337
+ "Content-ID or filename not found for an image part. Cannot replace CID in HTML.",
338
+ );
339
+ continue; // Überspringe dieses Bild, wenn CID fehlt
340
+ }
341
+ }
342
+
343
+ const decodedContent = atob(base64ImageContent);
344
+ const uint8Array = new Uint8Array(decodedContent.length);
345
+ for (let i = 0; i < decodedContent.length; i++) {
346
+ uint8Array[i] = decodedContent.charCodeAt(i);
347
+ }
348
+
349
+ const blob = new Blob([uint8Array], { type: imageContentType });
350
+ const objectUrl = URL.createObjectURL(blob);
351
+ this[embeddedImageUrlsSymbol].push(objectUrl); // Speichern zur späteren Widerrufung
352
+
353
+ embeddedImages[cid].objectUrl = objectUrl;
354
+ } catch (e) {
355
+ console.error(
356
+ `Error processing embedded image with CID '${cid}':`,
357
+ e,
358
+ );
359
+ }
360
+ }
361
+ }
362
+
363
+ htmlContent = replaceCidImages.call(this, htmlContent, embeddedImages);
364
+
365
+ this[contentContainerElementSymbol].setOption("content", htmlContent);
366
+ this.setOption("message.attachments", attachments);
367
+
368
+ this.setOption("message.parts", message?.parts || []);
369
+
370
+ return this;
371
+ }
372
+
373
+ /**
374
+ * Handles the click event for an attachment download button.
375
+ * @param {Event} event
376
+ * @param {Object} part The attachment part data.
377
+ */
378
+ onDownloadAttachmentClick(event, part) {
379
+ event.preventDefault();
380
+
381
+ if (part.content && part.filename && part.contentType) {
382
+ try {
383
+ // Assuming part.content is base64 encoded. Adjust if your content is raw binary.
384
+ const decodedContent = atob(part.content);
385
+ const uint8Array = new Uint8Array(decodedContent.length);
386
+ for (let i = 0; i < decodedContent.length; i++) {
387
+ uint8Array[i] = decodedContent.charCodeAt(i);
388
+ }
389
+ const blob = new Blob([uint8Array], { type: part.contentType });
390
+
391
+ const url = URL.createObjectURL(blob);
392
+ const a = document.createElement("a");
393
+ a.href = url;
394
+ a.download = part.filename;
395
+ document.body.appendChild(a);
396
+ a.click();
397
+ document.body.removeChild(a);
398
+ URL.revokeObjectURL(url);
399
+ } catch (e) {
400
+ console.error("Error downloading attachment:", e);
401
+ alert(
402
+ "Could not download file. Content might not be base64 or is corrupted.",
403
+ );
404
+ }
405
+ } else {
406
+ alert("Attachment content not available for download.");
407
+ }
408
+ }
409
+
410
+ /**
411
+ * @return {string}
412
+ */
413
+ static getTag() {
414
+ return "monster-message-content";
415
+ }
416
+
417
+ /**
418
+ * @return {MessageContent}
419
+ */
420
+ [assembleMethodSymbol]() {
421
+ super[assembleMethodSymbol]();
422
+ initControlReferences.call(this);
423
+ initEventHandler.call(this);
424
+ }
425
+
426
+ /**
427
+ * @return {Array}
428
+ */
429
+ static getCSSStyleSheet() {
430
+ return [MessageStyleSheet];
431
+ }
432
+
433
+ /**
434
+ * Cleans up any resources when the element is removed from the DOM.
435
+ * Note: This method relies on the CustomElement base class calling it.
436
+ * If CustomElement does not have a disconnectedCallback equivalent,
437
+ * manual cleanup or a different strategy will be needed.
438
+ */
439
+ disconnectedCallback() {
440
+ super.disconnectedCallback?.(); // Call super's disconnectedCallback if it exists
441
+ this[embeddedImageUrlsSymbol].forEach((url) => URL.revokeObjectURL(url));
442
+ this[embeddedImageUrlsSymbol] = [];
443
+ }
444
+ }
445
+
446
+ /**
447
+ * Replaces 'cid:' images in the HTML content with actual URLs.
448
+ * @private
449
+ */
450
+ function replaceCidImages(htmlContent, replacements) {
451
+ const objectURLEmptyGif =
452
+ "data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7";
453
+
454
+ const parser = new DOMParser();
455
+ const doc = parser.parseFromString(htmlContent, "text/html");
456
+ const images = doc.querySelectorAll("img");
457
+ images.forEach((img) => {
458
+ const src = img.getAttribute("src");
459
+ if (src && src.toLowerCase().startsWith("cid:")) {
460
+ const cid = src.toLowerCase().substring(4);
461
+ if (replacements[cid]) {
462
+ img.setAttribute("src", replacements[cid].objectUrl);
463
+ }
464
+ return;
465
+ } else if (src && src.toLowerCase().startsWith("http")) {
466
+ const urlImage = new URL(src, document.location.href);
467
+ if (urlImage.origin !== document.location.origin) {
468
+ img.setAttribute("src", objectURLEmptyGif);
469
+ img.classList.add("privacyImage");
470
+ img.setAttribute("data-monster-privacy", "true");
471
+ img.setAttribute("data-monster-privacy_origin-url", src);
472
+
473
+ // If the src is an HTTP URL, we can keep it as is
474
+ img.setAttribute(
475
+ "title",
476
+ this.getOption("labels.privacyImageTitle") ||
477
+ "This image is from an external source and may not be safe to display.",
478
+ );
479
+ }
480
+ //
481
+ return;
482
+ }
483
+ });
484
+
485
+ // Serialize the modified document back to HTML
486
+ const serializer = new XMLSerializer();
487
+ return serializer.serializeToString(doc);
429
488
  }
430
489
 
431
490
  /**
@@ -433,136 +492,224 @@ class MessageContent extends CustomElement {
433
492
  * @return {MessageContent}
434
493
  */
435
494
  function initControlReferences() {
436
- if (!this.shadowRoot) {
437
- throw new Error("no shadow-root is defined");
438
- }
495
+ if (!this.shadowRoot) {
496
+ throw new Error("no shadow-root is defined");
497
+ }
498
+
499
+ this[showPrivacyImagesSymbol] = this.shadowRoot.querySelector(
500
+ "[data-monster-role=show-privacy-images]",
501
+ );
439
502
 
440
- this[containerElementSymbol] = this.shadowRoot.querySelector(
441
- "[data-monster-role=container]",
442
- );
503
+ this[containerElementSymbol] = this.shadowRoot.querySelector(
504
+ "[data-monster-role=container]",
505
+ );
443
506
 
444
- this[contentContainerElementSymbol] = this.shadowRoot.querySelector(
445
- "[data-monster-role=content-container]",
446
- );
507
+ this[contentContainerElementSymbol] = this.shadowRoot.querySelector(
508
+ "[data-monster-role=content-container]",
509
+ );
447
510
 
448
- return this;
511
+ return this;
449
512
  }
450
513
 
451
514
  function getTranslations() {
452
- const locale = getLocaleOfDocument();
453
- switch (locale.language) {
454
- case "de":
455
- return {
456
- content: "Inhalt",
457
- headers: "Kopfzeilen",
458
- };
459
- case "es":
460
- return {
461
- content: "Contenido",
462
- headers: "Encabezados",
463
- };
464
- case "zh":
465
- return {
466
- content: "内容",
467
- headers: "标题",
468
- };
469
-
470
- case "hi":
471
- return {
472
- content: "सामग्री",
473
- headers: "शीर्षक",
474
- };
475
-
476
- case "bn":
477
- return {
478
- content: "বিষয়বস্তু",
479
- headers: "শিরোনাম",
480
- };
481
-
482
- case "pt": // Portuguese
483
- return {
484
- content: "Conteúdo",
485
- headers: "Cabeçalhos",
486
- };
487
-
488
- case "ru": // Russian
489
- return {
490
- content: "Содержание",
491
- headers: "Заголовки",
492
- };
493
-
494
- case "ja": // Japanese
495
- return {
496
- content: "コンテンツ",
497
- headers: "ヘッダー",
498
- };
499
-
500
- case "pa": // Western Punjabi
501
- return {
502
- content: "ਸਮੱਗਰੀ",
503
- headers: "ਸਿਰਲੇਖ",
504
- };
505
-
506
- case "mr": // Marathi
507
- return {
508
- content: "सामग्री",
509
- headers: "शीर्षके",
510
- };
511
-
512
- case "fr": // French
513
- return {
514
- content: "Contenu",
515
- headers: "En-têtes",
516
- };
517
-
518
- case "it": // Italian
519
- return {
520
- content: "Contenuto",
521
- headers: "Intestazioni",
522
- };
523
-
524
- case "nl": // Dutch
525
- return {
526
- content: "Inhoud",
527
- headers: "Headers",
528
- };
529
-
530
- case "sv": // Swedish
531
- return {
532
- content: "Innehåll",
533
- headers: "Rubriker",
534
- };
535
-
536
- case "pl": // Polish
537
- return {
538
- content: "Zawartość",
539
- headers: "Nagłówki",
540
- };
541
-
542
- case "da": // Danish
543
- return {
544
- content: "Indhold",
545
- headers: "Overskrifter",
546
- };
547
-
548
- case "no": // Norwegian
549
- return {
550
- content: "Innhold",
551
- headers: "Overskrifter",
552
- };
553
-
554
- case "cs": // Czech
555
- return {
556
- content: "Obsah",
557
- headers: "Hlavičky",
558
- };
559
-
560
- default:
561
- return {
562
- content: "Content",
563
- headers: "Headers",
564
- };
565
- }
515
+ const locale = getLocaleOfDocument();
516
+ switch (locale.language) {
517
+ case "de": // German
518
+ return {
519
+ content: "Inhalt",
520
+ headers: "Kopfzeilen",
521
+ privacyText:
522
+ "Diese Nachricht kann externe Inhalte enthalten, die nicht sicher angezeigt werden können.",
523
+ showImages: "Bilder anzeigen",
524
+ privacyImageTitle:
525
+ "Dieses Bild stammt von einer externen Quelle und kann unsicher sein.",
526
+ };
527
+
528
+ case "es": // Spanish
529
+ return {
530
+ content: "Contenido",
531
+ headers: "Encabezados",
532
+ privacyText:
533
+ "Este mensaje puede contener contenido externo que no es seguro mostrar.",
534
+ showImages: "Mostrar imágenes",
535
+ privacyImageTitle:
536
+ "Esta imagen proviene de una fuente externa y puede no ser segura para mostrar.",
537
+ };
538
+
539
+ case "hi": // Hindi
540
+ return {
541
+ content: "सामग्री",
542
+ headers: "शीर्षक",
543
+ privacyText:
544
+ "इस संदेश में बाहरी सामग्री हो सकती है जिसे सुरक्षित रूप से प्रदर्शित नहीं किया जा सकता।",
545
+ showImages: "छवियाँ दिखाएँ",
546
+ privacyImageTitle:
547
+ "यह छवि एक बाहरी स्रोत से है और इसे प्रदर्शित करना सुरक्षित नहीं हो सकता।",
548
+ };
549
+
550
+ case "bn": // Bengali
551
+ return {
552
+ content: "বিষয়বস্তু",
553
+ headers: "শিরোনাম",
554
+ privacyText:
555
+ "এই বার্তাটিতে এমন বাহ্যিক বিষয়বস্তু থাকতে পারে যা নিরাপদে প্রদর্শন করা যায় না।",
556
+ showImages: "ছবি দেখান",
557
+ privacyImageTitle:
558
+ "এই চিত্রটি একটি বাহ্যিক উৎস থেকে এসেছে এবং এটি প্রদর্শন করা নিরাপদ নাও হতে পারে।",
559
+ };
560
+
561
+ case "pt": // Portuguese
562
+ return {
563
+ content: "Conteúdo",
564
+ headers: "Cabeçalhos",
565
+ privacyText:
566
+ "Esta mensagem pode conter conteúdo externo que não pode ser exibido com segurança.",
567
+ showImages: "Mostrar imagens",
568
+ };
569
+
570
+ case "ru": // Russian
571
+ return {
572
+ content: "Содержание",
573
+ headers: "Заголовки",
574
+ privacyText:
575
+ "Это сообщение может содержать внешнее содержимое, которое небезопасно отображать.",
576
+ showImages: "Показать изображения",
577
+ privacyImageTitle:
578
+ "Это изображение из внешнего источника и может быть небезопасным для отображения.",
579
+ };
580
+
581
+ case "ja": // Japanese
582
+ return {
583
+ content: "コンテンツ",
584
+ headers: "ヘッダー",
585
+ privacyText:
586
+ "このメッセージには安全に表示できない外部コンテンツが含まれている可能性があります。",
587
+ showImages: "画像を表示",
588
+ privacyImageTitle:
589
+ "この画像は外部ソースからのものであり、安全に表示できない可能性があります。",
590
+ };
591
+
592
+ case "pa": // Western Punjabi
593
+ return {
594
+ content: "ਸਮੱਗਰੀ",
595
+ headers: "ਸਿਰਲੇਖ",
596
+ privacyText:
597
+ "ਇਸ ਸੁਨੇਹੇ ਵਿੱਚ ਬਾਹਰੀ ਸਮੱਗਰੀ ਹੋ ਸਕਦੀ ਹੈ ਜਿਸ ਨੂੰ ਸੁਰੱਖਿਅਤ ਤਰੀਕੇ ਨਾਲ ਨਹੀਂ ਦਿਖਾਇਆ ਜਾ ਸਕਦਾ।",
598
+ showImages: "ਤਸਵੀਰਾਂ ਵੇਖੋ",
599
+ privacyImageTitle:
600
+ "ਇਹ ਤਸਵੀਰ ਇੱਕ ਬਾਹਰੀ ਸਰੋਤ ਤੋਂ ਹੈ ਅਤੇ ਇਸ ਨੂੰ ਦਿਖਾਉਣਾ ਸੁਰੱਖਿਅਤ ਨਹੀਂ ਹੋ ਸਕਦਾ।",
601
+ };
602
+
603
+ case "mr": // Marathi
604
+ return {
605
+ content: "सामग्री",
606
+ headers: "शीर्षके",
607
+ privacyText:
608
+ "या संदेशात सुरक्षितपणे दाखवता न येणारी बाह्य सामग्री असू शकते.",
609
+ showImages: "प्रतिमा दाखवा",
610
+ privacyImageTitle:
611
+ "ही प्रतिमा बाह्य स्रोताकडून आहे आणि ती दाखवणे सुरक्षित नसू शकते.",
612
+ };
613
+
614
+ case "fr": // French
615
+ return {
616
+ content: "Contenu",
617
+ headers: "En-têtes",
618
+ privacyText:
619
+ "Ce message peut contenir du contenu externe qui ne peut pas être affiché de façon sécurisée.",
620
+ showImages: "Afficher les images",
621
+ privacyImageTitle:
622
+ "Cette image provient d'une source externe et peut ne pas être sécurisée à afficher.",
623
+ };
624
+
625
+ case "it": // Italian
626
+ return {
627
+ content: "Contenuto",
628
+ headers: "Intestazioni",
629
+ privacyText:
630
+ "Questo messaggio può contenere contenuti esterni che non possono essere visualizzati in modo sicuro.",
631
+ showImages: "Mostra immagini",
632
+ privacyImageTitle:
633
+ "Questa immagine proviene da una fonte esterna e potrebbe non essere sicura da visualizzare.",
634
+ };
635
+
636
+ case "nl": // Dutch
637
+ return {
638
+ content: "Inhoud",
639
+ headers: "Headers",
640
+ privacyText:
641
+ "Dit bericht kan externe inhoud bevatten die niet veilig kan worden weergegeven.",
642
+ showImages: "Afbeeldingen tonen",
643
+ privacyImageTitle:
644
+ "Deze afbeelding komt van een externe bron en is mogelijk niet veilig om weer te geven.",
645
+ };
646
+
647
+ case "sv": // Swedish
648
+ return {
649
+ content: "Innehåll",
650
+ headers: "Rubriker",
651
+ privacyText:
652
+ "Detta meddelande kan innehålla extern information som inte kan visas säkert.",
653
+ showImages: "Visa bilder",
654
+ privacyImageTitle:
655
+ "Denna bild kommer från en extern källa och kan vara osäker att visa.",
656
+ };
657
+
658
+ case "pl": // Polish
659
+ return {
660
+ content: "Zawartość",
661
+ headers: "Nagłówki",
662
+ privacyText:
663
+ "Ta wiadomość może zawierać zewnętrzne treści, których nie można bezpiecznie wyświetlić.",
664
+ showImages: "Pokaż obrazy",
665
+ privacyImageTitle:
666
+ "Ten obraz pochodzi z zewnętrznego źródła i może nie być bezpieczny do wyświetlenia.",
667
+ };
668
+
669
+ case "da": // Danish
670
+ return {
671
+ content: "Indhold",
672
+ headers: "Overskrifter",
673
+ privacyText:
674
+ "Denne besked kan indeholde eksternt indhold, der ikke kan vises sikkert.",
675
+ showImages: "Vis billeder",
676
+ privacyImageTitle:
677
+ "Dette billede kommer fra en ekstern kilde og kan være usikkert at vise.",
678
+ };
679
+
680
+ case "no": // Norwegian
681
+ return {
682
+ content: "Innhold",
683
+ headers: "Overskrifter",
684
+ privacyText:
685
+ "Denne meldingen kan inneholde eksternt innhold som ikke kan vises sikkert.",
686
+ showImages: "Vis bilder",
687
+ privacyImageTitle:
688
+ "Dette bildet kommer fra en ekstern kilde og kan være usikkert å vise.",
689
+ };
690
+
691
+ case "cs": // Czech
692
+ return {
693
+ content: "Obsah",
694
+ headers: "Hlavičky",
695
+ privacyText:
696
+ "Tato zpráva může obsahovat externí obsah, který nelze bezpečně zobrazit.",
697
+ showImages: "Zobrazit obrázky",
698
+ privacyImageTitle:
699
+ "Tento obrázek pochází z externího zdroje a nemusí být bezpečný k zobrazení.",
700
+ };
701
+
702
+ default: // English fallback
703
+ return {
704
+ content: "Content",
705
+ headers: "Headers",
706
+ privacyText:
707
+ "This message may contain external content that cannot be displayed securely.",
708
+ showImages: "Show images",
709
+ privacyImageTitle:
710
+ "This image is from an external source and may not be safe to display.",
711
+ };
712
+ }
566
713
  }
567
714
 
568
715
  /**
@@ -571,44 +718,44 @@ function getTranslations() {
571
718
  * @param attachments
572
719
  */
573
720
  function downloadAttachmentByIndex(index, attachments) {
574
- const part = attachments[index];
575
- if (!part) {
576
- console.error(`Attachment mit Index ${index} nicht gefunden.`);
577
- return;
578
- }
579
-
580
- const { filename, contentType, content } = part;
581
-
582
- try {
583
- let decodedContent;
584
- if (contentType.startsWith("text/")) {
585
- // Check if it's a text type
586
- decodedContent = content; // Content is plain text
587
- } else {
588
- decodedContent = atob(content); // Assume base64 for other types
589
- }
590
-
591
- const len = decodedContent.length;
592
- const bytes = new Uint8Array(len);
593
- for (let i = 0; i < len; i++) {
594
- bytes[i] = decodedContent.charCodeAt(i);
595
- }
596
-
597
- const blob = new Blob([bytes], { type: contentType });
598
- const dataUrl = URL.createObjectURL(blob);
599
-
600
- const a = document.createElement("a");
601
- a.style.display = "none";
602
- a.href = dataUrl;
603
- a.download = filename;
604
- document.body.appendChild(a);
605
- a.click();
606
- document.body.removeChild(a);
607
-
608
- URL.revokeObjectURL(dataUrl);
609
- } catch (e) {
610
- console.error("Error downloading attachment:", e);
611
- }
721
+ const part = attachments[index];
722
+ if (!part) {
723
+ console.error(`Attachment mit Index ${index} nicht gefunden.`);
724
+ return;
725
+ }
726
+
727
+ const { filename, contentType, content } = part;
728
+
729
+ try {
730
+ let decodedContent;
731
+ if (contentType.startsWith("text/")) {
732
+ // Check if it's a text type
733
+ decodedContent = content; // Content is plain text
734
+ } else {
735
+ decodedContent = atob(content); // Assume base64 for other types
736
+ }
737
+
738
+ const len = decodedContent.length;
739
+ const bytes = new Uint8Array(len);
740
+ for (let i = 0; i < len; i++) {
741
+ bytes[i] = decodedContent.charCodeAt(i);
742
+ }
743
+
744
+ const blob = new Blob([bytes], { type: contentType });
745
+ const dataUrl = URL.createObjectURL(blob);
746
+
747
+ const a = document.createElement("a");
748
+ a.style.display = "none";
749
+ a.href = dataUrl;
750
+ a.download = filename;
751
+ document.body.appendChild(a);
752
+ a.click();
753
+ document.body.removeChild(a);
754
+
755
+ URL.revokeObjectURL(dataUrl);
756
+ } catch (e) {
757
+ console.error("Error downloading attachment:", e);
758
+ }
612
759
  }
613
760
 
614
761
  /**
@@ -617,41 +764,81 @@ function downloadAttachmentByIndex(index, attachments) {
617
764
  * @returns {initEventHandler}
618
765
  */
619
766
  function initEventHandler() {
620
- this[containerElementSymbol].addEventListener("click", (event) => {
621
- const card = findTargetElementFromEvent(
622
- event,
623
- "data-monster-role",
624
- "attachment",
625
- );
626
- if (card) {
627
- const index = card.getAttribute("data-monster-index");
628
- const attachments = this.getOption("message.attachments");
629
- if (
630
- index !== null &&
631
- index !== undefined &&
632
- attachments &&
633
- Array.isArray(attachments)
634
- ) {
635
- const parsedIndex = parseInt(index, 10);
636
- if (
637
- !isNaN(parsedIndex) &&
638
- parsedIndex >= 0 &&
639
- parsedIndex < attachments.length
640
- ) {
641
- downloadAttachmentByIndex(parsedIndex, attachments);
642
- } else {
643
- this.dispatchEvent(
644
- new CustomEvent("error", {
645
- detail: {
646
- message: `Invalid attachment index: ${index}. Must be a number between 0 and ${attachments.length - 1}.`,
647
- },
648
- }),
649
- );
650
- }
651
- }
652
- }
653
- });
654
- return this;
767
+ this[showPrivacyImagesSymbol].addEventListener("click", (event) => {
768
+ event.preventDefault();
769
+
770
+ const currentContent =
771
+ this[contentContainerElementSymbol].getOption("content");
772
+ if (!currentContent) {
773
+ console.warn("No content available to show privacy images.");
774
+ return;
775
+ }
776
+
777
+ const domParser = new DOMParser();
778
+ const doc = domParser.parseFromString(currentContent, "text/html");
779
+
780
+ doc.querySelectorAll("img[data-monster-privacy=true]").forEach((img) => {
781
+ const originalUrl = img.getAttribute("data-monster-privacy_origin-url");
782
+ if (originalUrl) {
783
+ img.setAttribute("src", originalUrl);
784
+ img.removeAttribute("data-monster-privacy");
785
+ img.removeAttribute("data-monster-privacy_origin-url");
786
+ img.removeAttribute("title");
787
+
788
+ img.classList.remove("privacyImage");
789
+ img.setAttribute(
790
+ "onerror",
791
+ "this.classList.add('notFoundImage'); this.src='data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7';",
792
+ );
793
+
794
+ this.setOption("privacy.visible", false); // Hide the privacy text
795
+ }
796
+ });
797
+
798
+ this[contentContainerElementSymbol].setOption("features.sanitize", false);
799
+ setTimeout(() => {
800
+ this[contentContainerElementSymbol].setOption(
801
+ "content",
802
+ doc.documentElement.outerHTML,
803
+ );
804
+ }, 0);
805
+ });
806
+
807
+ this[containerElementSymbol].addEventListener("click", (event) => {
808
+ const card = findTargetElementFromEvent(
809
+ event,
810
+ "data-monster-role",
811
+ "attachment",
812
+ );
813
+ if (card) {
814
+ const index = card.getAttribute("data-monster-index");
815
+ const attachments = this.getOption("message.attachments");
816
+ if (
817
+ index !== null &&
818
+ index !== undefined &&
819
+ attachments &&
820
+ Array.isArray(attachments)
821
+ ) {
822
+ const parsedIndex = parseInt(index, 10);
823
+ if (
824
+ !isNaN(parsedIndex) &&
825
+ parsedIndex >= 0 &&
826
+ parsedIndex < attachments.length
827
+ ) {
828
+ downloadAttachmentByIndex(parsedIndex, attachments);
829
+ } else {
830
+ this.dispatchEvent(
831
+ new CustomEvent("error", {
832
+ detail: {
833
+ message: `Invalid attachment index: ${index}. Must be a number between 0 and ${attachments.length - 1}.`,
834
+ },
835
+ }),
836
+ );
837
+ }
838
+ }
839
+ }
840
+ });
841
+ return this;
655
842
  }
656
843
 
657
844
  /**
@@ -659,9 +846,8 @@ function initEventHandler() {
659
846
  * @return {string}
660
847
  */
661
848
  function getTemplate() {
662
- // language=HTML
663
- return `
664
-
849
+ // language=HTML
850
+ return `
665
851
  <template id="attachments">
666
852
  <div class="attachments">
667
853
  <div class="attachment-card"
@@ -693,6 +879,10 @@ function getTemplate() {
693
879
  class="reduced" data-monster-replace="path:message.from.address"></span></strong></div>
694
880
  <div class="emailDate" data-monster-replace="path:message.date | default:—"></div>
695
881
  <div class="emailSubject" data-monster-replace="path:message.subject | default:—"></div>
882
+ <div data-monster-attributes="class path:privacy.visible | ?::hidden">
883
+ <p data-monster-replace="path:labels.privacyText | default: "></p>
884
+ <monster-button data-monster-role="show-privacy-images" data-monster-replace="path:labels.showImages"></monster-button>
885
+ </div>
696
886
  </div>
697
887
 
698
888
  <monster-tabs>