SquatchMail.Web.Live.Sighting (SquatchMail v0.1.0)

Copy Markdown View Source

The Sighting inspector — GET <dashboard_path>/sightings/:public_id.

Renders the "SIGHTING REPORT" for one email: a status/engagement summary, and five tabs — Preview, Text, Headers, Footprints (the event timeline), and Raw.

Preview tab sandboxing

html_body is arbitrary, third-party HTML the host application sent (or that arrived via SES capture) — it is untrusted content, not markup this app authored. It is rendered via an <iframe srcdoc="..."> with sandbox="allow-same-origin" and no allow-scripts in the sandbox token list, and it is never passed through raw/1/Phoenix.HTML.raw/1 into the surrounding page — only ever into the iframe's srcdoc attribute, which HEEx escapes as a normal attribute value (so embedded " / < in the HTML can't break out of the attribute or inject into the parent document). The combination means: even if html_body contains <script>, the browser's sandbox refuses to execute it (no allow-scripts token), and it can never execute in the parent frame's origin/context regardless (that's what an iframe boundary is for) — the worst case is inert markup rendered inside the sandboxed frame.

Back-navigation preserves filters

The "back to the trail" link reads a ?back= query param (the page path suffix and filter query string TrailLog was showing when the user clicked into this sighting — see TrailLog's sighting_path/2) and round-trips it, rather than hard-coding a plain link back to dashboard_path, so returning from the inspector lands on the same page (Trail Log, Sightings, Bounces, or Complaints) with its filters intact.