Show HTML email in desktop instead of opening in browser

Goal:

Open the html email in a new dialog/window where user can press a button to allow external images / css.

Like on mobile:

• Do NOT run javascript
• Do NOT load remote content unless user allowed it.
• Open Links in browser and NOT in the webview the email is displayed in.

How?

No javascript:

• <iframe sandbox=""> disables javascript (unless you enable allow-scripts explicitly)
• can be turned off in the BrowserView | Electron in electron in webContents

Block Remote content:

Universal ideas:

• csp attribute on iframe - should work, but not on safari/webkit because it’s experimental, so would only work under windows in tauri. so no option for tauri.
• load from origin where we can set CSP via header - should work anywhere where we can do it.

Electron ideas:

• Browser view with csp from custom scheme, similar to what we already have for the webxdc window.

Catch navigation

Universal ideas:

• there does not seem a good way to do this, maybe some load event on the iframe, but might be difficult to do something, because we disabled js already, also the unload event fires after it’s loaded, which is the opposite of what we want here.

Electron ideas:

• event-will-navigate on webContents on Browserview

Other ideas:

we could sanitize the html before displaying it (for example with Ammonia — Rust web dev library // Lib.rs), then we don’t need to worry about scripts and other XSS and can inject our own javascript to redirect the links.
We could even remove remote content that way but it’s probably more complicated.

desktop 1.36 has this.