make abuse-text dynamic

[mikenowak]

So, abuse-text is currently hardcoded, that's problem number 1, I will look at making this more dynamic.

The abuse-text is exactly the content of the email sans the list of addresses that participated in the account takeover attack against Sony.

My current understanding is that the original parser author decided to hardcode this message to avoid exposing all the IP addresses covered by the report in ASH - In case that a single report included addresses assigned to multiple clients.

Please correct me if this assumption is invalid.

Nextly, regardless of this, on the Evidence tab, the abuse-text appears like one big unreadable blob of text, i.e. no formatting.

• No new line characters (of HTML break lines to be specific)
• HTML entities instead of HTML, i.e. "

The point is that it is pretty much unreadable.

I've looked at other parsers, but dont see anything similar to this.

For reference, I would just add that similar thing happens with the AbuseIO/parser-jmrp, so perhaps this isnt related to parsers but instead, to the way that the incidents are rendered in the frontend.

Does this make sense?

How would you like to handle this?

[kruisdraad]

Actually ASH formats JSON layered tables in a 2 level html table in the displayment of ASH reports. It does the same with e.g. e-mail headers .... it at least it should be (maybe its broken in 4.3?) However if the $report is not split up in Yaml in a key/value format then its just displayed as text.

That said its not just a privacy issue, but also a security issue ... you dont want any e-mail sender to display code into ASH in any way. The original e-mail is mostly added for evidence purposes for the abuseio owner and the report is a subset of data. Is the report so dynamic that dynamic data needs to be added? then please elaborate which data you mean.