From 4889a81784fcdfc56c003097acad96a7348dfb74 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Fri, 7 Nov 2025 16:06:01 +0000 Subject: [PATCH] [Fix] Skip HTML_DISPLAYED URLs in CTA detection HTML_DISPLAYED URLs are phishing bait text (display-only) and should not be considered for CTA (call-to-action) detection. Only real link targets should be analyzed for CTA purposes. --- src/libserver/html/html_cta.cxx | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libserver/html/html_cta.cxx b/src/libserver/html/html_cta.cxx index 8646b8b50a..2e2579828a 100644 --- a/src/libserver/html/html_cta.cxx +++ b/src/libserver/html/html_cta.cxx @@ -529,6 +529,7 @@ void rspamd_html_process_cta_urls(struct rspamd_mime_text_part *text_part, if (!(u->protocol == PROTOCOL_HTTP || u->protocol == PROTOCOL_HTTPS)) continue; if (u->flags & RSPAMD_URL_FLAG_INVISIBLE) continue; if (u->flags & RSPAMD_URL_FLAG_IMAGE) continue; + if (u->flags & RSPAMD_URL_FLAG_HTML_DISPLAYED) continue; /* Skip display-only URLs (phishing bait text) */ /* Use button_weight to filter CTA URLs vs technical URLs * Technical tags like ,