Steps to reproduce
Bug description
When opening an HTML email in Nextcloud Mail, the message preview iframe initially renders at a small size (text appears small, content fits without scrollbar). Shortly after, without any user interaction, the iframe resizes to full content height — making the preview much larger and requiring a scrollbar to read the message. The rest of the page (sidebar, toolbar) remains unaffected; only the message preview iframe changes size.
This behavior is reproducible consistently. It appears to be related to a delayed response from iFrameResizer / htmlresponse.js — the iframe first renders at its default size, and only after the resizer script communicates the actual content dimensions does it expand.
Steps to reproduce
- Open Nextcloud Mail in Safari
- Click on any HTML email in the message list
- Observe the message preview panel on the right — it initially loads at a small size
- Wait 1–3 seconds without doing anything
- The preview iframe automatically grows to full content height, requiring a scrollbar
Expected behavior
The message preview iframe should render at the correct size immediately upon opening, without a visible resize jump.
Actual behavior
The iframe first appears small (compressed view), then without user interaction resizes to full height. This causes a jarring visual jump and makes the preview unusable until the resize completes.
Mail app version
5.7.12
Nextcloud version
33.0.2
Mailserver or service
Dovecot
Operating system
MacOS, Safari latest version
PHP engine version
Other
Nextcloud memory caching
No response
Web server
Apache (supported)
Database
MariaDB
Additional info
sudo -u apache php /var/www/html/nextcloud/occ config:list system
{
"system": {
"instanceid": "REMOVED SENSITIVE VALUE",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"localhost",
"REMOVED SENSITIVE VALUE",
"REMOVED SENSITIVE VALUE"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"dbtype": "mysql",
"version": "33.0.0.16",
"overwriteprotocol": "https",
"overwrite.cli.url": "https://nc.remak.cz",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"disable_ipv6": true,
"maintenance_window_start": 1,
"default_phone_region": "CZ",
"serverid": 1,
"memcache.local": "\OC\Memcache\APCu",
"memcache.locking": "\OC\Memcache\Redis",
"default_language": "cs",
"redis": {
"host": "REMOVED SENSITIVE VALUE",
"port": 6379
},
"maintenance": false,
"allow_local_remote_servers": true,
"app_install_overwrite": [],
"mail_smtppassword": "REMOVED SENSITIVE VALUE",
"mail_smtpname": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_smtpmode": "smtp",
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"mail_smtpauth": true,
"mail_smtpport": "25",
"mail_sendmailmode": "smtp",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": true,
"verify_peer": false,
"verify_peer_name": false
}
},
"forbidden_filename_basenames": [
"con",
"prn",
"aux",
"nul",
"com0",
"com1",
"com2",
"com3",
"com4",
"com5",
"com6",
"com7",
"com8",
"com9",
"com\u00b9",
"com\u00b2",
"com\u00b3",
"lpt0",
"lpt1",
"lpt2",
"lpt3",
"lpt4",
"lpt5",
"lpt6",
"lpt7",
"lpt8",
"lpt9",
"lpt\u00b9",
"lpt\u00b2",
"lpt\u00b3"
],
"forbidden_filename_characters": [
"<",
">",
":",
""",
"|",
"?",
"*",
"\",
"/"
],
"forbidden_filename_extensions": [
" ",
".",
".filepart",
".part"
],
"defaultapp": "dashboard",
"auth.bruteforce.protection.enabled": false,
"ldapProviderFactory": "OCA\User_LDAP\LDAPProviderFactory"
}
}
PHP
PHP 8.4.20 (cli) (built: Apr 8 2026 08:16:38) (NTS gcc x86_64)
Mailserver or service
Dovecot
Database
10.11.15-MariaDB
Browser
Safari macOS 15
Server config contains 'overwriteprotocol' => 'https' and 'overwrite.cli.url' => 'https://nc.remak.cz', which are consistent. No mixed content errors observed in browser console (confirm or add Safari console output when opening a message).
Related older issues: #5863, #5032, #11008.
Steps to reproduce
Bug description
When opening an HTML email in Nextcloud Mail, the message preview iframe initially renders at a small size (text appears small, content fits without scrollbar). Shortly after, without any user interaction, the iframe resizes to full content height — making the preview much larger and requiring a scrollbar to read the message. The rest of the page (sidebar, toolbar) remains unaffected; only the message preview iframe changes size.
This behavior is reproducible consistently. It appears to be related to a delayed response from iFrameResizer /
htmlresponse.js— the iframe first renders at its default size, and only after the resizer script communicates the actual content dimensions does it expand.Steps to reproduce
Expected behavior
The message preview iframe should render at the correct size immediately upon opening, without a visible resize jump.
Actual behavior
The iframe first appears small (compressed view), then without user interaction resizes to full height. This causes a jarring visual jump and makes the preview unusable until the resize completes.
Mail app version
5.7.12
Nextcloud version
33.0.2
Mailserver or service
Dovecot
Operating system
MacOS, Safari latest version
PHP engine version
Other
Nextcloud memory caching
No response
Web server
Apache (supported)
Database
MariaDB
Additional info
sudo -u apache php /var/www/html/nextcloud/occ config:list system
{
"system": {
"instanceid": "REMOVED SENSITIVE VALUE",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"localhost",
"REMOVED SENSITIVE VALUE",
"REMOVED SENSITIVE VALUE"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"dbtype": "mysql",
"version": "33.0.0.16",
"overwriteprotocol": "https",
"overwrite.cli.url": "https://nc.remak.cz",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"disable_ipv6": true,
"maintenance_window_start": 1,
"default_phone_region": "CZ",
"serverid": 1,
"memcache.local": "\OC\Memcache\APCu",
"memcache.locking": "\OC\Memcache\Redis",
"default_language": "cs",
"redis": {
"host": "REMOVED SENSITIVE VALUE",
"port": 6379
},
"maintenance": false,
"allow_local_remote_servers": true,
"app_install_overwrite": [],
"mail_smtppassword": "REMOVED SENSITIVE VALUE",
"mail_smtpname": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_smtpmode": "smtp",
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"mail_smtpauth": true,
"mail_smtpport": "25",
"mail_sendmailmode": "smtp",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": true,
"verify_peer": false,
"verify_peer_name": false
}
},
"forbidden_filename_basenames": [
"con",
"prn",
"aux",
"nul",
"com0",
"com1",
"com2",
"com3",
"com4",
"com5",
"com6",
"com7",
"com8",
"com9",
"com\u00b9",
"com\u00b2",
"com\u00b3",
"lpt0",
"lpt1",
"lpt2",
"lpt3",
"lpt4",
"lpt5",
"lpt6",
"lpt7",
"lpt8",
"lpt9",
"lpt\u00b9",
"lpt\u00b2",
"lpt\u00b3"
],
"forbidden_filename_characters": [
"<",
">",
":",
""",
"|",
"?",
"*",
"\",
"/"
],
"forbidden_filename_extensions": [
" ",
".",
".filepart",
".part"
],
"defaultapp": "dashboard",
"auth.bruteforce.protection.enabled": false,
"ldapProviderFactory": "OCA\User_LDAP\LDAPProviderFactory"
}
}
PHP
PHP 8.4.20 (cli) (built: Apr 8 2026 08:16:38) (NTS gcc x86_64)
Mailserver or service
Dovecot
Database
10.11.15-MariaDB
Browser
Safari macOS 15
Server config contains
'overwriteprotocol' => 'https'and'overwrite.cli.url' => 'https://nc.remak.cz', which are consistent. No mixed content errors observed in browser console (confirm or add Safari console output when opening a message).Related older issues: #5863, #5032, #11008.