Added basic functionality for an HTML sandbox for relative safely rendering HTML attachments

Fixed #1150

translations/messages.en.xlf

@@ -12593,5 +12593,29 @@ Buerklin-API Authentication server:
         <target>When selected, more details will be fetched from canopy when creating a part. This causes an additional API request, but gives product bullet points and category info.</target>
       </segment>
     </unit>
+    <unit id="D055xh8" name="attachment.sandbox.warning">
+      <segment>
+        <source>attachment.sandbox.warning</source>
+        <target>WARNING: You are viewing an user uploaded attachment. This is untrusted content. Proceed with care.</target>
+      </segment>
+    </unit>
+    <unit id="bRcdnJK" name="attachment.sandbox.back_to_partdb">
+      <segment>
+        <source>attachment.sandbox.back_to_partdb</source>
+        <target>Back to Part-DB</target>
+      </segment>
+    </unit>
+    <unit id="MzyA7N8" name="settings.system.attachments.showHTMLAttachments">
+      <segment>
+        <source>settings.system.attachments.showHTMLAttachments</source>
+        <target>Show uploaded HTML file attachments (sandboxed)</target>
+      </segment>
+    </unit>
+    <unit id="V_LJkRy" name="settings.system.attachments.showHTMLAttachments.help">
+      <segment>
+        <source>settings.system.attachments.showHTMLAttachments.help</source>
+        <target>⚠️ When enabled, user uploaded HTML attachments can be viewed directly in the browser. Many potential malicious functions are restricted, still this is a potential security risk and should only be enabled, if you trust the users who can upload files.</target>
+      </segment>
+    </unit>
   </file>
 </xliff>