funnel icon indicating copy to clipboard operation
funnel copied to clipboard

Published 20 hours ago verified publisher icon hasgeek

Integrated unsubscribe in SMS shortlinks

Open jace opened this issue 2 years ago • 0 comments

After #1741, full unsubscribe links in the form https://bye.li/<token> are not being used in SMS templates as there is a limit on the number of variables (2, stretching to 3). We're using the naked https://bye.li/ instead, which (a) requires the user to login, and (b) offers no hint of which notification was received. This is hostile and has led to users reporting messages as spam within their messaging apps.

Separately, Google Messages only shows a link preview when the message contains a single link. (Some references require the link to be at the very end of the message, which is a problem if the DLT system insists on suffixing the message with the brand name. This should be verified.)

We can solve both problems (template variable count, link preview) by changing our links to this form: https://has.gy/<link_token>/<unsubscribe_token>. In a template it will appear as "See details or stop notifications: https://…".

Changes required:

  1. [ ] Change the shortlink view (in funnel.views.shortlink) to add /<name>/<token> as a route, with the current route getting defaults: {'token': None}. Within the view, if the token is specified, it will reparse the URL, add unsubscribe_token=<token> as a URL parameter and perform the redirect (@jace)
  2. [ ] A new before_request handler will look for this unsubscribe_token in all GET requests, and will validate it (optional?) and render a flash message with a link to the unsubscribe page. This handler cannot strip it from the URL and issue a redirect (as the current unsubscribe link does) because redirects will affect link preview. (@jace)
  3. [ ] Flash messages are currently assumed to be plain text. We need to verify that Markup can be included and renders correctly. (@jace)
  4. [ ] Optional: In layout.html.jinja2, look for unsubscribe_token in the request args and use the History API to rewrite the URL to remove it (@vidya-ram)
  5. [ ] Change Python templates and RenderNotification.sms_with_unsubscribe() to use {url}/{unsub} format (@jace)
  6. [ ] Re-register all SMS templates with updated text (@djamg)

jace avatar Oct 27 '23 07:10 jace