openedx
Social links in emails by edx-ace include hardcoded references to sailthru-hosted images
The base edx-ace template includes social icons (linkedin, twitter, ...) that are hosted on Sailthru, a marketing automation platform. This causes at least two obvious issues:
- Loss of privacy for platform managers and end-users
- edX.org tracks links included in emails sent by third-party Open edX platforms
The issue stems from this template: https://github.com/openedx/edx-platform/blob/db32ff2cdf678fa8edd12c9da76a76eef0478614/openedx/core/djangoapps/ace_common/templates/ace_common/edx_ace/common/base_body.html
IMHO the default configuration should be to point to social icons that are hosted on the Open edX platform itself. edX should override this configuration to make use of Sailthru-hosted images.
This was first reported by @insad here: https://github.com/overhangio/tutor/issues/572#issuecomment-1081763915 A somewhat similar issue was reported (and solved, thanks to @NeOneSoft) in the past: https://github.com/openedx/build-test-release-wg/issues/7 https://github.com/openedx/edx-platform/pull/27064
Hi @regisb and @BbrSofiane,
I would like to contribute to Open edX. You can assign this issue to me.
I have looked at the template and I think I understand the issue. I also looked at the previous fix where the hard coded edx-logo was replaced by <img src="logo_url" .
The strategy would be to remove the hard coded links to the sailthru hosted images in the img_src. Replace for example the img_src of {% if social_media_urls.facebook %} with something like <img src="facebook_logo_url", and then point facebook_logo_url to a path on the Open edX platform.
I would then repeat the above for linkedin, reddit, etc
Hi @Peters-Lab, thanks for volunteering to take this on!
Once you've implemented your fix, you'll need to create two PRs:
- [ ] A PR against the master branch of edx-platform
- [ ] A PR against the open-release/nutmeg.master branch
Not only are Social Media links hard coded to sailthru-hosted images but also the Mobile Store links (apple store app and google play app).
Reproduction
Register as a new user to https://www.edx.org/.
You will receive an email in your inbox.
In the confirmation email, using your browser, check the source code of the facebook icon, twitter icon, apple store icon and google play icon.
Impact The social media icons are mobile store icons are hosted on sailthru
I will reproduce the issue on my local Tutor instance so that I can test my fix locally before I make a PR.
@BbrSofiane. I got caught up by personal issues so I have not looked at this issue since. I would like to look at it and try to fix this issue next week. Is that OK?. I saw somewhere here that nutmeg release is on 10th June. Or is there another future nutmeg release?.
@regisb and @BbrSofiane
I created a PR for this issue against the master branch of edx-platform https://github.com/openedx/edx-platform/pull/30630
I tested my fix and it works on my setup.
Is it still necessary to create a PR against the "open-release/nutmeg.master branch", since nutmeg was released?. If so, let me know and I will create one.
Thanks for your PR @Peters-Lab! I think that we should wait until your PR is merged in master, and then we'll cherry-pick the change in the open-release/nutmeg.master branch.
