GDPR icon indicating copy to clipboard operation
GDPR copied to clipboard
verified publisher icon trewknowledge

Erasure Link not working

Open justinmahon opened this issue 7 years ago • 21 comments

The link sent in the confirmation email for deleting your account is not working for me at the moment. I have updated to the latest code as you suggested which fixed the other issue.

To reproduce: Choose Close My Account, confirm, open email that is sent, click this link (domain and email modified):

https://site.local?type=delete&key=asnB4VhN0BxPHtxPKQEb&[email protected]

The result is that the homepage appears with no confirmation box, and nothing else happens.

justinmahon avatar Apr 03 '18 23:04 justinmahon

Hmm.. That's odd. I just tested it here and it worked for me.

Can you check your database and see if this user you tried have a usermeta of gdpr_delete_key with this key in it?

You can also try updating the plugin. We are already publishing it on the WordPress plugin repository.

http://wordpress.org/plugins/gdpr

Maybe this version works for you.

fclaussen avatar Apr 04 '18 16:04 fclaussen

I went ahead and updated the plugin.

It didn't work for that existing user, but when I created a new user that I had not tested the plugin on, it worked but had a strange issue at the end I will describe below. I will do another test with an existing user as well.

Once I clicked the link in the confirmation email to close my account, instead of getting an alert box, I got the privacy policy acceptance modal, and could not get it to disappear even by accepting it. I assume this is not intended.

justinmahon avatar Apr 04 '18 19:04 justinmahon

It's definitely NOT working for older accounts. The functionality is fine for new accounts, but older accounts are not working. The error occurs when clicking the links from the confirmation emails.

justinmahon avatar Apr 04 '18 19:04 justinmahon

The privacy policy modal appears if the user did not consent to the privacy policy. You most likely set up the privacy policy page and that enabled the check. If you accept it, it should go away.

An ajax runs when you accept it, to register the consent to the user. I should add a loading indicator or hide the modal before the ajax finishes.

I also created a new wp install, added a few users and then added the plugin. I could delete them just fine.

Is it possible for you to create a test environment somewhere that I can log in and test this?

fclaussen avatar Apr 05 '18 14:04 fclaussen

The issue I seem to have is for old users. I installed, ran it for the older account and had issues with the links coming from the confirmation emails.

Can we open up a channel separate from github? Slack, Skype, gmail, all the above work for me, pick your preferred method and I will email you my details.

justinmahon avatar Apr 05 '18 14:04 justinmahon

You can contact me at [email protected]

fclaussen avatar Apr 05 '18 14:04 fclaussen

Fernando,

I upgraded to the latest and tested the download my data functionality first. I get all the way to the email, and click the link. I get the confirmation alert that my data is being sent to me but it never comes.

I traced network calls in the console and noticed an issue there.

Here is the request that had a 302 error.

Request URL: http://irei.staging.wpengine.com/?type=export-data&key=miDivjU6WnS3oqEybgWE&[email protected]&format=json Request Method: GET Status Code: 301 Moved Permanently Remote Address: 104.198.100.43:80 Referrer Policy: no-referrer-when-downgrade Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: keep-alive Content-Length: 0 Content-Type: text/html; charset=UTF-8 Date: Fri, 13 Apr 2018 16:55:39 GMT Expires: Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive: timeout=20 Location: https://irei.staging.wpengine.com/?type=export-data&key=miDivjU6WnS3oqEybgWE&email=justin%40cog1.com&format=json Pragma: no-cache Server: nginx WPE-Backend: apache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Authorization: Basic aXJlaTpDMGcxSVIzMQ== Connection: keep-alive Cookie: __cfduid=dfc0707650277a189f13975b87b258daf1494962808; optimizelyEndUserId=oeu1494962810158r0.3799621758690701; __qca=P0-1764373042-1494962811390; __lc.visitor_id.2819642=S1494962811.19406dd079; __lc.visitor_id.g2819642_1.group1=S1495048803.7840bb6f02; IREI_visited=3; _jsuid=861819368; hubspotutk=ea7f0d42fd0a6052ec68377f8633e5ee; __lc.visitor_id.g2819642_8.group8=S1512444441.7a44aa4786; _ga=GA1.2.61904185.1494962810; _mkto_trk=id:010-HXA-245&token:_mch-wpengine.com-1495041614963-40860; intercom-lou-e65ir997=1; _referrer_og=https%3A%2F%2Fwww.google.com%2F; fs_uid=fullstory.com11Kl6295239769980928:572520214298624022476; __utmzz=utmcsr=google|utmcmd=organic|utmccn=(not set)|utmctr=(not provided); __unam=e7558f6-15fc116e2c2-680900a-42; PHPSESSID=3aaa0895d1bef5ada8f6cdf9247af435; __utmzzses=1; __hstc=51647990.ea7f0d42fd0a6052ec68377f8633e5ee.1494962812787.1522112290035.1522781882926.20; __hssrc=1; __sreff=1522781881523.1522781943258.2; __reff=(direct)&1494962810429.1494962810429.1|wpengine.com&1494962810429.1494962812415.2|(direct)&1497377853063.1497377853063.1|wpengine.com&1497377853063.1497466499524.4|www.google.com&1498066577375.1498066577375.1|(direct)&1501090676865.1501090676865.1|wpengine.com&1501090676865.1506364882852.9|secure.livechatinc.com&1512444399276.1512444402300.2|(direct)&1515089532507.1515089532507.1|wpengine.com&1515089532507.1515089540315.2|www.google.com&1515869426924.1515869426924.1|(direct)&1518727173220.1518727173220.1|wpengine.com&1518727173220.1518727296381.3|(direct)&1519067491400.1519067491400.1|www.google.com&1519067491400.1519068176157.3|(direct)&1520964086346.1520964086346.1|www.google.com&1520964086346.1521745589235.2|wpengine.com&1520964086346.1521833574210.5|www.google.com&1520964086346.1522115185869.7|(direct)&1522781881523.1522781881523.1|wpengine.com&1522781881523.1522781943258.2; __ar_v4=O52ALOLRLRBPBEREO22RZS%3A20180321%3A6%7C5CW3DDC2HFD6PG3HGA4GUM%3A20180321%3A8%7CTAHWBEST55E5TJYIHVPHVJ%3A20180321%3A8%7CSHX33EYLV5BOVG47F6VQE5%3A20180322%3A2; optimizelySegments=%7B%22852260298%22%3A%22false%22%2C%22858250216%22%3A%22referral%22%2C%22858450478%22%3A%22gc%22%7D; optimizelyBuckets=%7B%228408663489%22%3A%228408537529%22%2C%228223659741%22%3A%228230954590%22%7D; wpe-auth=e6d2adc1ecfb413765c2edf2f7e33173; _gid=GA1.2.46430348.1523638246; wordpress_logged_in_0f28c2f99204a09b23e21899a6f15f0c=irei%7C1523811120%7ChJhI3fgmrHt6XWrJ2K07Y8YkxkqPdfCSy5Rzy6YGutz%7C6ba19db035bd9684ef1b9cda109fea6d41f9806ab2eba8bf14a3fd36105161c5; woocommerce_items_in_cart=1; woocommerce_cart_hash=a86e147d0cfed8230d7739b119cff4ea; wp_woocommerce_session_0f28c2f99204a09b23e21899a6f15f0c=2%7C%7C1523811120%7C%7C1523807520%7C%7C601f203c9c4e66cf1f5fe1aec964eaf3; __ar_v4=O52ALOLRLRBPBEREO22RZS%3A20180321%3A6%7C5CW3DDC2HFD6PG3HGA4GUM%3A20180321%3A8%7CTAHWBEST55E5TJYIHVPHVJ%3A20180321%3A8%7CSHX33EYLV5BOVG47F6VQE5%3A20180322%3A2%7C5V6DG7LN7NAKXEHWYCK7D6%3A20180413%3A1 Host: irei.staging.wpengine.com Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 type: export-data key: miDivjU6WnS3oqEybgWE email: [email protected] format: json

justinmahon avatar Apr 13 '18 16:04 justinmahon

I'm doing a full code review today. I'll make some changes to the way some components work.

Thank you for letting me know about the issue.

fclaussen avatar Apr 13 '18 17:04 fclaussen

After further debugging with the latest release I have further findings:

  1. Plus Symbols (+) Symbols are causing a conflict for download my data functionality: I use email's with a + symbol in them for testing: [email protected]. I found that the existence of the + symbol in the email causes the plugin to break when generating download data or for the erasure link.

  2. Using my sendgrid account or the WPEngine host may be causing the issue for the email with the file attachment to not come through: When testing on my local environment at localhost, using an email without a + symbol, the data download and the forget me functionality appear to work properly. However once I test this on my WPEngine server, using Sendgrid for emails, it appears that any email with a file attachment is not coming through. I get all the way to the final email confirmation for the data download, but the email with the file never shows up

In summary it looks like things are working properly just with some edge case bugs. I will do further debugging on the sendgrid / wpengine issue and report back.

justinmahon avatar Apr 16 '18 22:04 justinmahon

Further more on item 2, I just looked at the sendgrid activity, and I do not see any attempts to send this email in the logs. Only the email that the data was requested which allows you choose which format you want. After choosing this link, a user sees a confirmation but no email is sent.

justinmahon avatar Apr 16 '18 22:04 justinmahon

Hi @justinmahon

Thank you for all your testing. I believe that since you are getting emails even with the + sign the problem must be with the attachment. I'm thinking about changing this entire behavior. Sending email attachments might cause the email to be flagged as spam or not even send it.

New behavior

On email confirmation, we trigger the file generation on a different thread and send an email with a download link instead of the file attached.

Thoughts?

fclaussen avatar Apr 17 '18 14:04 fclaussen

I think this is ideal honestly. There is less dependency on an email server to deliver this data this way. I fully agree.

justinmahon avatar Apr 17 '18 14:04 justinmahon

One thing to keep in mind is that this link should probably expire after a certain period of time.

justinmahon avatar Apr 17 '18 18:04 justinmahon

Yes. Just like the confirmation links expire after 48 hours, I'll make this link expire.

fclaussen avatar Apr 17 '18 19:04 fclaussen

I like this.

justinmahon avatar Apr 17 '18 22:04 justinmahon

Should there be an admin parameter to only delete users if they have no data that is required to be kept by law? For example order/transaction/financial data in wooCommerce or other plugins. Maybe Admin should approve a request to delete first?

harper-smith avatar Apr 17 '18 23:04 harper-smith

@harper-smith Users are only deleted if they have nothing published on the site. I can retest this with WooCommerce but I strongly believe users would not be able to delete themselves from the site automatically without an admin review.

Have you tested it and this isn't working for you?

fclaussen avatar Apr 18 '18 15:04 fclaussen

@fclaussen ok thats fine just wanted confirmation of expected plugin behaviour on deletion. Would be good to get some documentation up for us less savvy users! Thanks

harper-smith avatar Apr 19 '18 12:04 harper-smith

I agree. I am working today on documentation and code samples. As soon as we have it up, I'll make sure to notify you.

fclaussen avatar Apr 20 '18 14:04 fclaussen

Regarding emails with "+" in them: the URLs sent in the mails are just not properly URL encoded - plus sign is left as is and is interpreted as space (%20) instead of "+" (%2B), thus rendering wrong URL. Hope it helps.

kamenf avatar Apr 27 '18 20:04 kamenf

Thank you @kamenf I will take a look at this.

For those who were wondering about documentation, this is a start: http://gdpr-wp.com/knowledge-base

fclaussen avatar Apr 27 '18 20:04 fclaussen