Closed
Bug 976996
Opened 11 years ago
Closed 11 years ago
Provide Clean URL to Web Version of Newsletter
Categories
(www.mozilla.org :: Newsletters, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: KenSaunders, Unassigned)
Details
Attachments
(1 file)
|
159.58 KB,
image/png
|
Details |
Publicly Viewable page
Clicked the "View in your browser" link > shared the link (Facebook) > I was notified by a friend that he could see my email address and modify my subscriptions.
The "Modify your preferences" option was available, clicking it displayed my email address and offered the ability to unsubscribe me from all newsletters.
Obvious privacy concerns.
Having a direct link to a Web version of a newsletter should be provided.
|
||
Comment 1•11 years ago
|
||
Hi Ken!
Thank you for flagging this issue. You are 100% correct that if the "view in browser" link is shared, the personalized links for managing your email preferences is part of that URL.
I've been thinking of the best way to proceed. Here are my thoughts:
View in browser link purposes:
* Sometimes email HTML doesn't render well in inboxes; that's why there's this link so that readers can view the email in their browser.
- We test our emails across the main browsers and clients and I feel fairly confident that our HTML is okay. It's still a good safe guard.
* For people who receive the text part of the HTML email because of their inbox/client settings, they can click to view the HTML version.
* Sometimes Email Service Providers (like ExactTarget who we use) have a social sharing feature of the newsletter that requires the email to be auto-archived and the view in browser link produced. This is not the case for Exact Target.
View in browser link usage in our newsletters:
I looked at some quick stats and only about 2% of all clicks on the newsletter are for this link - that's about a 0.1% click through rate of all the newsletter subscribers.
To fix:
1) Remove "View in Browser" Link completely.
Given that so few of our subscribers use this link, this is an okay interim solution.
2) Create an Email Archive to host the raw/clean HTML file for easy viewing and sharing. Use the email archive link for a particular newsletter as the "View in browser" link URL.
This is an idea we've had for awhile, but hasn't gotten the traction it needs:
Bug 731405 - [Q2 Tracking Bug] Add Email Newsletter Archive to mozilla.org/firefox - currently resolved as wont fix.
3) While we're exploring #2, we might be able to come up with a hack somewhere either in ET (ExactTarget) - or - use personal Mozilla pages that can serve as an archive in the item… or publish the newsletter as a massive blog post. Update the "View in Browser" link to use this URL instead.
For now, I'm going to get all the newsletter owners to remove the "view in browser" link completely until we can figure out a privacy-friendly way to provide this link.
Thanks again for flagging,
Jess
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
One advantage of the link is the ability to easily share an item via social networks. This is why I used it, fortunately I spotted the security hole before sharing!
|
|
||
Comment 3•11 years ago
|
||
(In reply to Steve Lee from comment #2)
> One advantage of the link is the ability to easily share an item via social
> networks. This is why I used it, fortunately I spotted the security hole
> before sharing!
Ah yes! This should have be listed under the purposes and pros for having a view in browser link and is precisely the reason we need to have a clean URL as both you and Ken point out.
You need to log in
before you can comment on or make changes to this bug.
Description
•