Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Adobe Campaign Classic - URL contains character codes

TobeyDallas
Level 1
Level 1

Hello.

I have an unsubscribe URL that links to an outside application.  The URL is sending the email address as "address%40domain.com" and the application is expecting the actual @ sign in the email address.  Is there a way to get Adobe to include this in the link instead of the code?  Of course this content is dynamic using <%= recipient.email %>.  Thanks.

1 Accepted Solution
Jean-Serge_Biro
Correct answer by
Community Advisor
Community Advisor

Hi Toby,

It is because you don't use the escapeUrl function, which is mandatory.

But please, consider that it is not safe at all to expose in clear the recipient.email to the web, think to hackers exploits and spammers...


So you should either use an encrypted/hashed email (by using SHA256), or better, do as factory unsubscribe personalisation blocks do, using the

<%= escapeUrl(recipient.cryptedId)%>

or the equivalent:

<%= escapeUrl(reversibleCrypt(recipient.id)) %>

So Adobe Campaign does the link and it is security safe.

Regards
J-Serge

View solution in original post

2 Replies
geoffreyl240454
Level 4
Level 4

Hello TobeyDallas​,

Could you please tell me how your unsubscribe link is built into the delivery?

Indeed, I have the @ character in the code when I include <%= recipient.email %> so I don't understand why you have a "%40" instead of the @.

Thanks,

Geoffrey.

Jean-Serge_Biro
Correct answer by
Community Advisor
Community Advisor

Hi Toby,

It is because you don't use the escapeUrl function, which is mandatory.

But please, consider that it is not safe at all to expose in clear the recipient.email to the web, think to hackers exploits and spammers...


So you should either use an encrypted/hashed email (by using SHA256), or better, do as factory unsubscribe personalisation blocks do, using the

<%= escapeUrl(recipient.cryptedId)%>

or the equivalent:

<%= escapeUrl(reversibleCrypt(recipient.id)) %>

So Adobe Campaign does the link and it is security safe.

Regards
J-Serge

View solution in original post