Expand my Community achievements bar.

no-click unsubscribe web app code explanation

Avatar

Community Advisor
Community Advisor
5/21/24 12:54:35 AM

Hello I have some questions regarding the new deliverability good practice 
https://experienceleague.adobe.com/en/docs/deliverability-learn/deliverability-best-practice-guide/a...

I have loaded the code mentioned on the page above.

 

  • Can somebody explain where the ctx.@secret is created and how I set ctx.@_method? It is supposed to be POST based on the article. I could not find any specific settings on properties of the web app not we do not add except recipient id anything to the no-click unsub link.

 

 

 

 

if (NL.isEmpty(ctx.@secret))
  logError("invalid secret...");
var secret = decryptString(ctx.@secret);
if (NL.isEmpty(secret))
  logError("invalid secret...");
this.secret = JSON.parse(secret);
if (NL.isEmpty(this.secret))
  logError("invalid secret...");

if (this.secret.method     != ctx.@_method        ||
    this.secret.identifier != ctx.@_identifier    ||
    this.secret.key        != ctx.recipient.@_key  ) {
  logError("invalid secret...");
}

if( String(ctx.recipient.@id) != decryptString(this.secret.identifier) )
  logError("The webApp inputs are corrupted.");

// remove descenants @_key to protecte against sql injection
var descendantNode = ctx.recipient.descendants();
for (var i = 0; i < descendantNode.length(); i++) {
  delete descendantNode[i].@_key;
  delete descendantNode[i].@_operation;
}

nms.subscription.Unsubscribe(ctx.vars.service, ctx.recipient)

 

Kind regards,

Marcel

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Web Apps

Views

450

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Community Advisor
Community Advisor
5/21/24 1:42:43 PM

Hello @Marcel_Szimonisz ,

 

I've downloaded the package and installed it on the local server. Here's what I found:

  1. Web App Overview: The web app appears to have three main activities: Preloading, Script, and End Activity.Parvesh_Parmar_0-1716323453238.png

  2. App URL: The URL for the app is:

    https://adobesandboxServerURL.com/webApp/unsubNoClick?id=<%= escapeUrl(cryptString(recipient.id)) %>

  3. API Call and Variable Creation: When you call this API, the Preloading activity creates a CTX variable named ctx.@secret. This variable is based on the encrypted recipient ID and stores an array of values. It then passes this variable to the next Script activity.This contains the recipient full information which is use in the script activity.

Hope it will help.

Thanks,

Parvesh

 

 

Views

394

Replies

3
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
5/21/24 11:44:10 PM
In response to Parvesh_Parmar

Hello @Parvesh_Parmarm,

thanks for your time spent on this. For me its kind of a mistery. Why the secret ctx is created in preloading, what is in there? what is ctx._method?
I could not find it anywhere set.


Marcel

Views

379

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
5/22/24 4:40:14 AM
In response to Marcel_Szimonisz

Hello @Marcel_Szimonisz ,

 

If you run this webapp in debug mode, you could check the value:

 

PFA: Screenshot

Parvesh_Parmar_0-1716377565986.png

 

CTX Data: There you can find all the variables. 

 

<ctx _console="1" lang="en" score="0" date="2024-05-22T11:30:26Z" _target="web" webApp-id="17921" origin="neolane" _folderModel="nmsRecipient" _identifier="@LBixjPbMZSptbFtzQegCcA==" _method="encryptedId" secret="@/2smQF+ypWCnYdIgQZEkwekKsLiH4TWkj6Z6WTli0oet+udV70f8SywwmE3hpUNTL4dJ/Dfidr9MwhZ6y9m+pbX9CcyMy2lCReZVyLgK+64ykkM0N/s5/TS/PKvwM2omHLL9PJg7h1N7kgS+SfRWqbufXC0D2yHgsIq/hm1wC00=" activityHist="@GuYcHLU8/iMaCBBS60D1+lv157nxFv0byINt7MA0DWbgnYPI33K9FhcdeRBdgPARBykP1CV0UWbwmqx4gEANjP4ukH3pntT2HePhDvlxeWZJbOhEO0TfdZjS7pZphUgI6byKGllUGEwiGoba7QMzdk+Z9kMEvpdYzccRnEyDTCXpKz+62Rzoqt0g40VrQVJC5zhK2/1D+u1bESgggq6Dup7iQA72ZC6/D5L8dE4142c=">
<userInfo datakitInDatabase="true" homeDir="" instanceLocale="en-GB" locale="en-GB" login="webapp" loginCS="Web applications agent (webapp)" loginId="1598" noConsoleCnx="true" orgUnitId="0" theme="" timezone="Europe/Paris" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="urn:xtk:session" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<login-right right="webapp"/>
</userInfo>
<timezone current="Europe/Paris" changed="false"/>
<recipient id="1002" _operation="update" _key="@id"/>
<activityHistory>
<activity name="end" type="end"/>
<activity name="script" type="script"/>
<activity name="prefill" type="prefill"/>
</activityHistory>
</ctx>

 

 

As you can check  ctx._method="encryptedId"

 

I don't think Adobe will explain how they calculate these values within the preloading activity.

Here, you can check this CTX data. If you want to modify these values or add new variables, you can easily do so.

 

 

Kr,

Parvesh

 

Views

360

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
6/13/24 12:07:04 AM
In response to Parvesh_Parmar

Hi @Marcel_Szimonisz,

Did the information provided by @Parvesh_Parmar helped you in your understanding of this issue or do you still need more help here? Do let us know.

Thanks!



Sukrity Wadhwa

Views

221

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Undo: The recipient no longer wants to be contacted Solved

Views

128

Likes

0

Replies

2
Web Application login access control Solved

Views

183

Likes

0

Replies

4
Link "no longer exist" Solved

Views

261

Likes

0

Replies

3
Mobile App Solved

Views

110

Likes

0

Replies

1
web server cannot be started Unrecognized option: --add-opens=java.base/java.io=ALL-UNNAMED Solved

Views

415

Likes

0

Replies

5