![]() ![]() Raise SuspiciousOperation( "tried to redirect to unsafe url '%s'" % target) # Verify we're only redirecting to our own site (don't be an open redirect server): if not is_safe_url( target, TARGET_HOSTNAME): # Missing/unparseable query params/payload format raise SuspiciousOperation( "tried to redirect with garbled payload") loads( payload)Īssert params = 1 # we've only seen v:1 params target = paramsĮxcept ( AssertionError, KeyError, TypeError, ValueError): loads( urlsafe_base64_decode( b64payload))Īssert payload = 1 # we've only seen v:1 signed payloads params = json. # (Django's urlsafe_base64_decode handles missing '=' padding) payload = json. """Handle a Mandrill click-tracking redirect link""" try: http import is_safe_url, urlsafe_base64_decode TARGET_HOSTNAME = "# You expect all redirects to go here def legacy_mandrill_click_tracking_redirect( request, mandrill_account = None, target_host = None): http import HttpResponseRedirect from django. exceptions import SuspiciousOperation from django. ![]() Here's a simple Django view to handle the redirects: You'll need to come up with some other way to validate the redirect targets. If your emails linked to a variety of domains, Simply check the targets using Django's is_safe_url helper with In my case, our emails only contained links back to our own site, so I can The only (somewhat) tricky part is validating the target to make sure we don'tĬreate an open redirect vulnerability on our site. ![]() The code below is for Django, but it shouldn't be hard to adapt to other Now that we've decoded Mandrill's redirect data format, handling it is easy. If you wanted to keep logging click tracking statsįrom old emails. id is the Mandrill message uuid - which you could use.(It even has the Google Analytics params Mandrill added for us!) url is the target url we were looking for.v is probably the version of the parameters format.That p parameter, which looks like it might be base64 (without (I'm guessing Mandrill includes it so users can see some hint aboutīut we want the full target link, not just the host. is the host portion (only) of the target link.11003603 was (I'm guessing) our Mandrill account id.Here's an actual Mandrill tracking link I extracted from one of my old emails: (Not intrested in the gory details? Just skip to the code.) To do our own redirects, we'll need to figure out how Mandrill was encoding links. To point at our code, and we'll have no more dependencies on Mandrill. Our goal is to write our own server code that can handle ![]() Say you'd been using as your custom tracking domain, and you'dĬNAMEd that to. If all your old emails have links directly to, there's nothing In Mandrill - because you'll be able to repoint that domain to your own server. This only works if you had set up your own custom tracking domain There's no reason to believe they'd break them,īut to be safe, we decided to take back our click-tracking domain andĪnd you can too. Mandrill hasn't stated what will happen to click tracking redirects (This is more common than you might expect, particularly To get back to our site, they dig up an old email from us and click a Well, turns out a lot of our users treat emails as de facto bookmarks. Why should we care about links in emails sent a month or more ago? We'd been using Mandrill's click-tracking feature,Īnd became worried about what would happen to all those old emailed links My company, like many, has recently switched away from using Mandrill Taking back your Mandrill click-tracking links ![]()
0 Comments
Leave a Reply. |