User Agent Check?

[MadMikeyB]

I'm facing issues where this magic link is invalidated before click, potentially because of link protection software in email clients, e.g. some clients try to generate a preview of the link, but to do so they have to GET request the link, thus invalidating the link.

Same for spam protection, when you click the link it goes through the email providers redirection software first, meaning the spam protector hits the link and invalidates it.

Have you seen this before? Could it be mitigated by a user-agent check?

[jaymeh]

@MadMikeyB This is a good point, I've seen some similar issues before though not during the use of this plugin.

A user agent check may be a good solution to this issue however I am not sure if we would need to have a predefined list of agents and how we would keep this up to date. We could allow user-defined ones but this means that for every sender this list a developer would need to keep the list up to date based on every sender.

The other option I have in mind is to have settings within the plugin that can either increase the number of GET requests for the link and/or a checkbox which prevents invalidating the link until after the expiry date has lapsed.

Let me know your thoughts?

Thanks, Jamie

[MadMikeyB]

The increase in the number of GET requests is the simplest solution @jaymeh - simply because we can just set that to 2 or more to allow for the email link checkers to hit it. I also liek the idea of keeping the link valid for the entire time of the expiry period. Both of those work for me.

The alternative is a User Agent check to see if it contains the words bot or something? You could leverage another php library such as https://github.com/foroco/php-browser-detection to detect the user agent with finer granularity I suppose? But the first options are much more preferable tbh.