Closed chaoran-chen closed 4 years ago
In principle, yes. there could be some injections and we can handle those to some extent, but there is also the point that the message could contain malicious links. and the user should be warned about those for his/her own protection and (possible) legal issues.
The mail@icebreaker.science and no-reply@icebreaker.science mailbox is now created. Please contact me for the login credentials for no-reply if you need them.
no-reply@ is the mailbox that sends out the confirmation mails. It can bcc itself. mail@ should be set as the reply to option.
Suggestions for the mail subjects?
Just choose something for now, we will adjust the email texts and subjets before release anyway.
For the contact form: https://xd.adobe.com/view/8fe4eee6-53b6-4871-bd0f-4582b2b6048a-dab7/screen/75c416c0-08e7-4fbb-81cb-55de14bb7e92/?fullscreen
This is a proposal for the API, other suggestions are very welcome :)
Request:
Response:
For the very beginning, the endpoint should be available for every user - no registration required. Later, the users without an account should have to solve a CAPTCHA.
The following email should then be sent to the user who has filled out the contact form
And this text should be sent to the owner of the device:
All sent emails should also be BCCed to an internal email address of ours.
Question: Are there some kind of injections we need to pay attention to?