On 4/8/24 5:44 AM, Antony Stone wrote:
- make your systems transparent so that people feel they understand what's happening and when at different stages in the process - don't create a "corporate black box" which customers can't understand
I'll add to this and say that URLs that include things like email addresses for things like unsubscribe forms are okay. Make these things obvious and transparent. If at all possible, avoid any obfuscated parameters. If you do need something like a checksum or signature or validation token (think message authentication code), make it as short and as clear as possible. E.g.
https://contact.example.com/email-preferences.html?email=u...@example.net&action=unsubscribe&checksum=abc123 -- Grant. . . . unix || die
