Operating System
Linux
OS Version
Ubuntu 22.04 LTS
System Architecture
x86_64
Docker Version
Docker version 29.2.1, build a5c7197
Docker Compose Version
No response
Reproducible in Latest Version?
Yes, occurs in the latest stable release
Reproduction Steps
- Set up marketing email with links in it
- Enable tracking opens
- Send emails
- Copy the received link into an incognito window (so the safepath session cookie isn't set)
Observed Behavior
Expected Behavior
Return a redirect to the actual link after counting views
Supplemental Information
It seems the safepath check handler doesn't have the /pmta path set in https://github.com/Billionmail/BillionMail/blob/main/core/internal/cmd/cmd.go#L137 as an exception so public links get validated and rejected without the secure token.
Operating System
Linux
OS Version
Ubuntu 22.04 LTS
System Architecture
x86_64
Docker Version
Docker version 29.2.1, build a5c7197
Docker Compose Version
No response
Reproducible in Latest Version?
Yes, occurs in the latest stable release
Reproduction Steps
Observed Behavior
Expected Behavior
Return a redirect to the actual link after counting views
Supplemental Information
It seems the safepath check handler doesn't have the /pmta path set in https://github.com/Billionmail/BillionMail/blob/main/core/internal/cmd/cmd.go#L137 as an exception so public links get validated and rejected without the secure token.