using someone else's google account for sending emails #284

New issue

Closed

opened 2025-10-14 16:45:45 -06:00 by navan · 0 comments

navan commented

2025-10-14 16:45:45 -06:00

Owner

Originally created by @mckennapsean on 11/3/2017

a side effect of allowing the "to" email address to be set in the HTML is that people can copy and paste our examples, adapt them, and use it to send an email without ever configuring their own server. I was thinking from an attacker perspective, but this is a very, very feasible "lazy" perspective, especially since it works right away, requires fewer steps, and seems to pass your data correctly.

why shouldn't someone we just let people do this then? well, it is using one of our accounts, which has API limits, and could eventually break if people are using it frequently enough. also, all your data is getting sent to one of our accounts & a public spreadsheet, which likely won't make some people happy to know that their data from your form is public. generally, we don't want that.

I could disable emailing from the demo examples, since that isn't really required for them to do apart for testing purposes. it'd be better to have unit tests mocked out anyways (if possible), but not sure how feasible that is. we could revert functionality in the demo only, but have the copy spreadsheet be maintained separately but kept active (so people copying get the right code).

is there any preference on the appropriate method?

*Originally created by @mckennapsean on 11/3/2017* a side effect of allowing the "to" email address to be set in the HTML is that people can copy and paste our examples, adapt them, and use it to send an email without ever configuring their own server. I was thinking from an attacker perspective, but this is a very, very feasible "lazy" perspective, especially since it works right away, requires fewer steps, and seems to pass your data correctly. why shouldn't someone we just let people do this then? well, it is using one of our accounts, which has API limits, and could eventually break if people are using it frequently enough. also, all your data is getting sent to one of our accounts & a public spreadsheet, which likely won't make some people happy to know that their data from your form is public. generally, we don't want that. I could disable emailing from the demo examples, since that isn't really required for them to do apart for testing purposes. it'd be better to have unit tests mocked out anyways (if possible), but not sure how feasible that is. we could revert functionality in the demo only, but have the copy spreadsheet be maintained separately but kept active (so people copying get the right code). is there any preference on the appropriate method?