How are cookies handled by email clients?

2019-04-14 03:04发布

站内问答 / 后端开发
1754 3 4

Let's say I set a cookie on an image request in an email (so the cookie is set when the user views the images in the email). If the user then clicks through the email so their browser opens, will the browser have access to the cookie I just set?

Obviously, if the user has Outlook as their email client and Firefox as their default browser, the email cookie (if it exists) will not be accessible. But what if they use IE? On an iPhone or Android phone, what happens?

3条回答
放我归山
2楼-- · 2019-04-14 03:22

I think you answered your own question...

It's a client-side problem (for you). It's "catch as catch can". No Guarantees any combination you use will be 100% fool-proof.

Outlook to Safari (or FF, Opera, etc). There are too many variables. Not to mention any one of your recipients could have their email client set to Plain Text.

I got the best tracking by assigning a query parameter to the images as well as ALL the links. But I've never found a solution that actually accounted for 100% of the emails that were sent (comparing/tracking view rates afterward).

查看更多
0人赞 添加讨论(0) 举报
Viruses.
3楼-- · 2019-04-14 03:32

I found another interesting post on this topic:

So cookies are usually served with HTML requests over HTTP. Email is not HTML served over HTTP, it's HTML over IMAP or POP. Since there's no HTTP request for the HTML, there's nowhere for cookies to be sent.

HOWEVER, there is a caveat. While your HTML is not served with an HTTP request and contains no cookies, the images in your email are requested via HTTP. Its possible your image server(s) could send cookies and most email clients will send the cookie back if the image is re-requested. There's no breakdown on mail client support for cookies, but I know the Outlook suite on PC definitely will respect cookies in image request headers. We saw this in testing our image validation software, there are a VERY small number of image servers out there that are sending cookies. It's likely you are not in this bucket, though, since it is rare.

I am not a lawyer, but reading this link, https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ I think you are ok not including the message. You are definitely ok if you can confirm no cookies are served along with your images. However, I am not a lawyer.

Let's also remember that e-mail can sometimes be opened in a browser, where the HTTP protocol is used.

Another issue is that the person can be tracked not only using cookies but also, for example, with the personalized link.

I hope I helped someone.

查看更多
0人赞 添加讨论(0) 举报
我命由我不由天
4楼-- · 2019-04-14 03:39

I don't think the cookies are carried across. You might want to make a token to put in the query string and authenticate a session that way.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)