Just made a release to testing.shmeppy.com. Nothing too interesting but hopefully I’m now sending out all the emails that users want.
- Send email confirming unsubscription when user unsubscribes.
- Send email confirming resubscription when user resubscribes.
- Browsers will now always use HTTPS after accessing Shmeppy once, lowering the risk of man-in-the-middle attacks.
- Harden Shmeppy slightly against cross-site scripting (added
X-Content-Type-Options: nosniff). - Harden Shmeppy against click-jacking by preventing sites from embedding Shmeppy in iframes.
Surprisingly the most time-consuming change was sending emails upon resubscription! Had some technical debt in my way that I decided to pay back.
Happy Shmepping ya’ll!