form receives webcontact ID, random number and createdDate via url params
if all 3 match and webcontact is less than 3 days old, will prefill data from sfdc
prefill evaluates params and sets hidden field to valid/invalid
> prefill will skip if createddate on wc is over 3 days old and submit button will be hidden
> no email will be prefilled if link is invalid / modified, so not visible in dev tools or anywhere
> submit button is hidden onload, is displayed only if link is valid
- if WC ID and Secret code and CreatedDateTime are correct, prefill is marked as Valid
- if valid and create date < 3 days ago, 2nd prefill step pulls email from webcontact into form
someone could go into dev tools and change hidden flag from invalid to valid :
- form still wont pull in email address.
- submit connectors also will filter on created date and will repeat the matching process, preventing update of random records.
> TFA supports MD5 hash to validate url params w/ timestamp expiration. TFA ux for invalid hash is vomit on the page, and this also requires separate key for each form which will require extra lift for each event, not worth it.
most of these forms are ephemereal and should have end date set. we could MD5 long running or higher risk forms (ashokaU, changemakers, etc) in future if desired.
next steps : work on submit connectors.
- want to prevent multiple submissions / spam
- may want to do the same for the initial submission form : check for existing records