HubSpot Ideas

Search HubSpot Ideas or Create Idea
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Status: Idea Submitted
matt_si
Submitted by on ‎Jul 9, 2020 4:50 AM

Support Hubl filters in email templates

We are using a Form to collect leads and automatically send them an email using a Workflow. The emails are personalised i.e. "Hi Max," but the first_name property comes from the form data. This means that someone could enter "evil.com" as their first name and and email address as their email and we would send "Hi evil.com," (which becomes a link)em.png 

If we had access to Hubl filters in email templates we could mitigate this risk by filtering the first_name property (using replace() for example).

 

This is a security issue and I'm sure we're not the only company sending emails containing untrusted user input.

See more ideas labeled with:
1 Reply
fonji
Contributor
‎Sep 8, 2022 5:01 AM

Our need is to format a date and time field from contact.

Seems like one of the most basic of localization functionnality to ask for in an email template.

But we can't use something like

I hereby confirm our meeting on {{ contact.next_meeting_date | datetimeformat("%d/%m at %H:%M") }}

I guess to do that we need a workflow to format the property in another field every time it changes, which seems overkill.