TEKNKL :: Blog

You can’t HTML-encode {{my.tokens}} when they’re gonna appear in the Text part as-is

By Sanford Whiteman Tags: mail-tracking, my.token, text stuff, URLs and URIs

What’s (potentially) wrong with this picture?

At a glance, it seems good and proper:

  • the protocol (https:) is left out to allow tracking ✔︎
  • the ampersand ( &) is HTML-encoded to &amp; since this’ll be part of an HTML <a href> ✔︎
  • the URL is otherwise well-formed ✔︎

Indeed, it’ll work fine if a link is created like this:

But what if the destination webserver is squirrelly about the additional mkt_tok query param (it happens, even if it shouldn’t) or if the lead has asked to not be tracked?

Then you’ll want this, which adds class="mktNoTrack" in HTML view:

And that’s bad. Because in this case, Marketo will copy the token to the Text part (provided you haven’t customized it) like so:

Dear {{lead.First Name:default=Friend}},

Click here <https://{{my.event link}}> to attend our virtual graduation.

Regards,

Minerva McGonagall
Deputy Headmistress

And in the final received email, it’ll look like this:

Dear Sandy,

Click here <https://www.example.com/events?eventid=1234&amp;version=published> to attend our virtual graduation.

Regards,

Minerva McGonagall
Deputy Headmistress

That’s a broken link. There’s no longer a version query param. Instead there’s a query param named amp;version, which the webserver won’t understand. (Yes, that’s how the URL will be parsed by any browser, there’s no automatic “fixup” performed!)

It’s the lack of tracking that breaks it

When a link contains one or more tokens and has tracking enabled, Marketo is smart: it detects if any tokens were HTML-encoded and automatically removes the encoding, turning &amp; back to &. And the tracked link itself (under your branding domain) never needs HTML-encoding since it doesn’t have any ambiguous characters. So the same link works in both parts of the email.

Unfortunately, once tracking is disabled, Marketo doesn’t apply those smarts. It won’t alter the token contents in the Text part vs. the HTML part, instead saying “This URL is entirely under your control.” That’s good in some ways, but also dangerous.

The solution

If you disable link tracking (or might at any point) you’ve gotta have a different {{my.token}} for the Text part.