#50093 & #50094: Using Website delivery but with masked short URL

Regarding POAP Drops #50093 and #50094, I have some further details about what we’re doing. I’ve setup “You’ve met…” POAPs for my wife and I to use at NFT.NYC next week (and possibly for future networking opportunities this year).

About me:

Patrick Haney (@notasausage on Twitter, @notasausage#8820 on Discord)

I chose the Website method of delivery because we’re each going to be using an NFC business card that opens a short URL directly on the other person’s smart phone when we meet them. That short URL is created on Short.io, which offers URL masking, and pointed to the POAP mint website link so the person minting the POAP will not be able to get access to the actual URL. We considered the Magic QR Dispenser (which we’ve used for other drops and works well) but thought this approach was a better experience overall but still secures the POAP mint URL.

This way we can also change the short URLs embedded on our NFC cards daily during next week’s NFT.NYC event (where we’ll be testing this out) and prevent anyone with the previous day’s short URL from sharing it with people who haven’t actually met us in person. We’ll be using unguessable short URLs (ex. agnt.is/7d36ns8jhd7dskd4) to improve the overall security as well.

1 Like

I’ve created a test drop (#50405) to try out tonight with a small group of folks locally at an NFT community event (less than 20 people). If that’s approved in the next hour or so, I can see how well this works and report back.

Hi @notasausage,

I’m keen to do a test drop myself, now that I have learnt some of the basics so thankyou for sharing some detail regarding your own.

Looking forward to hearing how it all goes, good luck tonight :heart_decoration:

Glad I had a chance to test this out tonight, found a couple issues.

  1. The Captcha Activated option when creating/editing a Website for a drop doesn’t seem to do anything (or works intermittently)

I left the Captcha Activated option unchecked, but the CAPTCHA appeared on the first phone (Android) we tried my NFC card on.The end user was still able to get the test POAP, but the CAPTCHA was annoying.

Anyone else who attempted to use the NFC card → Short URL → POAP saw the Cloudflare interstitial page. Which brings me to the second issue…

  1. When the CAPTCHA is enabled (on purpose or by accident), a masked short URL does not work at all

The short URL provider (Short.io) I’m using has a Link Cloaking option that I tested before heading out tonight, but it didn’t work at all with the POAP website URL because of the Cloudflare CAPTCHA (even when I didn’t “enable” it). You get a blank page (mobile) or a app.poap.xyz refused to connect. error (desktop). So I disabled it for testing and then changed the short URL after the event to prevent anyone from sharing it.

Looks like the CAPTCHA option is fixed! Can I get these POAPS approved? Will be updating the short URL (masking the POAP website URL) on the regular (every hour or so).

Hey folks, I realize the Curation team is swamped right now, but can I please get some eyes on this ASAP? Before NFT.NYC is over? I’m desperate to start using this setup.