How and why email code is different to web code
Think about how a user gets to a website; they may type a URL into the browser or do a search and click on a result. Users are actively going to the website. Email is the other way around; emails get sent to a user.
For someone to be able to do something malicious like install a virus on a user's computer, the user needs to go to that website actively. If the same were possible in email, just opening an email could be dangerous. Email is an open protocol so that anyone can email you. With these restrictions on email code, there is still a risk. Someone can send a link to a malicious website, but the user must still click on it for any danger.
So, if HTML and CSS are safe, why are they much more restricted in email than on the web? The email code goes through an "HTML Sanitizer," which can remove or edit parts of the code. Again, this is to help keep the end users safe. Suppose we think about the example of someone emailing a link to a malicious website. Without any restrictions, they could style that link to be positioned over the whole email client, so when the user clicks the "mark as spam" button, they are actually clicking the dangerous link instead. This is just one example, but many security risks email clients take into account when building these sanitizers.
One of the other significant differences is consistency. If you look across web browsers, they have differences in feature support, but there are few these days. These differences can be much more significant if you look across email clients. This is because each email client builds their own HTML sanitizers based on their research, ideas, and opinions, meaning each one is a little different.
If we were to take a stripped-down email design and code it like we would code a web page, we can see it has several issues when viewed by certain email clients.
Applemail has a lot of support for HTML and CSS. The email will look pretty much the same as it would when opened in Safari or any browser.
Windows Outlook has very limited support for HTML and CSS. The email won't look great here.
These issues are fixable, and we’ll go over them through this course.