Firstly, last names and emails are inaccessible through our API. On the server-side/backend, we have implemented counters that go through our database:
result.results.forEach(row => {
if (row.email.includes('@uoguelph.ca')) {
uniqueEmails.add(row.email);
}
if (row.name !== 'Withheld') {
firstNameCount++;
}
if (row.surname !== 'Withheld') {
lastNameCount++;
}
if (row.degree !== 'Withheld') {
degreeCount++;
}
if (row.email.includes('@')) {
emailCount++;
}
});
return {
guelphEmailCount: uniqueEmails.size,
firstNameCount,
lastNameCount,
emailCount,
degreeCount,
values,
};
We do this to calculate metrics on the front-end, being your device, to save on server-time and stuff like that - to keep our limits low. We are not a high budget operation, as is unfortunately quite evident.
The following JSON is what is returned when calling our API:
As demonstrated above, we strictly do not show last names or emails. Privacy is very important to many of us working on this petition, so we would like to emphasize this greatly for you all!
Of course, a turnstyle token is required. I will not spend too much time on this subject, as it is not very important.
When you submit data to us, it is HTTPS encrypted to the server. We then have a Cloudflare worker that processes the data. First, it content filters all forms through traditional means. We have an AI filtering backup should there be abuse of the form with harmful content.
After this, we securely store the data in a SQL database. You can see how the SQL database is accessed from the first code snippet.
All traffic is end-to-end encrypted.