Addresses the 3 Important issues + 4 follow-ups flagged by the
final code review subagent.
## Important fixes
- **getNextRef pagination** (cloudflare-worker/hubspot-proxy.js):
previously used HubSpot search with limit:100 without pagination,
causing reference-number collisions once contact count exceeded
100 (= search results don't guarantee ordering by ref). Now
paginates through all results via paging.next.after cursor to
find the true numeric maximum. ~10 API calls for 1000 contacts.
- **Turnstile reset after Worker calls** (js/form-handler.js):
Cloudflare Turnstile tokens are single-use server-side. Without
explicit reset, a re-submit would 403 silently from siteverify.
New helper resetTurnstile() clears window.turnstileToken and
calls window.turnstile.reset() to force a fresh challenge. Called
after both requestVerification and sendWelcomeBack flows.
- **notifyDuplicateViaFormspree removed** (js/form-handler.js):
was actively POSTing returning customers' name+email to Formspree
(FORMSPREE_ID='mojrvokp' = real endpoint, sentinel guard never
triggered). PII leak to a third-party service inconsistent with
the new Resend-only architecture. Function + call site removed.
## Dead code purge
- form-handler.js: removed generateRefNumber (= dead, no callers),
submitToHubSpot, submitToFormspree, notifyDuplicateViaFormspree
functions. Removed constants HUBSPOT_PORTAL_ID, HUBSPOT_FORM_GUID,
FORMSPREE_ID, EMAILJS_PUBLIC_KEY, EMAILJS_SERVICE_ID,
EMAILJS_TEMPLATE_ID, EMAILJS_TEMPLATE_WELCOME_BACK. Removed
emailjs.init() block. Net -111 lines.
- contact.html + confirmation.html: removed <script> tag loading
EmailJS browser SDK from jsDelivr (~30KB gzipped per page).
- cloudflare-worker/hubspot-proxy.js: removed unused HUBSPOT_PORTAL_ID
+ HUBSPOT_FORM_GUID constants. Removed listSubscriptions and
subscribe action handlers (= 0 callers in frontend, debug-only,
reachable by unauthenticated POST without Turnstile guard).
- cloudflare-worker/DEPLOIEMENT.md: KV ID note updated to reflect
the actual ID in wrangler.toml.
## Net diff
-116 lines (= 92 added, 208 removed across 4 files).
Refs: post-cutover polish, addresses code review 2026-05-07.
The .btn class uses display:inline-flex with align-items:center but
no justify-content, so text stuck to the left when the parent flex
stretched the buttons to fill the row. Add justify-content:center
scoped to the confirmation card actions.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Flux complet du double opt-in :
1. User soumet le formulaire → contact créé en HubSpot avec sa référence
2. HubSpot envoie un email 'Confirmez votre inscription'
3. User clique 'Confirmer' → HubSpot le marque 'subscribed'
4. HubSpot redirige vers confirmation.html?email=...
5. La page lit l'email, appelle le Worker Cloudflare pour récupérer la
référence du contact, et déclenche l'envoi de l'email de bienvenue
via EmailJS (avec la référence dedans)
6. Affiche succès + référence à l'écran
Idempotence via localStorage pour éviter de spammer l'email à chaque
rechargement de la page.
À configurer dans HubSpot Settings > Marketing > Email > Confirmation
d'inscription : URL de redirection après confirmation =
https://mva-global-fret.github.io/site-mva-global-fret/confirmation.html?email={{contact.email}}
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>