I'm trying to e up with a JavaScript email obfuscator to reduce the chance for spam in emails listed on a web site. Right now I've got a JavaScript based obfuscator that uses a bination of HTML encoding & JavaScript to convert an obfuscated email into a normal email transparently.
What I do is this:
Format the "mailto:" part of the href in links to be HTML encoded like:
mailto:
I also encode the email, replacing the @ sign with (a), so that the email reads something like:
stackoverflow(a)example
I then use some JavaScript to decipher all mailto links which have this (a) sign in the email and convert them to @ on page load.
This works fairly well. For people using browsers with JavaScript enabled, they see everything working normally. For people without JavaScript enabled, every mail client I know would consider the email address as invalid, however the user should be able to infer what is needed to correct the symbol.
I was wondering if there was any better (less intrusive (or at best, not very intrusive) but more spammer resistant) way of obfuscating emails on a web page.
As with any type of obfuscation, if a human or puter can easily de-obfuscate it, then a spammer could easily do the same. Because of this, I'm not expecting a foolproof obfuscation, however I was curious to see what other suggestions were out there. Searching Google didn't reveal any solutions that I consider better than my current solution. I was wondering if there were any other good alternatives.
I'm trying to e up with a JavaScript email obfuscator to reduce the chance for spam in emails listed on a web site. Right now I've got a JavaScript based obfuscator that uses a bination of HTML encoding & JavaScript to convert an obfuscated email into a normal email transparently.
What I do is this:
Format the "mailto:" part of the href in links to be HTML encoded like:
mailto:
I also encode the email, replacing the @ sign with (a), so that the email reads something like:
stackoverflow(a)example.
I then use some JavaScript to decipher all mailto links which have this (a) sign in the email and convert them to @ on page load.
This works fairly well. For people using browsers with JavaScript enabled, they see everything working normally. For people without JavaScript enabled, every mail client I know would consider the email address as invalid, however the user should be able to infer what is needed to correct the symbol.
I was wondering if there was any better (less intrusive (or at best, not very intrusive) but more spammer resistant) way of obfuscating emails on a web page.
As with any type of obfuscation, if a human or puter can easily de-obfuscate it, then a spammer could easily do the same. Because of this, I'm not expecting a foolproof obfuscation, however I was curious to see what other suggestions were out there. Searching Google didn't reveal any solutions that I consider better than my current solution. I was wondering if there were any other good alternatives.
Share Improve this question edited Aug 23, 2009 at 22:39 munity wiki2 revs
Dan Herbert 1
- Care to revisit this page Dan and mark an answer as accepted? Scott's answer worked for me. – Gray Commented Jul 17, 2013 at 15:24
4 Answers
Reset to default 7I've used HiveLogic Enkoder in the past with pretty good success. If anything you might want to take a look at how Dan's encoding works as it might give you some ideas to make an even more robust obfuscator.
If you really want to protect email adresses there will be no other way then generating images for non-JavaScript users.
I used to use something like this:
<script type="text/javascript">
//<![CDATA[
scrambler('c.arb@oof||mo');
//]]>
</script>
<noscript>
<img src="scrambler.php?t=c.arb@oof||mo" alt="Emailadresse" />
</noscript>
scramble is a very simple JavaScript function, I think you easily could figure out what it does. (It will result in: <a href="mailto:[email protected]">[email protected]</a>) scrambler.php is the same, except in php and a gd backend to generate images.
Figure something out that is not about some encodingtricks or replacing something by something else.
EDIT: Here is my algo:
function scrambler (text) {
parts = text.split("||");
var reverse = function (s) {
var ret ='';
for (var i=s.length-1;i>=0;i--)
ret+=s.charAt(i);
return ret;
}
text = reverse(parts[0])+reverse(parts[1]);
document.write(text);
}
I have used this generator http://www.wbwip./wbw/emailencoder.html service for awhile and it works great. I usually use parts of the encoded address and part that are not.
For example ...
[email protected] == user@po.com
I might change to...
[email protected] == user@po.com
One way to obfuscate the email for a puter would be to write the email as an image and not as text. This way it is still easy for a human to read the email adress and quite hard for a puter.
As stated by Steve Gilham it is not that hard to get the email with OCR. And text only browsers don't support them. Thus, Scott's solution is probably the best solution.