Bug #17454
closedEncrypting email addresses could be better
0%
Description
I know there is a function to encrypt email addresses:
config.spamProtectEmailAddresses
With two other functions, there is no mailto anymore in the webpage, and the @ can be replaced by (at) and the "." by (dot) for example.
But I think it can be improved, because with this system the source looks like this:
<a href="javascript:linkTo_UnCryptMailto('jxfiql7zxiwxXzxiwx+co');" >name(at)domain(dot)com</a>
An intelligent spamming robot will be able to replace the (at) and the (dot) by their corresponding character, so the email is not protected enough. And on the webpage the address appear strange with those (dot) and (at) stuff.
Before using typo3 I used drupal. In drupal there is also a spam protection system, but the display of the email address is given to the javascript function as well. This has two main advantages :
- the address appear correctly in the webpage. in my example we will see : name@domain.com
- but the address appear nowhere (really nowhere) in the source code.
On my drupal website I have something like this :
<h3>mail address</h3><script type="text/javascript" language="javascript">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69
%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a
%62%6f%6e%69%66%61%63%65%2e%72%6f%63%61%40%77%61%6e%61%64%6f%6f
%2e%66%72%22%3e%62%6f%6e%69%66%61%63%65%2e%72%6f%63%61%40%77%61
%6e%61%64%6f%6f%2e%66%72%3c%2f%61%3e%27%29%3b'))</script>
So as you can see, the email is not in the source. I think this is a better protection system...
You can look at the webpage here:
http://www.mindenice.fr/entreprise/clairazur.html
Thanks
(issue imported from #M5937)