demo
templates
install
contact
Home Help Obfuscation

E-mail Address Obfuscation

Email addresses are obfuscated with JavaScript to prevent e-mail harvesting robots from reading them for spam mailing lists...

If a visitor has JavaScript disabled on their browser, they should be able to cut-and-paste the e-mail address into their e-mail program.

If a raw e-mail address is included in the content, such as testcontentor.net, the address itself is still visible and available for cut-and-paste even with with JavaScript off. If the email address is linked to some other text with the [email=... tag, such as click here to e-mail , the e-mail address will be shown in parenthesis after the link text if JavaScript is off.

Hopefully, anyone who cuts and pastes the visible link will know to edit out the spaces. Also hopefully, this will be a minor inconvenience since this will only be to those who have JavaScript off. Perhaps a worse inconvenience is that obfuscated links have no ‘href’ attribute value, and therefore they link back to the site home page, but only if JavaScript is off.

The code

For those interested in the inner workings, here the code generated for the raw link:

<a href="" onClick="location.href='mail'+'to:test' + String.fromCharCode(64) + 'contentor.net';return false;">test<script language="JavaScript">document.write('@');</script><noscript>&#173;&#064;&shy;</noscript>contentor.net</a>

And the code for the linked text:

<a href="" onClick="location.href='mail'+'to:test' + String.fromCharCode(64) + 'contentor.net';return false;">click here to e-mail</a> <noscript> (test&#173;&#064;&shy;contentor.net) </noscript>

This code will change slightly from version to version just to make it harder to program a robot to decode the script.


Further Considerations

A test routine to see if any e-mail addresses are visible to robots, see http://willmaster.com/possibilities/demo/RetrieveEmails.cgi

You should always turn JavaScript off on your browser to test your new web site creations. See the tip page on enabling JavaScript if you need a clue how to disable JavaScript on your browser.

To further foil the e-mail harvesting robots, the forms processor allows the 'to' e-mail address to be entered with a '*' in the place of the '@'.

Of course, the robots may get "smarter"... but it should be a long time before it is profitable for them to waste a lot of time processing this obfuscation. As soon as the robots start working hard enough to decrypt this, we'll just change the code a bit!