bplist00Ò_WebSubresources_WebMainResourceŁ Ô _WebResourceResponse_WebResourceData^WebResourceURL_WebResourceMIMETypeObbplist00Ô Y$archiverX$versionT$topX$objects_NSKeyedArchiver† Ń _WebResourceResponse€Ż )/078?GOZNS.objectsWNS.keys§@ABCDEF€€€€€€€§HIJKLMN€€ € € € € €€VServer]Last-ModifiedTDate^Content-LengthTEtag\Content-TypeSAgeVApache_Thu, 09 Feb 2006 03:08:46 GMT_Wed, 24 May 2006 20:18:21 GMTT5443_"138445f-1543-43eab23e"S496Ò12^_Ł_`6_NSMutableDictionary\NSDictionaryÒ12bcąc6_NSHTTPURLResponseInternalÒ12efŁfg6_NSHTTPURLResponse]NSURLResponse$)2DILbd€†©Ź°ł·șœÁÄÇËÎŃŰÛßâäæèêìőűú+-/1«°čÄÈÎŐȚù  (*,.0246>@BDFHJLNUchw|‰”ŽÔÙóśü#(+GLPdhrOC/* // +----------------------------------------------------------------------+ // | Orginial Code Care Of: | // +----------------------------------------------------------------------+ // | Copyright (c) 2004 Bitflux GmbH | // +----------------------------------------------------------------------+ // | Licensed under the Apache License, Version 2.0 (the "License"); | // | you may not use this file except in compliance with the License. | // | You may obtain a copy of the License at | // | http://www.apache.org/licenses/LICENSE-2.0 | // | Unless required by applicable law or agreed to in writing, software | // | distributed under the License is distributed on an "AS IS" BASIS, | // | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | // | implied. See the License for the specific language governing | // | permissions and limitations under the License. | // +----------------------------------------------------------------------+ // | Author: Bitflux GmbH | // | http://blog.bitflux.ch/p1735.html | // +----------------------------------------------------------------------+ // // +----------------------------------------------------------------------+ // | Heavily Modified by Jeff Minard (07/09/04) | // | Slightly Modified by Michael D. Adams (06/14/05) | // +----------------------------------------------------------------------+ // | Same stuff as above, yo! | // +----------------------------------------------------------------------+ // | Author: Jeff Minard | // | http://www.creatimation.net | // | Author: Michael D. Adams | // | http://blogwaffe.com/ | // +----------------------------------------------------------------------+ */ var liveReq = false; var t = null; var liveReqLast = ""; var liveReqLastAuthor = ""; var liveReqLastURL = ""; var isIE = false; var inputElement; var outputElement; var doitElement; var authorElement; var urlElement; // on !IE we only have to initialize it once if (window.XMLHttpRequest) { liveReq = new XMLHttpRequest(); } function liveReqInit() { inputElement = document.getElementById(inputId); outputElement = document.getElementById(outputId); doitElement = document.getElementById(doitId); authorElement = document.getElementById(authorId); urlElement = document.getElementById(urlId); if( inputElement == null || outputElement == null || doitElement == null ) return; if (navigator.userAgent.indexOf("Safari") > 0 || navigator.product == "Gecko") { doitElement.addEventListener("click",liveReqStart,false); } else { doitElement.attachEvent('onclick',liveReqStart); isIE = true; } if(emptyString == '') { // set the result field to hidden, or to default string outputElement.style.display = "none"; } else { outputElement.innerHTML = emptyString; } } addLoadEvent(liveReqInit); function liveReqStart() { if (t) { window.clearTimeout(t); } t = window.setTimeout("liveReqDoReq()",400); } function liveReqDoReq() { var req = ''; var proceed = false; if (authorElement) { if ( (liveReqLast != inputElement.value || liveReqLastAuthor != authorElement.value || liveReqLastURL != urlElement.value) && inputElement.value != "") { proceed = true; outputElement.innerHTML = 'Loading.'; } } else { if (liveReqLast != inputElement.value && inputElement.value != "") { proceed = true; outputElement.innerHTML = 'Loading.'; } } if ( proceed == true) { if (liveReq && liveReq.readyState < 4) { liveReq.abort(); } if (window.XMLHttpRequest) { // branch for IE/Windows ActiveX version } else if (window.ActiveXObject) { liveReq = new ActiveXObject("Microsoft.XMLHTTP"); } liveReq.onreadystatechange = liveReqProcessReqChange; if(authorElement) { req = "&author=" + encodeURIComponent(authorElement.value) + "&url=" + encodeURIComponent(urlElement.value); liveReqLastAuthor = authorElement.value; liveReqLastURL = urlElement.value; } liveReq.open("POST", processURI); liveReqLast = inputElement.value; liveReq.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded;'); liveReq.send("text=" + encodeURIComponent(inputElement.value) + req); } else if(inputElement.value == "") { if(emptyString == '') { outputElement.innerHTML = ''; outputElement.style.display = "none"; } else { outputElement.innerHTML = emptyString; } } } function liveReqProcessReqChange() { if (liveReq.readyState == 4) { outputElement.innerHTML = liveReq.responseText; if(emptyString == '') { outputElement.style.display = "block"; } } else { outputElement.innerHTML += '.'; } } //Care Of (Thnx Dude!): Simon Willison http://simon.incutio.com/archive/2004/05/26/addLoadEvent function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != 'function') { window.onload = func; } else { window.onload = function() { oldonload(); func(); } } } _whttp://www.somethinkodd.com/oddthinking/wp-content/plugins/AJAX%20Comment%20Preview%20for%20STO/ajax-comment-preview.js_application/x-javascriptÔ Oabplist00Ô Y$archiverX$versionT$topX$objects_NSKeyedArchiver† Ń _WebResourceResponse€Ż )/078?HQZNS.objectsWNS.keysš@ABCDEFG€€€€€€€€šIJKLMNOP€€ € € € € €€€VServer]Cache-ControlTDate_Transfer-EncodingWExpires\X-Powered-By\Content-TypeSAgeVApache_must-revalidate_Wed, 24 May 2006 20:18:21 GMTXIdentity_Fri, 23 Jun 2006 20:18:21 GMTYPHP/4.4.1S497Ò12bcŁcd6_NSMutableDictionary\NSDictionaryÒ12fgąg6_NSHTTPURLResponseInternalÒ12ijŁjk6_NSHTTPURLResponse]NSURLResponse$)2DILbd‚ˆ«źČ”čŒżĂÆÉÍĐÓÚĘáäæèêìîśúü!-/13†šž€«ŽÏÖŰÚÜăîöÿ    "$&(*1?DX`mz~…—·Ààêîóś ">CG[liOB var SendDemocracy = "/oddthinking/wp-content/plugins/democracy/democracy.php?demSend=true"; var GetDemocracy = "/oddthinking/wp-content/plugins/democracy/democracy.php?demGet=true"; function initDemocracy() { // initiates the two objects for sending and receiving data httpReceiveVotes = dem_getHTTPObject(); httpSendVotes = dem_getHTTPObject(); view_results = document.getElementById('view-results'); if (view_results) { view_results.href = "javascript: SeeResults();"; } addAnswer = document.getElementById('jalAddAnswer'); if (addAnswer) { addAnswer.onclick = function () { this.style.display = "none"; document.getElementById('jalAddAnswerRadio').style.display = "inline"; document.getElementById('jalAddAnswerRadio').checked = true; document.getElementById('jalAddAnswerInput').style.display = "inline"; all_inputs = document.getElementsByTagName('input'); for (var i = 0; i < all_inputs.length; i++) { if (all_inputs[i].getAttribute('name') == "poll_aid" && all_inputs[i].getAttribute('id') != "jalAddAnswerRadio") { all_inputs[i].onclick = function () { document.getElementById('jalAddAnswerRadio').style.display = "none"; document.getElementById('jalAddAnswerInput').style.display = "none"; document.getElementById('jalAddAnswerInput').value = ""; document.getElementById('jalAddAnswer').style.display = "inline"; } } } return false; } } } function ReadVote () { var the_vote; the_poll = document.getElementById("democracyForm"); for (x = 0; x < the_poll.poll_aid.length; x++) { if (the_poll.poll_aid[x].checked) { the_vote = the_poll.poll_aid[x].value; } } if (!the_vote) { alert ("You must vote first!"); } else { SendVote(the_vote); } return false; } function SeeResults() { poll_id = document.getElementById("poll_id").value; if (httpReceiveVotes.readyState == 4 || httpReceiveVotes.readyState == 0) { httpReceiveVotes.open("GET",GetDemocracy + '&poll_id='+poll_id+'&rand='+Math.floor(Math.random() * 1000000), true); httpReceiveVotes.onreadystatechange = function () { if (httpReceiveVotes.readyState == 4) { results = httpReceiveVotes.responseText; the_poll = document.getElementById("democracy"); height = the_poll.offsetHeight; the_poll.style.minHeight = height + "px"; the_poll.innerHTML = results; } } httpReceiveVotes.send(null); } else { setTimeout('SeeResults()', 500); } } function jal_getCookie(name) { var dc = document.cookie; var prefix = name + "="; var begin = dc.indexOf("; " + prefix); if (begin == -1) { begin = dc.indexOf(prefix); if (begin != 0) return null; } else begin += 2; var end = document.cookie.indexOf(";", begin); if (end == -1) end = dc.length; return unescape(dc.substring(begin + prefix.length, end)); } function SendVote (the_vote) { poll_id = document.getElementById("poll_id").value; cookie = jal_getCookie('demVoted_'+poll_id); if (cookie) { alert("Go stuff the ballot box elsewhere!"); return; } else { new_vote = document.getElementById('jalAddAnswerInput'); if (new_vote && new_vote.value != "") param = 'vote='+encodeURIComponent(new_vote.value)+'&new_vote=true&poll_id='+poll_id; else param = 'vote='+the_vote+'&poll_id='+poll_id; date = new Date(); date.setTime(date.getTime()+(90*24*60*60*1000)); var expires = "expires="+date.toGMTString();";" document.cookie = "demVoted_"+poll_id+"="+the_vote+";"+expires+";path=/oddthinking;"; if (httpSendVotes.readyState == 4 || httpSendVotes.readyState == 0) { httpSendVotes.open("POST", SendDemocracy, true); httpSendVotes.setRequestHeader('Content-Type','application/x-www-form-urlencoded'); httpSendVotes.send(param); } else { setTimeout('SendVote('+the_vote+')', 400) } } // Let the query take some time to run.. setTimeout('SeeResults()', 400); } // brothercake's generic onload // http://www.brothercake.com/site/resources/scripts/onload/ if(typeof window.addEventListener != 'undefined') { //.. gecko, safari, konqueror and standard window.addEventListener('load', initDemocracy, false); } else if(typeof document.addEventListener != 'undefined') { //.. opera 7 document.addEventListener('load', initDemocracy, false); } else if(typeof window.attachEvent != 'undefined') { //.. win/ie window.attachEvent('onload', initDemocracy); } //initiates the XMLHttpRequest object //as found here: http://www.webpasties.com/xmlHttpRequest function dem_getHTTPObject() { var xmlhttp; /*@cc_on @if (@_jscript_version >= 5) try { xmlhttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } catch (E) { xmlhttp = false; } } @else xmlhttp = false; @end @*/ if (!xmlhttp && typeof XMLHttpRequest != 'undefined') { try { xmlhttp = new XMLHttpRequest(); } catch (e) { xmlhttp = false; } } return xmlhttp; }_Khttp://www.somethinkodd.com/oddthinking/wp-content/plugins/democracy/js.phpÔO)bplist00Ô Y$archiverX$versionT$topX$objects_NSKeyedArchiver† Ń _WebResourceResponse€Ż )/078?GOZNS.objectsWNS.keys§@ABCDEF€€€€€€€§HIJKLMN€€ € € € € €€VServer]Last-ModifiedTDate^Content-LengthTEtag\Content-TypeSAgeVApache_Sat, 31 Dec 2005 03:22:23 GMT_Wed, 24 May 2006 20:18:22 GMTS474_"1a40050-1da-43b5f96f"S496Ò12^_Ł_`6_NSMutableDictionary\NSDictionaryÒ12bcąc6_NSHTTPURLResponseInternalÒ12efŁfg6_NSHTTPURLResponse]NSURLResponse$)2DILbd€†©Ź°ł·șœÁÄÇËÎŃŰÛßâäæèêìőűú+-/1†‹”ŸŁ©°čÂÉËÍÏÖáéńóőśùûęÿ   ,1@ERV]}ĄșŸĂÇĘêïò+h9OÚ.democracy-choice { display: block; background: #06c; height: 3px; border-bottom: 2px solid #05a; font-size: 1px; } .dem-choice-border { margin: 8px 0; display: block; background: #fff; height: 5px; width: 100px; border: 1px solid #ccc; } /* BLIX fixies */ #democracy input { width: auto; } #democracy ul { padding: 0; } #democracy label { float: none; display: inline; } #voted-for-this { border: 1px solid #333;} #dem-total-votes { } #poll-question { } #democracy { }_Rhttp://www.somethinkodd.com/oddthinking/wp-content/plugins/democracy/democracy.cssXtext/cssÔ_WebResourceTextEncodingNameUUTF-8O„v OddThinking » EmailShroud

OddThinking

A blog for odd things and odd thoughts.
Register | Login
Experiment; Don't Click.

EmailShroud

EmailShroud is a WordPress plugin.

What does it do?

In order for spammers to send email to millions of people, they need millions of email addresses. One way to get these addresses is to automatically search the web, harvesting email addresses from unsuspecting web-sites. EmailShroud helps to protect email addresses that are published on a WordPress Blog.

Note: EmailShroud is not like most of the anti-spam plugins for WordPress. EmailShroud does not protect the blog against Comment Spam. EmailShroud helps to protect the owner, authors and other people mentioned on a blog from receiving email spam.

How does it work?

EmailShroud does more than just use “escape codes”, which is a poor-man’s solution to this problem.

It uses JavaScript to “obfuscate” the email address. Spammers don’t run JavaScript during their harvesting, as it would take too much effort and is unlikely to help produce many more email addresses. Almost all browsers used to actually read blogs do run JavaScript – the browser transparently decodes the email address without the reader even noticing.

EmailShroud gracefully handles browsers that are not running JavaScript.

How do I install it?

Installation is simple, and you should have the basic system up and running in a couple of minutes.

  1. Install the file.
    1. Get the latest version of EmailShroud.
    2. Extract the file sto_emailshroud.php and copy it to your Word Press directory, under the wp-content\plugins subdirectory, on your server.
  2. Activate the plug-in.
    1. Login to your WordPress Admin site.
    2. Select the Plugins page.
    3. Under the Plugins tab, find EmailShroud and click Activate.

The system is now installed and activated. It will handle almost all of the situations and almost all of your readers’ browsers.

You may like to read Limitations of EmailShroud to find out about the tiny minority of situations that EmailShroud won’t automatically handle.

You may like to read Advanced Settings of EmailShroud to find out about how to improve the look-and-feel for the tiny minority of users who aren’t running JavaScript.

Features

What EmailShroud will detect and protect

EmailShroud will search for email addresses in the following places:

  • The contents of WordPress pages.
  • The contents of posts.
  • The contents of post excerpts.
  • The contents of RSS feeds.

It will search for:

  • Links to email addresses (i.e. anchor tags with mailto addresses.)
  • Email addresses written in the content of a post with the text mailto: in front of it.
  • Email addresses simply written in the content of a post.

Limitations of EmailShroud

In the following rare circumstances, EmailShroud may pass through the email addresses, unprotected:

  • Multiple email addresses within a single anchor tag, including ‘cc’ and ‘bcc’ addresses.
  • Domain names with multiple consecutive dashes.
  • Email addresses in WordPress page titles and post titles.
  • Where the anchor tag is malformed, so it is not recognized as an anchor tag.
  • Where the email tag appears outside of the pages, posts, excerpts and RSS feeds. In particular, in a list of links in a side-bar or in templates.

In the following rare circumstances, EmailShroud may damage existing links:

  • Where a user-name and password is included in a URL.
    • i.e. using the userinfo subcomponent of a URL.
    • This is rarely used outside of phishing attempts.
  • Where the anchor tag is malformed, so it is not recognized as an anchor tag.
  • Automatically generated excerpts may have their email addresses stripped.
    • See below for more information.
  • Email addresses in Category Descriptions.
    • This bug-fix is pending the repair of another bug-fix in WordPress

Special Behaviour for Excerpts

In some circumstances (for example, category views or for RSS feeds) an excerpt of a post may appear. WordPress allows the author to produce their own excerpt – if they don’t, an automatically generated excerpt is used.
If the user manually enters an excerpt, it is treated by EmailShroud much like regular content. If WordPress automatically generates an excerpt, it strips all tags, and the email address will not appear.

Compatibility

WordPress

EmailShroud requires WordPress 1.5, or above. It has been tested on WordPress 1.5.2 and WordPress 2.0.

Browsers

EmailShroud has been tested on:

  • Mozilla Firefox 1.0.4 (Windows)
  • Microsoft Internet Explorer 6.0 (Windows)
  • Opera 8.0.2 (Windows)

EmailShroud may sometimes break strict compliance to XHTML. It may put a “noscript” tag inside other tags, like a paragraph tag. This is a perfectly safe action - if the browser does not expect the tag it should be ignored, which is the correct behaviour. However, you may receive warnings if the web-site is passed through an XHTML validator; they can be ignored. Correcting this issue is likely to make the plug-in far more complicated, and increase the size of the download, but this will be considered for inclusion in a later version.

Advanced Settings for EmailShroud

Dealing without JavaScript.

For users with JavaScript, EmailShroud appears transparent – they won’t even notice it is there.

However, a small minority of people use browsers which do not support JavaScript – often this is for reasons of extra security. For these users, EmailShroud is noticeable. There are three ways that EmailShroud can handle these cases, known as “Action Plans”

Divert to default decoder page on EmailShroud site.

The default behaviour is to replace the email address with a link to a decoder web-page on SomethinkOdd.com. This web-page decodes the obfuscated email address and displays it, but the user must type it in manually to their email program.

Note: This default behaviour diverts the user to a 3rd party web-site – i.e. this one. In the unlikely case that the amount of bandwidth used by this service becomes non-trivial, I reserve the right to add (tasteful) adverts to the page that they see. I understand that may be unacceptable to some people, and I offer them two alternative actions plans – see below.

Transform Address

One alternative action plan is to include the email address in the text, after being transformed in some way so it is no longer recognizable as an email address (e.g. including some garbage in the email address, with instructions to the reader to remove it.

You can use the default transformation, or change the parameters to produce your own. I encourage you to produce your own to (a) localize the text to your blog’s language or style, and (b) to prevent spammers from writing code to overcome this technique.

The transformation occurs in three parts:

  • a prefix, placed before the address.
  • a replacement for the @ symbol.
  • a suffix, placed after the address.

This allows popular transformations like:

  • replace the “@” with “@NOSPAM.” Or “@REMOVEME”
  • replace the “@” with “ AT “.
  • Optionally, add some text to explain to people how to modify the address.
Divert to custom decoder page in the template file

A third action plan is still is to redirect the user to a script running on your own site. In theory, this means they will continue to see the colours and style of your own site. In practice, this requires non-trivial modifications to your WordPress template.

How to Set and Debug the Options

  1. Open the Options Panel
    1. Login to your WordPress Admin site.
    2. Select the Options page.
    3. Click on the EmailShroud tab.
  2. Select the Desired Action Plan.
  3. If you chose to divert to the EmailShroud Site there is nothing more to do.
  4. If you chose Transform, you can select the desired transformation parameters.
    • Tip: Take care with leading and trailing spaces.
  5. If you chose to divert to your own custom decoder, you need to ensure there is a PHP file in your template directory to handle it.
    • Here is an example code fragment that does the computation – the required change is to make it fit with your web-sites side-bars, headers, styles, etc.
    • This is likely to be non-trivial. I would like to hear from you if you were successful, especially with any of the more popular themes.
    • I’d appreciate it if you would include a pointer to the http://www.somethinkodd.com/emailShroud home page in the HTML source.
  6. Test your settings by turning off JavaScript in your browser, and clicking on an email address.

Support

Feel free to report any bugs you notice or any suggestions you have. I plan to spend a limited amount of time on support.

Acknowledgements and Further Reading

  • Joe Maller describes a similar technology – some of the ideas from that site were helpful in improving my code.
  • Transpose Email is a much simpler WordPress plugin with a very similar goal. As of V1.2, it doesn’t automatically replace all email addresses - it requires the author to manually enter a special piece of code instead of an email address. This makes it harder to use, but it won’t trip up if you are someone who has to put usernames and passwords in a URL. It requires your reader’s browser to support JavaScript. Nonetheless, this plugin is worth keeping an eye on as a potential alternative to EmailShroud.
  • EmailCloak offer a similar technology for a small price.
  • The Enkoder plugin for Ruby on Rails has a similar goal. It includes some very basic encryption (ROT3?). It isn’t suitable for WordPress, but may work with some of the WordPress competitors.
  • The “regular expressions” that form the basis of the code were influenced by some of the items at the RegExLib.com Regular Expression Library.
  • I have tried hard to comply to the official advice on writing a plugin.

Version History

  • 1.0.1 Lowered filter priorities to avoid clash with PHP Markdown 1.0.1b, and later
  • 1.0.0 First version to go live.
  • 0.91 Beta Test version

Comments

RSS feed for comments on this post. TrackBack URI

  1. Comment by Ajay on October 2, 2005

    Provided a link to your plugin from my page.

  2. Comment by Richard Hendrix on October 9, 2005

    Julian,

    Thanks for stopping by and letting me know about the email addy outside the norm
 I really appreciate it. I have no complains about the functioning of emailshroud plugin for the site. I have had no problem with it playing nice with the other plugins on the site.

    richard

  3. Comment by John on November 7, 2005

    Nice, seems works without a hitch, but since the complete email addres is still in the source (although separated from the mailto:) are you sure they can’t still be harvested?

  4. Comment by Julian on November 7, 2005

    Thanks John!

    The aim of EmailShroud is to make it hard enough to harvest the email address that spammers don’t bother, and instead look elsewhere - or even better, get a real job.

    You raise an important point, that I have considered carefully.

    If EmailShroud became insanely popular, it might start to become worthwhile for a spammer to automate the detection of EmailShroud and decode the addresses.

    I did start out with some ambitious plans to encrypt the email address with a randomised secret key to make this even more secure, but I realised I was kidding myself. I will deal with the encumbent problems of overwhelming popularity when (and if) they occur. Until then, the simple obfuscation should be more than sufficient. It’ll also load faster than a full solution.

    When the proportion of WordPress blogs that use EmailShroud rises above, say, 0.5%, come right back here for a slower, more secure solution!

  5. Pingback by schimana.net » Blog Archive » EmailShroud-Test on November 13, 2005

    [
] EmailShroud-Test Mal sehen, ob der neue Plugin fĂŒr Wordpress funktioniert. Damit sollen Email nicht mehr fĂŒr Spam-Robots auszulesen sein [
]

  6. Comment by Mardeg on December 24, 2005

    There is another action plan you could include, or which could even replace the “transform address” option. Generate a random textlogo of the email and use inline CSS to shrink it down to resemble normal text.
    A proof-of-concept is in my link.
    Even with javascript and images turned off in a browser it will display. If styling is turned off it’s just shown unshrunken.

  7. Comment by Julian on December 30, 2005

    EmailShroud 1.0.1 has now been tested against WordPress 2.0; it works without modification.

  8. Comment by Julian on December 30, 2005

    Mardeg’s solution is a cunning one. The Javascript draws your email address as ASCII art, and shrinks down the characters to one-pixel high to make it bit-mapped ASCII art! Nice trick!

    The downside, to quote Mardeg, is that it is the “most bloated human-readable email hider in the world!” A quick test took 9KB to include a 14-character email address!

    I don’t plan to add this option to EmailShroud but will reconsider if there is demand.

  9. Comment by Julian on January 3, 2006

    Note to self:

    Features I would like to add, one day, include:

    * Appropriate license agreement to explain you can freely change the code, but I would appreciate you letting me know, and leaving my name on there somewhere.

    * While it works fine under the old-style (numeric) user levels, it would be prettier to explicitly use the new WP 2.0 roles.

    * Adding a “no follow” tag to the generated HTML would mean that Google would pointlessly hit my site, less often.

    * It would be cool to have an action plan to generate a gif, but I still don’t know how to cleanly do that from within a plugin. (Hacking .htaccess files doesn’t attract me.)

  10. Comment by Julian on February 9, 2006

    EmailShroud 1.0.1 has now been tested against WordPress 2.0.1; it works without modification.

  11. Comment by Julian on February 9, 2006

    Updated page with reference to Enkoder. Thanks to Alastair.

  12. Comment by Jason on March 2, 2006

    I’ve had hard time downloading it today. Not sure if it’s my web connection


    J.

  13. Comment by Julian on March 2, 2006

    Jason,

    The download is working fine for me. Please try again.

  14. Comment by Julian on March 17, 2006

    Business Blog Consulting points out that EmailShroud can’t be used for email addresses hard-coded within your theme files.

    I’ll give that some thought in the next version (which remains an unplanned future hope at this stage.)

  15. Comment by Julian on April 2, 2006

    Under the section on limitations of EmailShroud, I wrote that it doesn’t handle:

    Multiple email addresses within a single anchor tag, including ‘cc’ and ‘bcc’ addresses.

    Here are two specific examples that aren’t handled:

    • Having an anchor tag with a title field that contains an email address: <a href=”email address” title=”email address“>Contact Me</a>
    • Putting the email address as both the text of the anchor tag and the href field: <a href=”email address” >email address</a>

  16. Comment by Alan on April 7, 2006

    I’ve been trying EmailShroud out and have a question: I’d like to link to my email address, with the linked text also being my email address (for example a@b.com. Whilst EmailShroud breaks up and ‘enshrouds’ the hyperlink reference, it doesn’t seem to do anything to do the linked text, which seems to appears normally in the source of the webpage. Given that, can this be safe?

  17. Comment by Julian on April 7, 2006

    Alan,

    Thanks for trying EmailShroud out.

    You are absolutely right; putting the email address in the same tag twice will fool EmailShroud, and leave your email address in plain text.

    While I knew that this was a theoretical limit of EmailShroud from the beginning, I only saw this limit actually affect someone for the first time about a week ago.

    I documented as a limitation in the original description, but last week I added a comment above clarifying this warning.

    Originally, I didn’t think this was a serious limitation, but you are the second person to encounter this - so it is clearly a real issue. I will need to give some thought to how the plugin can be modified to handle this.

    In the meantime, I recommend you avoid creating such links in your HTML. Leave the email address in the href tag, but remove it from the link text and title field.

    Thanks for your feedback.

  18. Pingback by Spam experiment - rm -rf /bLog on April 20, 2006

    [
] Check for updates soon I’ve forgot to disable EmailShroud plugin. Now all spammers robots have perfect access to this page. [
]

  19. Pingback by Wireless » Blog addi(c)tions .::::::. le blog de SkyMinds on April 21, 2006

    [
] Et oui
 j’ai osé  Je me suis amusĂ© Ă  ajouter un petit live counter sur le thĂšme principal du blog : cela affiche le nombre de personnes connectĂ©es ainsi que le nombre de membres, Ă  la maniĂšre des forums. J’ai ajoutĂ© d’autres plugins Ă©galement : Impostericide, pour Ă©viter que certains signent leur commentaire avec le nom de membres enregistrĂ©s, Search Everything pour rechercher sur tout le contenu du blog (pages inclues) et EmailShroud pour protĂ©ger vos adresses email des spam bots. Enfin, Akismet est dĂ©sormais activé : vu l’ampleur du spam ces temps-ci (une bonne cinquantaine par jour) cela est devenu nĂ©cessaire. Bloody spammers
 :-/ [
]

  20. Comment by Mortaine on May 22, 2006

    I’m going to use EmailShroud for a club blog, but I’d be interested in having it just strip out email addresses, and not display them even if spammers did have JavaScript enabled. This would respect people’s email address privacy, and the blog has a contact form that interested persons can use anyway.

    Any tips for modifying the script to disable the part where it writes in the JavaScript, and just displays a mangled email address (something like the way Yahoo! does it would work, where the domain is replaced with “
”).

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Click the "Preview" button to preview your comment here.
_Ehttp://www.somethinkodd.com/oddthinking/emailshroud-wordpress-plugin/Ytext/html 15>Tfu‹ń8ČÍÖ;33Ï3Ű89ă:8:A:J:h:nŸèż0ż: