Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

✨feat: add base64 encoded email protection #110

Merged
merged 1 commit into from
Aug 18, 2023
Merged

Conversation

welpo
Copy link
Owner

@welpo welpo commented Aug 18, 2023

TL;DR

Introduced a feature to protect email addresses from spambots using base64 encoding. Emails can be added in plain text or pre-encoded to prevent scraping, especially from public repos. Decoding occurs client-side via JavaScript.

Description

This PR introduces a feature that protects email addresses from spambots by optionally allowing them to be base64 encoded, either to hide them from potential scraping in public repos or for in-site protection.

The email addresses are then decoded on the client side using ~400 bytes of JavaScript, ensuring genuine users see the actual email, while offering a level of protection against spambots that don't execute JavaScript.


Key features

  1. Flexible configuration in TOML:

    • Users can add their email in plain text.
    • Alternatively, users can pre-encode their email in base64, which is especially useful to prevent scraping from public repositories.
    • Provides an option (encode_plaintext_email) to encode the plaintext email on the website.
  2. JavaScript decoding:

    • A decoding function is triggered on page load to populate the actual email link.
    • Supports decoding non-ascii characters, accommodating internationalised email addresses (reference) like pelé@example.com or медведь@с-балалайкой.рф.
    • If JavaScript is disabled, the email remains hidden.
  3. Tera temple integration:

    • The templating engine processes the email configuration and determines whether to present the encoded or actual email.
    • Checks the validity of a base64 encoded email to ensure it decodes to a valid email address.

Changes made

  1. Updated TOML configuration:

    • Added email and encode_plaintext_email configuration options to handle emails, along with comments explaining the features.
  2. Added JavaScript decoder:

    • New file: decodeMail.min.js (and decodeMail.js, for reference) which contains functions to decode base64 emails and update the href of email links.
  3. Enhancements in Tera template:

    • Updated the footer.html template to incorporate the encoded email functionality.
    • Conditionally load the JavaScript decoding function based on email encoding needs.
  4. Documentation:

    • The post explaining JavaScript-dependent features has been updated to reflect this new feature (in all 3 languages).

How to use

  • E-mail decoding for spambot protection: If you wish to guard your email against spambots scraping from your website, simply set the configuration encode_plaintext_email = true. You can set the email variable to your actual e-mail, unless…

  • Public repository protection: For those who have their sites on public repositories and wish for an additional layer of security, it's recommended to pre-encode your email into a base64 string before adding it to the configuration. This ensures that even if spambots scrape the repository, they won't get the plain-text email.

To encode your email in base64, you can use online tools or run from your terminal: printf 'mail@example.com' | base64.


Inspiration

This idea is based off (or copied, at least the concept) the Abridge theme.

@welpo welpo added the enhancement New feature or request label Aug 18, 2023
@welpo welpo merged commit 6dc6e51 into main Aug 18, 2023
@welpo welpo deleted the feat/encoded-email branch August 18, 2023 17:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant