Discussion Forums
- Topic List
- Most Recent Posts
- Sign In for more options
Oh, what an interesting way to do that! I didn't realize what was happening; guess I should have View(ed) Source. Looks like plain text to me, yet possibly not to an automated email address harvester. Of course, it's only a matter of time until they catch on to that trick, in this ever-present arms race between spammers and decent people, but at least that will buy us some time.
Hi Dave. Thanks for the comments.
The email address is obscured by converting the characters to HTML entities. So " t e s t @ d s c . n e t " it is encoded as "test@dsc.net". I believe this is working. However, if you're using something like Inspect Element in your browser you may find that your browser is decoding them for you. Try View Source instead and you should see the encoded characters.
Having said that, it's probably not the most secure way of doing it. We should probably use a Javascript based solution instead. Do you or anyone else have any recommendations?
The profile editing screen says "The address is spam protected when displayed" (under the text entry box for email address). However, when viewing the profile, I see no signs of it being spam protected -- it's plain text, unmunged. Were you thinking that not making it a mailto link was enough, or was there additional protection you intended to apply, like munging it, making it graphics instead of text, or what?
