Added :encode option to mail_to that'll allow you to masquarede the email address behind javascript or hex encoding #494 [Lucas Carlson]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@493 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
2022-11-09 12:12:34 -05:00 · 2005-01-24 13:48:24 +00:00 · 2005-01-24 13:48:24 +00:00 · 45db66de56
commit 45db66de56
parent 505e2d99da
3 changed files with 42 additions and 1 deletions
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@ -1,5 +1,7 @@
 *SVN*

+* Added :encode option to mail_to that'll allow you to masquarede the email address behind javascript or hex encoding #494 [Lucas Carlson]
+
 * Fixed that the content-header was being set to application/octet_stream instead of application/octet-stream on send_date/file [Alexey]

 * Removed the need for passing the binding when using CacheHelper#cache
--- a/actionpack/lib/action_view/helpers/url_helper.rb
+++ b/actionpack/lib/action_view/helpers/url_helper.rb
@ -91,8 +91,35 @@ module ActionView

      # Creates a link tag for starting an email to the specified <tt>email_address</tt>, which is also used as the name of the
      # link unless +name+ is specified. Additional HTML options, such as class or id, can be passed in the <tt>html_options</tt> hash.
+      #
+      # You can also make it difficult for spiders to harvest email address by obfuscating them.
+      # Examples:
+      # * mail_to "me@domain.com", "My email", :encode => "javascript"
+      # => <script type="text/javascript" language="javascript">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>
+      # * mail_to "me@domain.com", "My email", :encode => "hex"
+      # => <a href="mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d">My email</a>
      def mail_to(email_address, name = nil, html_options = {})
-        content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{email_address}" })
+        encode = html_options[:encode]
+        html_options.delete(:encode)
+        string = ''
+        if encode == 'javascript'
+          tmp = "document.write('#{content_tag("a", name || email_address, html_options.merge({ "href" => "mailto:"+email_address.to_s }))}');"
+          for i in 0...tmp.length
+            string << sprintf("%%%x",tmp[i])
+          end
+          "<script type=\"text/javascript\" language=\"javascript\">eval(unescape('#{string}'))</script>"
+        elsif encode == 'hex'
+          for i in 0...email_address.length
+            if email_address[i,1] =~ /\w/
+              string << sprintf("%%%x",email_address[i])
+            else
+              string << email_address[i,1]
+            end
+          end
+          content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{string}" })
+        else
+          content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{email_address}" })
+        end
      end

      private
--- a/actionpack/test/template/tag_helper_test.rb
+++ b/actionpack/test/template/tag_helper_test.rb
@ -14,5 +14,17 @@ class TagHelperTest < Test::Unit::TestCase
    assert_equal "<a href=\"create\">Create</a>", content_tag("a", "Create", "href" => "create")
  end

+  def test_mail_to_with_javascript
+  	assert_equal "<script type=\"text/javascript\" language=\"javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", "My email", :encode => "javascript")
+  end
+
+  def test_mail_to_with_hex
+  	assert_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex")
+  end
+
+  def test_mail_to
+  	assert_equal "<a href=\"mailto:me@domain.com\">My email</a>", mail_to("me@domain.com", "My email")
+  end
+
  # FIXME: Test form tag
 end