Added :encode option to mail_to that'll allow you to masquarede the email address behind javascript or hex encoding #494 [Lucas Carlson]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@493 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
author: David Heinemeier Hansson <david@loudthinking.com> 2005-01-24 13:48:24 +0000
committer: David Heinemeier Hansson <david@loudthinking.com> 2005-01-24 13:48:24 +0000
commit: 45db66de56d4f5c4cd83aba782015d5ce752f3a2 (patch)
tree: bbe515990a81cf1afc161d5dad39837a27081965
parent: 505e2d99da9f0e199dd0bf248fc1db77145730ba (diff)
download: rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.tar.gz
rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.tar.bz2
rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.zip
3 files changed, 42 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG
index 684c16c4b3..85c4b41f86 100644
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@@ -1,5 +1,7 @@
 *SVN*
 
+* Added :encode option to mail_to that'll allow you to masquarede the email address behind javascript or hex encoding #494 [Lucas Carlson]
+
 * Fixed that the content-header was being set to application/octet_stream instead of application/octet-stream on send_date/file [Alexey]
 
 * Removed the need for passing the binding when using CacheHelper#cache
diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb
index 0113c42eb7..0661c961b6 100644
--- a/actionpack/lib/action_view/helpers/url_helper.rb
+++ b/actionpack/lib/action_view/helpers/url_helper.rb
@@ -91,8 +91,35 @@ module ActionView
 
       # Creates a link tag for starting an email to the specified <tt>email_address</tt>, which is also used as the name of the
       # link unless +name+ is specified. Additional HTML options, such as class or id, can be passed in the <tt>html_options</tt> hash.
+      #
+      # You can also make it difficult for spiders to harvest email address by obfuscating them.
+      # Examples:
+      # * mail_to "me@domain.com", "My email", :encode => "javascript"
+      # => <script type="text/javascript" language="javascript">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>
+      # * mail_to "me@domain.com", "My email", :encode => "hex"
+      # => <a href="mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d">My email</a>
       def mail_to(email_address, name = nil, html_options = {})
-        content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{email_address}" })
+        encode = html_options[:encode]
+        html_options.delete(:encode)
+        string = ''
+        if encode == 'javascript'
+          tmp = "document.write('#{content_tag("a", name || email_address, html_options.merge({ "href" => "mailto:"+email_address.to_s }))}');"
+          for i in 0...tmp.length
+            string << sprintf("%%%x",tmp[i])
+          end
+          "<script type=\"text/javascript\" language=\"javascript\">eval(unescape('#{string}'))</script>"
+        elsif encode == 'hex'
+          for i in 0...email_address.length
+            if email_address[i,1] =~ /\w/
+              string << sprintf("%%%x",email_address[i])
+            else
+              string << email_address[i,1]
+            end
+          end
+          content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{string}" })
+        else
+          content_tag "a", name || email_address, html_options.merge({ "href" => "mailto:#{email_address}" })
+        end
       end
 
       private
diff --git a/actionpack/test/template/tag_helper_test.rb b/actionpack/test/template/tag_helper_test.rb
index c3289af50c..2db1bac238 100644
--- a/actionpack/test/template/tag_helper_test.rb
+++ b/actionpack/test/template/tag_helper_test.rb
@@ -14,5 +14,17 @@ class TagHelperTest < Test::Unit::TestCase
     assert_equal "<a href=\"create\">Create</a>", content_tag("a", "Create", "href" => "create")
   end
 
+  def test_mail_to_with_javascript
+  	assert_equal "<script type=\"text/javascript\" language=\"javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", "My email", :encode => "javascript")
+  end
+
+  def test_mail_to_with_hex
+  	assert_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex")
+  end
+
+  def test_mail_to
+  	assert_equal "<a href=\"mailto:me@domain.com\">My email</a>", mail_to("me@domain.com", "My email")
+  end
+
   # FIXME: Test form tag
 end
 \ No newline at end of file
author	David Heinemeier Hansson <david@loudthinking.com>	2005-01-24 13:48:24 +0000
committer	David Heinemeier Hansson <david@loudthinking.com>	2005-01-24 13:48:24 +0000
commit	45db66de56d4f5c4cd83aba782015d5ce752f3a2 (patch)
tree	bbe515990a81cf1afc161d5dad39837a27081965
parent	505e2d99da9f0e199dd0bf248fc1db77145730ba (diff)
download	rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.tar.gz rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.tar.bz2 rails-45db66de56d4f5c4cd83aba782015d5ce752f3a2.zip