Jump to content
Roope

Email Obfuscation (EMO)

Recommended Posts

ProcessWire Email Obfuscation (EMO)

Email Obfuscation module for plaintext emails and email links with 64 base crypting.

Download | GitHub
 

This module finds all plaintext emails and email links from the content and replaces them with span elements. All the addresses are stored in 64 base encoded srings to JavaScript array in souce code. Then on client side browser finds emo_email span elements, replaces and encodes them back to email addresses. All emails inside form elements are left untouched. Same as anchor texts, unless it's email address. You can define default text string for replaced email address in module config. Both emo touched span and anchor elements have 'emo_email' class name that you can use for css/js.

Install

  1. Create new folder into /site/modules/ and rename it as you wish. 'EmailObfuscation' or simply 'emo' are good choises.
  2. Download the contents of this repository to your computer and upload it to newly created folder.
  3. Login to processwire and go to Modules page and click 'Check for new modules'. Find emo and click install.
  4. You can make optional configuration changes in module admin page.

Thanks

This is ProcessWire module fork from MODX Evolution plugin emo E-Mail Obfuscation.
http://modx.com/extras/package/emoemailobfuscation
 

EDITED ON: 2013-03-03 - Added description.


Hello all. Just found PW few days ago and it's already looking awesome! Here comes first contribute and some questions for developing it further.

There was one existing email obfuscator on reposity that didn't use any crypting for addresses so I decided to do a little test run and port the one that we currenly use with MODX Evo to ProcessWire module.

I'd like to make PageAutocomplete like gonfigure option to admin so that one could select and set templates to exclude module action. It looks like autocomplete is tied to pages and since templates are not set to system as pages this is option is no go, am I right?

  • Like 9

Share this post


Link to post
Share on other sites

Welcome!

I think ASMSelect would be a good fit instead of autocomplete in module config - I know that works.

Share this post


Link to post
Share on other sites

OK, ASMSelect did the job perfectly. Thanks!

Another question:

In Hello world example module admin pages are restricted by: if($page->template == 'admin') return;

$template array also holds another admin pages like role and user so is there some easy way skip these in loop without naming all of them?

foreach ($this->templates as $t) {
    if ($t != 'admin') { // !in_array($t, array(admin,role,user)); is this proposed way?
        $f->addOption($t->id, $t->name);
    }
}

I just need same template names that are visible on Setup > Templates.

Share this post


Link to post
Share on other sites

What I've been doing in another module is removing all templates flagged as system. That's probably what you want to do here too.

foreach ($this->templates as $t) {
    // skip system templates
    if (!($t->flags & Template::flagSystem)) {
       $f->addOption($t->id, $t->name);
    }
} 
  • Like 2

Share this post


Link to post
Share on other sites

Is there a reason why $field->collapsed = Inputfield::collapsedBlank; works as expected with InputfieldAsmSelect but does nothing with InputfieldCheckbox in module config?

Share this post


Link to post
Share on other sites
Is there a reason why $field->collapsed = Inputfield::collapsedBlank; works as expected with InputfieldAsmSelect but does nothing with InputfieldCheckbox in module config?

I think we had a bug related to this awhile back. It should be fixed in 2.3. But for now this might work:

$field->collapsed = $field->attr('checked') ? Inputfield::collapsedYes : Inputfield::collapsedNo; 

Thanks for your work with this module. When you get a chance, please add to the modules.processwire.com directory. 

Share this post


Link to post
Share on other sites

Thanks Ryan! This got work done perfectly.

There's still one thing I can't get figured out. With InputfieldPageAutocomplete in module config I can set parent_id and template_id to limit results. How could I configure it so that all admin pages plus the ones limited in $this->exclude_tpls config would be left out from results?

I get what I want by using InputfieldAsmSelect but I think InputfieldPageAutocomplete would fit much better here:

$f = $this->modules->get('InputfieldAsmSelect');
$f->label = 'Exclude in pages';
$f->attr('name', 'exclude_pages');
$f->attr('value', $this->exclude_pages);
$home = $this->pages->get("/");
$pages = $home->children;
$pages->prepend($home);
foreach ($pages as $p) {
    if (!in_array($p->template->id, $this->exclude_tpls)) {
        $f->addOption($p->id, $p->name);
    }
}
$inputfields->add($f);

Share this post


Link to post
Share on other sites

The parent_id and template_id are one way to go, but you could instead use 'findPagesSelector'. You can set this to a Field object, or you can set it to an InputfieldPageAutocomplete instance, like this:

$f = $this->modules->get('InputfieldPageAutocomplete');
$f->label = 'Exclude in pages';
$f->attr('name', 'exclude_pages');
$f->attr('value', $this->exclude_pages);
 
$selector = "parent_id=1, template!=admin";
foreach($this->exclude_tpls as $name) {
  $selector .= "|$name";
}
// example: parent_id=1, template!=admin|this|that|whatever
$f->findPagesSelector = $selector; 

  • Like 1

Share this post


Link to post
Share on other sites
Almost one year later I'm happy to say that I finally got this autocomplete feature implemented to exclude pages option. Also forced mailto links can now be disabled from module config. Version got bumped to 1.0.2.

This also means that our love and relationship with PW is soon having it's first birthday. What a year! Still having butterflies in stomach.

  • Like 8

Share this post


Link to post
Share on other sites

I think we had a bug related to this awhile back. It should be fixed in 2.3. But for now this might work:

$field->collapsed = $field->attr('checked') ? Inputfield::collapsedYes : Inputfield::collapsedNo; 

Thanks for your work with this module. When you get a chance, please add to the modules.processwire.com directory. 

Hey Ryan,

I just came across this issue on the latest dev version - presumably with stable as well. I ended up going with your fix for now, although for anyone stumbling across this, the Yes and No need to be reversed in the ternary operator.

Share this post


Link to post
Share on other sites

Just installed this module.

It seems to be adding the classes to the email and adding mailto, but in the source, the actual email address is as clear as day... :)

Share this post


Link to post
Share on other sites

It seems to be adding the classes to the email and adding mailto, but in the source, the actual email address is as clear as day... :)

Hi Joss!

If classes are added and it turns email strings to mailto links then it sounds like it's working like it should be. My first guess is that you are looking at generated source code, e.g. using inspect element tool from the browser? Decryption is done on client side so in this case, all is fine.

Document source code from server should have predefined text string wrapped to span elements (with emo class and unique id) in place of email addresses.

Share this post


Link to post
Share on other sites

@Roope -

great module! Used on a recent site; And now trying to use it on a new site, but having 2 issues:

1.) There was a point where there was accidentally an email address in the meta description of the site, and that triggered the emo, which broke the page; any way to disable it in the head section?

2.) the emo is triggering on a retina image (@2x in the image name...)

Thanks!

Share this post


Link to post
Share on other sites

Thanks Macrura!

I just pushed fix for these, so if you can please see how it does. Thanks!

Share this post


Link to post
Share on other sites

@Roope - ok awesome - many thanks ! I will be back on the project soon and will report back..

Share this post


Link to post
Share on other sites

@roope - i downloaded the latest version, and replaced it, but it still picks up the retina images, which are marked up like this:

<a href="/" class="retina-logo" data-dark-logo="/site/templates/images/lk-logo-dark@2x.png">

i guess there is no way to prevent this sort of thing, because i see in the code that the module will exclude head, images and forms.., but this is a link with a data attribute...

but maybe there could be an option to allow the module to only work on parts of the page in a setting, for example, "container classes to apply the obfuscation to", then it would be possible for designers to limit to only specific places in the page, which would reduce the chance of it picking up images with the @ symbol..

thanks..!

Share this post


Link to post
Share on other sites

OK, this one is bit tricky..

 
Currently emo uses regex to leave head, form and img tags untouched. Link element can't be left untouched since we're parsing emails.
 
Parsing unregular language like html with regular expressions is always on risky side. For that reason adding support for emo container class like you suggested would need proper DOM parser and IMO that introduces too much heavy lifting for the small need.
 
So, at least for now, you have the following options:
 
1. Use @2x names on a img tag
2. Disable current page from module settings
3. Disable current template from module settings
 
From these I would personally just go with number one:
 
<a href="/" class="retina-logo">
   <img src="../lk-logo-dark.png" data-dark-logo="../lk-logo-dark@2x.png" />
</a>

  • Like 1

Share this post


Link to post
Share on other sites

@Roope - thanks - really appreciate the reply!

Will take a look at the options and come up with a workaround for this site...

thanks again for making this module..

Share this post


Link to post
Share on other sites

This worked great on my local server but when I installed it on the real server pages with email addresses fail. I get ERR_EMPTY_RESPONSE. I wasn't able to find any more clues but if I ever do I'll let you know. Both setups are running 2.5.10 dev.

Share this post


Link to post
Share on other sites

This module works great, but does it have to completely overwrite the classes of the containing element? Can it not just append emo_email to any existing classes?

Share this post


Link to post
Share on other sites

While testing your module I found out that it doesn't work properly in some cases:

//no need to obfuscate, since there is no E-Mail Adress
<a href="mailto:?subject=Lorem%20Ipsum&body=Lorem%20Ipsum!">Foo</a>
<a href="mailto:?subject=Lorem Ipsum!">Foo</a>

//doesn't work with the following examples
<a href="mailto:mail@example.org?subject=Lorem Ipsum!">Foo</a>
<a href="mailto:mail@example.org?subject=Lorem%20Ipsum&body=Lorem%20Ipsum!">Foo</a>

For the 1st Example the module should leave the code untouched. Replacement only necessary if '@' is found.

For 2nd Example I can offer a solution

REPLACE

// urlencode a possible subject
$matches[1] = preg_replace_callback("!(.*\?(subject|body)=)([^\?]*)!i",
function ($m) { return rawurlencode($m[3]); }, $matches[1]);

// the function removes the questionmark, the words 'subject' and 'body' and the equalsign from the querystring 

WITH

// urlencode a possible subject and body, no matter if already urlencoded
$_matches = preg_replace_callback("!(^\?*)?((\??subject|\??body)=([^&]+)){1,2}!i",
function ($m) { return $m[1].$m[3].'='.rawurlencode(rawurldecode($m[4])); }, $matches[1]);

I tested a little bit and it worked well with my solution.
 

  • Like 3

Share this post


Link to post
Share on other sites
Thanks for your input kixe!

Sorry I'm little late to the party but I finally got some time to look this through on summer vacation. There was also some other issues with the module that I wanted to fix while I'm there so here it goes:

I updated the mailto link regex to match only cases where actual email address is also present so your 1st example doesn't get obfuscated no more.

While your fix for the second example worked really well, I decided to leave whole url encoding part off since it didn't seem to be vital for this module to work.

I also changed the way emo avoids @2x named images to be triggered as false positives so now markup like what @Macrura had in the example here works. Before it was only possible with image tags which were skipped from obfuscation. Old method also failed when there was image inside mailto link.


And last but not least; matched mailto link markup doesn't get replaced anymore by new element. We'll use the original captured html and just add required emo_email class to the link - like what @joey102030 just suggested here one post earlier.

I've pushed a new commit to Github that contains all these modifications. Please test it out and report any issues you may find. Thanks!



Share this post


Link to post
Share on other sites

I've doubled up on javascripts and apparently it's causing an issue.  I recently started working on an interactive map on my site, the problem is that since I'm rendering the HTML on an event (click of the state loads .html(<div>...john@email.com...) ), it's loading the replacement text instead of my email addresses.  Are there any steps I can take to make it work properly without blocking the template altogether?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By MoritzLost
      Process Cache Control
      This module provides a simple solution to clearing all your cache layers at once, and an extensible interface to perform various cache-related actions.
      The simple motivation behind this module was that I was tired of manually clearing caches in several places after deploying a change on a live site. The basic purpose of this module is a simple Clear all caches link in the Setup menu which clears out all caches, no matter where they hide. You can customize what exactly the module does through it's configuration menu:
      Expire or delete all cache entries in the database, or selectively clear caches by namespace ($cache API) Clear the the template render cache. Clear out specific folders inside your site's cache directory (/site/assets/cache) Clear the ProCache page render cache (if your site is using ProCache) Refresh version strings for static assets to bust client-side browser caches (this requires some setup, see the full documentation for details). This is the basic function of the module. However, you can also add different cache management action through the API and execute them through the module's interface. For this advanced usage, the module provides:
      An interface to see all available cache actions and execute them. A system log and logging output on the module page to see verify what the module is doing. A CacheControlTools class with utility functions to clear out different caches. An API to add cache actions, execute them programmatically and even modify the default action. Permission management, allowing you granular control over which user roles can execute which actions. The complete documentation can be found in the module's README.
      Plans for improvements
      If there is some interest in this, I plan to expand this to a more general cache management solution. I particular, I would like to add additional cache actions. Some ideas that came to mind:
      Warming up the template render cache for publicly accessible pages. Removing all active user sessions. Let me know if you have more suggestions!
      Links
      https://github.com/MoritzLost/ProcessCacheControl ProcessCacheControl in the Module directory CHANGELOG in the repository Screenshots


    • By Macrura
      PrevNextTabs Module
      Github: https://github.com/outflux3/PrevNextTabs
      Processwire helper modules for adding page navigation within the editor.
      Overview
      This is a very simple module that adds Previous and Next links inline with the tabs on the page editor. Hovering over the tab shows the title of the previous or next page (using the admin's built in jqueryUI tooltips.)
      Usage
      This module is typically used during development where you or your editors need to traverse through pages for the purpose of proofing, flagging and/or commenting. Rather than returning to the page tree or lister, they can navigate with these links.
      Warnings
      If you are using PW version 2.6.1 or later, the system will prevent you from leaving the page if you have unsaved edits.
      For earlier versions, to avoid accidentally losing changes made to a page that might occur if a user accidentally clicks on one of these, make sure to have the Form Save Reminder module installed.
      http://modules.processwire.com/modules/prev-next-tabs/
    • By Gadgetto
      SnipWire - Snipcart integration for ProcessWire
      Snipcart is a powerful 3rd party, developer-first HTML/JavaScript shopping cart platform. SnipWire is the missing link between Snipcart and the content management framework ProcessWire.
      With SnipWire, you can quickly turn any ProcessWire site into a Snipcart online shop. The SnipWire plugin helps you to get your store up and running in no time. Detailed knowledge of the Snipcart system is not required.
      SnipWire is free and open source licensed under Mozilla Public License 2.0! A lot of work and effort has gone into development. It would be nice if you could donate an amount to support further development:

      Status update links (inside this thread) for SnipWire development
      2020-03-21 -- SnipWire 0.8.5 (beta) released! Improves SnipWires webhooks interface and provides some other fixes and additions 2020-03-03 -- SnipWire 0.8.4 (beta) released! Improves compatibility for Windows based Systems. 2020-03-01 -- SnipWire 0.8.3 (beta) released! The installation and uninstallation process has been heavily revised. 2020-02-08 -- SnipWire 0.8.2 (beta) released! Added a feature to change the cart and catalogue currency by GET, POST or SESSION param 2020-02-03 -- SnipWire 0.8.1 (beta) released! All custom classes moved into their own namespaces. 2020-02-01 -- SnipWire is now available via ProcessWire's module directory! 2020-01-30 -- SnipWire 0.8.0 (beta) first public release! (module just submitted to the PW modules directory) 2020-01-28 -- added Custom Order Fields feature (first SnipWire release version is near!) 2020-01-21 -- Snipcart v3 - when will the new cart system be implemented? 2020-01-19 -- integrated taxes provider finished (+ very flexible shipping taxes handling) 2020-01-14 -- new date range picker, discount editor, order notifiactions, order statuses, and more ... 2019-11-15 -- orders filter, order details, download + resend invoices, refunds 2019-10-18 -- list filters, REST API improvements, new docs platform, and more ... 2019-08-08 -- dashboard interface, currency selector, managing Orders, Customers and Products, Added a WireTabs, refinded caching behavior 2019-06-15 -- taxes provider, shop templates update, multiCURL implementation, and more ... 2019-06-02 -- FieldtypeSnipWireTaxSelector 2019-05-25 -- SnipWire will be free and open source Plugin Key Features
      Fast and simple store setup Full integration of the Snipcart dashboard into the ProcessWire backend (no need to leave the ProcessWire admin area) Browse and manage orders, customers, discounts, abandoned carts, and more Multi currency support Custom order and cart fields Process refunds and send customer notifications from within the ProcessWire backend Process Abandoned Carts + sending messages to customers from within the ProcessWire backend Complete Snipcart webhooks integration (all events are hookable via ProcessWire hooks) Integrated taxes provider (which is more flexible then Snipcart own provider) Useful Links
      SnipWire in PW modules directory SnipWire Docs (please note that the documentation is a work in progress) SnipWire @GitHub (feature requests and suggestions for improvement are welcome - I also accept pull requests) Snipcart Website  
      ---- INITIAL POST FROM 2019-05-25 ----
       
    • By horst
      Croppable Image 3
      for PW 3.0.20+
      Module Version 1.2.0
      Sponsored by http://dreikon.de/, many thanks Timo & Niko!
      You can get it in the modules directory!
      Please refer to the readme on github for instructions.
       
      - + - + - + - + - + - + - + - + - + - NEWS - 2020/03/19 - + - + - + - + - + - + - + - + - + - 
      There is a new Version in the pipe, that supports WebP too: 
       
      - + - + - + - + - + - + - + - + - + - NEWS - 2020/03/19 - + - + - + - + - + - + - + - + - + - 
       
       
      -------------------------------------------------------------------------
       
      Updating from prior versions:
       
      Updating from Croppable Image 3 with versions prior to 1.1.7, please do this as a one time step:
      In the PW Admin, go to side -> modules -> new, use "install via ClassName" and use CroppableImage3 for the Module Class Name. This will update your existing CroppableImage3 module sub directory, even if it is called a new install. After that, the module will be recogniced by the PW updater module, what makes it a lot easier on further updates.
      -------------------------------------------------------------------------
       
      For updating from the legacy Thumbnail / CropImage to CroppableImage3 read on here.
       
      -------------------------------------------------------------------------
       
×
×
  • Create New...