1

I'm sorry if this is duplicating another post. I have a possible answer to a question in another post but I'm not sure if its a good solution and I wanted to ask people for their views.

The problem is the one raised in this post, how to protect emails from spam bots.

Rather than have the addresses on the page, split into different vars and then assembled by JavaScript, I send an ajax request to the server (just a GET to the welcome_controller) with a key ie 'address_id_42' in the params and it returns a mailto link which is then inserted into the page.

Is there any gain by not having any address data on the page initially? Is any advantage immediately lost by the fact the server will just hand out mailto links if you send it the right address id?

I could easily extend it so the server replies with some custom structure which gets unraveled by the js, but I agree that really this is not the right place to focus and that better spam filtering is the way forward, but I'm interesting in what people think to using ajax as a level of obfuscation?

Cheers :)

Community
  • 1
  • 1
Sujimichi
  • 466
  • 7
  • 16

2 Answers2

1

It depends on the kind of website it is.

  • Is the page only accessible after authentication (login)?
  • Is there another (simpler) way of doing it rather than getting it using AJAX?

The answer to your question really depends on these things.

But in a general way, yes, it might help. But such AJAX requests should only be triggered by some "humanly" action like clicking on "show email" button or something like that.

Also you could convert the email text to an image (which I believe is pretty easy to do with PHP).

Also other solutions could involve separating the two parts of the email address (part before and after '@' symbol) by putting them in different 'spans' etc.

mmtauqir
  • 8,499
  • 9
  • 34
  • 42
  • Cheers for the answers. access is public and yes it could well be done more simply! I think that my best course (as its a corp site) is to have very minimal obfuscation and have harder span filters (as suggested in [this post](http://stackoverflow.com/questions/163628/making-email-addresses-safe-from-bots-on-a-webpage) – Sujimichi Aug 08 '11 at 12:39
1

I think obfuscating content through AJAX is a great idea. However, you can also try ready to use third party implementations like Mailhide instead of building all of this yourself. You get an additional layer of security by making the user fill up a CAPTCHA before the email address is revealed.

Gaurav Gupta
  • 5,380
  • 2
  • 29
  • 36
  • Thanks for answering. The implementation (in rails) was so simple, but on the whole I take your point, use already built stuff! – Sujimichi Aug 08 '11 at 12:45