npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

email-cloack

v1.0.2

Published

Simple and accessible email cloacking module

Downloads

4

Readme

Simple and accessible email cloacking technique

email-cloack is a simple JavaScript library to obfuscate an email address in NodeJS. Actually, it could be used also in the browser (it's ES5 compatible) but it will be pointless, since in that case the email address would be passed in as clear text to the oemail function.

It's a JavaScript porting of the PHP script by Carlo Perassi available at https://perassi.org/quickhacks/aec/aec.txt

Motivations behind this technique are available on archive.org at http://web.archive.org/web/20110221010757/http://perassi.org/2007/09/24/an-accessible-email-cloaking-technique/

I’ve found a good list of techniques to achieve this task but when you can’t use anything like CSS, images or > JavaScript it’s harder so I’ve written a small PHP script that uses two techniques:

  • writing everything (text and email) directly in hexadecimal;
  • putting, between each character of the text, a (X)HTML comment with random content (‘@’ or ‘>’ as suggested).

In other words, calling

$email = '[email protected]';
$testo = 'text to show';
echo oemail($email);

would show something like the source of this file.

The result is not enough to save your life but it can be a decent method, though.

You can download it here.

Example

As an example, the result of cloacking the email address [email protected] is:

<a
  href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#99;&#97;&#114;&#108;&#111;&#64;&#115;&#111;&#109;&#101;&#46;&#119;&#104;&#101;&#114;&#101;"
>
  &#99;<!-- > -->&#97;<!-- > -->&#114;<!-- > -->&#108;<!-- > -->&#111;<!-- > -->&#64;<!-- > -->&#115;<!-- @ -->&#111;<!-- @ -->&#109;<!-- @ -->&#101;<!-- > -->&#46;<!-- > -->&#119;<!-- @ -->&#104;<!-- @ -->&#101;<!-- > -->&#114;<!-- @ -->&#101;<!-- @ --></a
>

(See the source code of: http://perassi.org/quickhacks/snippets/aec/aec1.html)

Installation

npm install email-cloack

Usage

const { oemail } = require("email-cloack");

// returns an anchor tag with the scrambled email address as "mailto" and as
// content of the tag itself.
// e.g. <a href="mailto:[email protected]>[email protected]</a>
oemail("[email protected]");

// returns an anchor tag with the scrambled email address as "mailto"
// and "Contact us" as inner text
oemail("[email protected]", true, "Contact us");

// return just the scrambled email address, with no enclosing <a> tag.
oemail("[email protected]", false);

Alternative techniques

Please note that this technique is not 100% spammer proof. Valid - or even better - alternative techniques can be, for example, obfuscation with CSS using

CSS obfuscation

unicode-bidi: bidi-override;
direction: rtl;

See for example: https://elizavetasemenova.github.io/blog/2016/12/02/obfuscate-email-with-CSS

Character rotation

email-scramble module, available at https://www.npmjs.com/package/email-scramble

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

License

GNU/GPL