Bad by default, configurable to downright evil

  • I apologize to the author as this plugin has an elegant UI, is nicely coded and looks useful. But I believe there are some misguided and na?ve approaches here that will hurt Web users at large, while not delivering the privacy that site owners expect.

    • The “Obfuscate entire email address” option is useless. Email scrappers can decode HTML entities just fine. Most scripting languages can do that in one line of code.
    • The CSS text direction technique is evil. Will break email addresses for blind people using screen readers, reading in reverse. (Section 508 compliance anyone?) Also breaks copy/paste.
    • Text direction is not only evil, it’s also useless, as the mailto: in the link includes the normal email address anyway.
    • The john [at] doe [dot] com approach to email obfuscation is a pain for end users, who actually want to contact you. A JS overlay (as actually suggested in this plugin’s source comments) would be preferred from an usability POV. Non-JS users can still get the “at/dot” text and deal with it.
Viewing 2 replies - 1 through 2 (of 2 total)

  • I read this, and have to ask – What would you do then?

    The plugin attempts to protect in many ways, each with upsides and downsides, I’m sure.

    If none of these methods work, what should we do to protect email addresses?

    Thread Starter Manuel Razzari

    (@manuelrazzari)

    There are other plugins that use a JS overlay to work around the problems mentioned here. (Do some searching – I don’t think it’s courteous to link to another plugin here.)

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Bad by default, configurable to downright evil’ is closed to new replies.