开发者

How can I obfuscate email addresses contained in 'free input' text fields in Django

问答 作者:

In my models I often use text fields that are intended to contain large pieces of textile-formatted input. I'd like to automatically obfuscate any email addresses that are entered into these text fields, so that when they're printed in a template they're not visible to spiders.

Is there a smart way to do this?

Update:

Based on lazerscience's answer below, this was the code i ended up using. I named the file encode_mailto.py, and put it in a templatetags directory, inside a 'utilities' type app that i install into most of my django projects.

import re
import random
from django.utils.safestring import mark_safe
from django import template
register = template.Library()

email_link_pat = re.compile(r'<a\s+href=("|\')?mailto:[^>]+>[^<]*</a>')
email_pat = re.compile(r'\b[-.\w]+@[-.\w]+\.[a-z]{2,4}\b')

def get_script(m):
    code_list = []
    for c in开发者_JS百科 m.group(0):
        d = ord(c)
        x = random.randint(0, d)
        code_list.append("%d+%d" % (x, d-x))

    return '<script type="text/javascript">document.write(String.fromCharCode(%s))</script>' % \
        ",".join(code_list)

def encode_mailto(text):
    text = email_link_pat.sub(get_script, text)
    text = email_pat.sub(get_script, text)
    return mark_safe(text)

register.filter('encode_mailto', encode_mailto)</pre>

Then use it in templates as follows:

{% load encode_mailto %}
{{"A bunch of text with an email address emailaddress@host.com"|encode_mailto }}

If you just want to use it as Template tag filter:

import re
import random
from django.utils.safestring import mark_safe


email_link_pat = re.compile(r'<a\s+href=("|\')?mailto:[^>]+>[^<]*</a>')
email_pat = re.compile(r'\b[-.\w]+@[-.\w]+\.[a-z]{2,4}\b')

def get_script(m):
    code_list = []
    for c in m.group(0):
        d = ord(c)
        x = random.randint(0, d)
        code_list.append("%d+%d" % (x, d-x))

    return '<script type="text/javascript">document.write(String.fromCharCode(%s))</script>' % \
        ",".join(code_list)

@register.filter
def encode_mailto(text):
    text = email_link_pat.sub(get_script, text)
    text = email_pat.sub(get_script, text)
    return mark_safe(text)

Then you can use it in your templates eg:

{{ "<a href='mailto:mail@email.com'>Send Mail</a>"|encode_mailto }}

Here's something that can be used.

Trick is to add a email obfuscation code that will make your email addresses hard to be captured using a non-js client.

Add it as a middlware, or rather as a simpletag that can act on objects containing textile data.

You can use django-email-obfuscator. First, install it:

$ pip install django-email-obfuscator

Then, add email_obfuscator to INSTALLED_APPS in settings.py:

INSTALLED_APPS = (
    # ...
    'email_obfuscator',
)

In your templates, you can protect email addresses with the obfuscate filter:

{% load email_obfuscator %}
{{ 'your@email.com'|obfuscate }}

继续阅读:automationdjangoemailobfuscationtextile

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9