FSFE
/
fsfe-website
28
27
Fork 78
Code Issues 63 Pull Requests 16 Releases Wiki Activity

Merge pull request 'Add <email> tag to obfuscate emails/strings for better bot protection' (#2578) from obfuscate-email into master
continuous-integration/drone/push Build is passing Details

Browse Source 
Reviewed-on: #2578
pull/2596/head
Max Mehl 1 year ago
parent 094d466c73 4ccf2a1e17
commit e52bf37519
9 changed files with 319 additions and 133 deletions
Show Stats Download Patch File Download Diff File

15
about/people/mehl/mehl.de.xhtml
Unescape Escape View File

@ -1,15 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<html>
<version>2</version>
<version>3</version>
<head>
<title>Max Mehl</title>
<style type="text/css">
/* this is just a small hack to avoid spams */
.zzz {display: none;}
.desc {font-size: 0.9em;font-style:italic;}
</style>
</head>
<body class="bio">
<p id="category"><a href="/about/team.html">Team</a></p>
@ -75,10 +70,10 @@
<h2 id="contact">Kontakt</h2>
<address>
E-Mail: max<span class="zzz">SPAM</span>.mehl@fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
Telefon: +49 30<span class="zzz">SPAM</span> 60 98 99<span class="zzz">REMOVE</span> 265<br />
Matrix: @max<span class="zzz">SPAM</span>.mehl:fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
XMPP/Jabber: max<span class="zzz">SPAM</span>.mehl@jabber.fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
E-Mail: <email mailto="yes">max.mehl@fsfe.org</email><br />
Telefon: <email>+49 30 60 98 99 265</email><br />
Matrix: <email>@max.mehl:fsfe.org</email><br />
XMPP/Jabber: <email>max.mehl@jabber.fsfe.org</email><br />
IRC: mxmehl@irc.libera.chat in <a href="https://web.libera.chat/?channels=#fsfe">#fsfe</a><br />
<br />
Twitter: <a href="https://twitter.com/mxmehl">@mxmehl</a><br />

15
about/people/mehl/mehl.en.xhtml
Unescape Escape View File

@ -1,15 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<html>
<version>2</version>
<version>3</version>
<head>
<title>Max Mehl</title>
<style type="text/css">
/* this is just a small hack to avoid spams */
.zzz {display: none;}
.desc {font-size: 0.9em;font-style:italic;}
</style>
</head>
<body class="bio">
<p id="category"><a href="/about/team.html">Team</a></p>
@ -73,10 +68,10 @@
<h2 id="contact">Contact</h2>
<address>
E-mail: max<span class="zzz">SPAM</span>.mehl@fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
Phone: +49 30<span class="zzz">SPAM</span> 60 98 99<span class="zzz">REMOVE</span> 265<br />
Matrix: @max<span class="zzz">SPAM</span>.mehl:fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
XMPP/Jabber: max<span class="zzz">SPAM</span>.mehl@jabber.fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
E-mail: <email mailto="yes">max.mehl@fsfe.org</email><br />
Phone: <email>+49 30 60 98 99 265</email><br />
Matrix: <email>@max.mehl:fsfe.org</email><br />
XMPP/Jabber: <email>max.mehl@jabber.fsfe.org</email><br />
IRC: mxmehl@irc.libera.chat in <a href="https://web.libera.chat/?channels=#fsfe">#fsfe</a><br />
<br />
Twitter: <a href="https://twitter.com/mxmehl">@mxmehl</a><br />

15
about/people/mehl/mehl.nl.xhtml
Unescape Escape View File

@ -1,15 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<html>
<version>2</version>
<version>3</version>
<head>
<title>Max Mehl</title>
<style type="text/css">
/* this is just a small hack to avoid spams */
.zzz {display: none;}
.desc {font-size: 0.9em;font-style:italic;}
</style>
</head>
<body class="bio">
<p id="category"><a href="/about/team.html">Team</a></p>
@ -57,10 +52,10 @@ Max is programmamanager bij de FSFE en coördineert initiatieven op de gebieden
<h2 id="contact">Contact</h2>
<address>
E-mail: max<span class="zzz">SPAM</span>.mehl@fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
Telefoon: +49 30<span class="zzz">SPAM</span> 60 98 99<span class="zzz">REMOVE</span> 265<br />
Matrix: @max<span class="zzz">SPAM</span>.mehl:fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
XMPP/Jabber: max<span class="zzz">SPAM</span>.mehl@jabber.fs<span class="zzz">REMOVE</span><span class="y">fe.org</span><br />
E-mail: <email mailto="yes">max.mehl@fsfe.org</email><br />
Telefoon: <email>+49 30 60 98 99 265</email><br />
Matrix: <email>@max.mehl:fsfe.org</email><br />
XMPP/Jabber: <email>max.mehl@jabber.fsfe.org</email><br />
IRC: mxmehl@irc.libera.chat in <a href="https://web.libera.chat/?channels=#fsfe">#fsfe</a><br />
<br />
Twitter: <a href="https://twitter.com/mxmehl">@mxmehl</a><br />

204
about/people/people.en.xml
View File

File diff suppressed because it is too large Load Diff

108
build/xslt/email-obfuscate.xsl
Unescape Escape View File

@ -0,0 +1,108 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- ====================================================================== -->
<!-- XML tag for obfuscating an email address against scaper bots -->
<!-- ====================================================================== -->
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:exsl="http://exslt.org/common">
<xsl:import href="../../tools/xsltsl/tokenize.xsl"/>
<!-- plain email is the input -->
<xsl:template name="email" match="email">
<xsl:param name="email" select="." />
<xsl:param name="mailto" select="@mailto" />
<!-- Split email on each character, creating a <token>character</token> element each -->
<xsl:variable name="email-tokens">
<xsl:call-template name="tokenize">
<xsl:with-param name="string" select="$email" />
<xsl:with-param name="delimiters" select="''" />
</xsl:call-template>
</xsl:variable>
<!-- Replace the most common characters (with 4 exceptions) with their respective HTML entity or Hex -->
<xsl:variable name="email-encoded">
<xsl:for-each select="exsl:node-set($email-tokens)/token">
<xsl:choose>
<!--
make sure only defined characters are replaced.
To increase confusion, we do not replace e, m, r, and .
-->
<xsl:when test="translate(text(), 'abcdfghijklnopqstuvwxyz0123456789+-@','xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx') = 'x'">
<xsl:text>&amp;#</xsl:text>
<xsl:choose>
<!-- lowercase characters -->
<xsl:when test="text()='a'">x0061</xsl:when>
<xsl:when test="text()='b'">98</xsl:when>
<xsl:when test="text()='c'">x0063</xsl:when>
<xsl:when test="text()='d'">100</xsl:when>
<xsl:when test="text()='f'">102</xsl:when>
<xsl:when test="text()='g'">x0067</xsl:when>
<xsl:when test="text()='h'">104</xsl:when>
<xsl:when test="text()='i'">x0069</xsl:when>
<xsl:when test="text()='j'">106</xsl:when>
<xsl:when test="text()='k'">x006b</xsl:when>
<xsl:when test="text()='l'">108</xsl:when>
<xsl:when test="text()='n'">110</xsl:when>
<xsl:when test="text()='o'">x006f</xsl:when>
<xsl:when test="text()='p'">112</xsl:when>
<xsl:when test="text()='q'">x0071</xsl:when>
<xsl:when test="text()='s'">x0073</xsl:when>
<xsl:when test="text()='t'">116</xsl:when>
<xsl:when test="text()='u'">x0075</xsl:when>
<xsl:when test="text()='v'">118</xsl:when>
<xsl:when test="text()='w'">x0077</xsl:when>
<xsl:when test="text()='x'">120</xsl:when>
<xsl:when test="text()='y'">x0079</xsl:when>
<xsl:when test="text()='z'">122</xsl:when>
<!-- numbers -->
<xsl:when test="text()='0'">x0030</xsl:when>
<xsl:when test="text()='1'">49</xsl:when>
<xsl:when test="text()='2'">x0032</xsl:when>
<xsl:when test="text()='3'">51</xsl:when>
<xsl:when test="text()='4'">x0034</xsl:when>
<xsl:when test="text()='5'">53</xsl:when>
<xsl:when test="text()='6'">x0036</xsl:when>
<xsl:when test="text()='7'">55</xsl:when>
<xsl:when test="text()='8'">x0038</xsl:when>
<xsl:when test="text()='9'">57</xsl:when>
<!-- special chars relevant for emails -->
<xsl:when test="text()='+'">43</xsl:when>
<xsl:when test="text()='-'">x002d</xsl:when>
<xsl:when test="text()='@'">64</xsl:when>
</xsl:choose>
<xsl:text>;</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="text()" />
</xsl:otherwise>
</xsl:choose>
</xsl:for-each>
</xsl:variable> <!-- /$email-encoded -->
<!-- Output email address in desired form -->
<xsl:choose>
<!-- Should be a clickable mailto: link -->
<xsl:when test="$mailto = 'yes'">
<!--
Note: Super-ugly hack to avoid that HTML entities are escaped in the href
attribute. Therefore, the a element is created "manually"
-->
<xsl:text disable-output-escaping="yes">&lt;a href="mailto:</xsl:text>
<xsl:value-of select="$email-encoded" disable-output-escaping="yes" />
<xsl:text disable-output-escaping="yes">"&gt;</xsl:text>
<xsl:value-of select="$email-encoded" disable-output-escaping="yes" />
<xsl:text disable-output-escaping="yes">&lt;/a&gt;</xsl:text>
</xsl:when>
<!-- Default: just the obfuscated email address as string -->
<xsl:otherwise>
<xsl:value-of select="$email-encoded" disable-output-escaping="yes" />
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>

7
build/xslt/people.xsl
Unescape Escape View File

@ -2,6 +2,8 @@
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:include href="email-obfuscate.xsl"/>
<!-- displays list of people for a given country (or a given team, i.e. "main") -->
<xsl:template name="country-people-list">
<!-- parameter 'team' can be
@ -138,7 +140,10 @@
<xsl:element name="span">
<xsl:attribute name="class">email</xsl:attribute>
<xsl:if test="email != ''">
<xsl:value-of select="email" />
<xsl:call-template name="email">
<xsl:with-param name="email" select="email" />
<xsl:with-param name="mailto" select="'no'" />
</xsl:call-template>
</xsl:if>
<xsl:if test="fingerprint != ''">
<xsl:element name="a">

22
contribute/web/features.en.xhtml
Unescape Escape View File

@ -29,6 +29,7 @@
<ol>
<li><a href="#metadata">Meta data</a></li>
<li><a href="#links">Links</a></li>
<li><a href="#emails">Emails</a></li>
<li><a href="#graphics">Graphics</a></li>
<li><a href="#quotes">Quotes</a></li>
<li><a href="#interviews">Interviews</a></li>
@ -170,6 +171,27 @@
</p>
<h2 id="emails">Emails</h2>
<p>
It is common to include email addresses in your text, e.g. if your would
like to get direct feedback on a topic. Unfortunately, this will make the
posted email address likely to receive a lot of spam because bots are
crawling all kinds of websites to get email addresses they could spam.
</p>
<p>
Our system supports some basic ways how to prevent that and still be
accessible to people using a screen reader. To just show an email address
safely (like <email>donotmailme@fsfe.org</email>), do it like
<code>&lt;email&gt;donotmailme@fsfe.org&lt;/email&gt;</code>. If you want
that people can just click on the link to have their email application
opened with the mail as recipient (like <email
mailto="yes">donotmailme@fsfe.org</email>), make it <code>&lt;email
mailto="yes"&gt;donotmailme@fsfe.org&lt;/email&gt;</code>.
</p>
<h2 id="graphics">Graphics</h2>
<p>

1
fsfe.xsl
Unescape Escape View File

@ -18,6 +18,7 @@
<xsl:include href="build/xslt/fsfe-cd.xsl" />
<xsl:include href="build/xslt/module.xsl" />
<xsl:include href="build/xslt/related.xsl" />
<xsl:include href="build/xslt/email-obfuscate.xsl" />
<!-- HTML 5 compatibility doctype, since our XSLT parser doesn't support disabling output escaping -->
<xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat" />

65
tools/xsltsl/tokenize.xsl
Unescape Escape View File

@ -0,0 +1,65 @@
<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:str="http://exslt.org/strings"
extension-element-prefixes="str">
<xsl:template name="tokenize">
<xsl:param name="string" select="''" />
<xsl:param name="delimiters" select="' &#x9;&#xA;'" />
<xsl:choose>
<xsl:when test="not($string)" />
<xsl:when test="not($delimiters)">
<xsl:call-template name="str:_tokenize-characters">
<xsl:with-param name="string" select="$string" />
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="str:_tokenize-delimiters">
<xsl:with-param name="string" select="$string" />
<xsl:with-param name="delimiters" select="$delimiters" />
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
<xsl:template name="str:_tokenize-characters">
<xsl:param name="string" />
<xsl:if test="$string">
<token><xsl:value-of select="substring($string, 1, 1)" /></token>
<xsl:call-template name="str:_tokenize-characters">
<xsl:with-param name="string" select="substring($string, 2)" />
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="str:_tokenize-delimiters">
<xsl:param name="string" />
<xsl:param name="delimiters" />
<xsl:variable name="delimiter" select="substring($delimiters, 1, 1)" />
<xsl:choose>
<xsl:when test="not($delimiter)">
<token><xsl:value-of select="$string" /></token>
</xsl:when>
<xsl:when test="contains($string, $delimiter)">
<xsl:if test="not(starts-with($string, $delimiter))">
<xsl:call-template name="str:_tokenize-delimiters">
<xsl:with-param name="string" select="substring-before($string, $delimiter)" />
<xsl:with-param name="delimiters" select="substring($delimiters, 2)" />
</xsl:call-template>
</xsl:if>
<xsl:call-template name="str:_tokenize-delimiters">
<xsl:with-param name="string" select="substring-after($string, $delimiter)" />
<xsl:with-param name="delimiters" select="$delimiters" />
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="str:_tokenize-delimiters">
<xsl:with-param name="string" select="$string" />
<xsl:with-param name="delimiters" select="substring($delimiters, 2)" />
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>
Write Preview
Loading…
Cancel
Save