collective.geotransform
Introduction
GEO stands for “Gracefully E-mail Obfuscation”. This package implements the solution exposed in this post of List Apart web site authored by Roel Van Gils:
http://www.alistapart.com/articles/gracefulemailobfuscation/
collective.geotransform uses plone.transformchain to transform the response output from Zope before it reaches your browser. It searches for all “mailto:” occurences inside the response and transform them into encoded harmless links. It also searches for plain email addresses (without links) inside the response and transform them into encrypted spans. This codification is done via a simple base64 encoding, but enough to fool a spam robot.
This is the form of the encoded mailto link:
<a rel=”nofollow” href=”geomailto:dmljdG9yLmZlcm5hbmRlejJAdXBjbmV0LmVz”>Link text</a>
While this is the form of the encoded span for plain email address:
<span class=”geomailaddress”>dmljdG9yLmZlcm5hbmRlejJAdXBjbmV0LmVz</span>
On the browser side, the encoded links and spans are decoded to their original form by using a Javascript that restores them to normal “mailto:” links and decrypted plain text emails.
Authenticated responses are NOT affected by this transform. Only anonymous responses are modified.
Compatibility
The versions 3.x (build from the master-branch) are compatible with Plone 6 / Python 3 only.
- Other branches / versions support old Plone versions :
Plone 5: versions 2.x
Plone 4: versions 1.x
TODO
Accessibility form and validators
Changelog
3.0 (2023-02-09)
Add Plone 6 compatibility, drop Plone 5 support [boulch]
2.1 (2023-01-31)
Add support for Python 3 and Plone 5.2. [pbauer]
2.0 (2020-11-18)
Fix obfuscation with mails within texts [laulaz]
Make mail detection in texts (outside textareas) more robust [laulaz]
Improve / add tests [laulaz]
2.0a1 (2018-09-24)
Plone 5 compatibility [tomgross]
Add browserlayer and uninstall profile (fixes #11) [tomgross]
1.0.4 (2020-11-18)
Make mail detection in texts (outside textareas) more robust [laulaz]
Improve / add tests [laulaz]
1.0.3 (2017-12-06)
Do not obfuscate mails inside textarea or value=”” attribute (#15) [laulaz]
1.0.2 (2016-08-19)
Do not obfuscate mails when called from Ajax, because we don’t know if they will be de-obfuscated and that the goal is to fool non-Javascript robots [laulaz]
1.0.1 (2015-02-03)
Add metadata.xml into profile. [bsuttor]
Decode utf8 if accent in mail [bsuttor]
Add upgradestep for import new metadata.xml [bsuttor]
1.0 (2014-10-22)
Obfuscate plain text mails (#8) [laulaz]
Avoid touching mailto tags content (#4) [laulaz]
Avoid trying to transform non-HTML requests [laulaz]
Handle links with subject and / or body (#1) [laulaz]
Fix check for anonymous (#2) and for portal url (#3) [laulaz]
Fix getSite location [laulaz]
Add tests [laulaz]
Add buildout and bootstrap [laulaz]
1.0a3 (2012-08-03)
Fix check for anonymous [pbauer]
1.0a2 (2010-11-24)
Fixed broken uploaded file to pypi
1.0a1 (2010-10-22)
Initial release