Closed
Bug 304612
Opened 19 years ago
Closed 19 years ago
e-mail addresses displayed in plain text - food for SPAM spiders?
Categories
(Bugzilla :: User Interface, enhancement)
Tracking
()
VERIFIED
DUPLICATE
of bug 219021
People
(Reporter: bugzilla, Assigned: myk)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.7.10) Gecko/20050717 Firefox/1.0.6 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.7.10) Gecko/20050717 Firefox/1.0.6 On those bugzilla pages I checked, e-mail addresses are displayed in plain text, or in the case of the "Show votes" list (e.g. https://bugzilla.mozilla.org/votes.cgi?action=show_bug&bug_id=288054 ), have an encoded @ (@). I don't know anything about e-mail harvesting software, but I think this might just be what they are looking for... Also, I doubt whether simply using the hex code for an @ will stop them... (...Is it actually e-mail or email...?) Reproducible: Always Steps to Reproduce: 1. Open website in browser. 2. Select View > Show Source Code or press Strg+U 3. Scan document for e-mail addresses listed, e. g. search for @ or @ Actual Results: Found plain text e-mail addresses and mailto:-links. Expected Results: Would expect to see some completely encoded addresses (not only @ encoded, but everything). Maybe use of graphic-@s. Possibly no mailto-links but only links to contact forms à la /mail?user_id=xyz enabling web surfer to send mails to registered users only. Also, maybe just disable displaying any e-mail addresses to anyone _not_ logged in? Maybe abusing rtl and CSS might do the trick: <span style="unicode-bidi:bidi-override; direction: rtl;">gro.elpmaxe@retsambew</span> Found example at http://www.drweb.de/weblog/weblog/index.php?p=68 (de).
Comment 1•19 years ago
|
||
See also bug 120030. *** This bug has been marked as a duplicate of 219021 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•19 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•