astro-mail-obfuscation
Advanced tools
An Astro integration that obfuscates email addresses in the source code by encrypting them. The email addresses are only decrypted and displayed on the client side using JavaScript, helping to protect against email scraping bots.
Malicious bots scour the internet for email addresses, which often leads to spam and phishing attacks. Encrypting email addresses in the source code helps prevent most bots from scraping them, as they cannot interpret JavaScript or advanced obfuscation techniques.
This is an integration for Astro.
Alternative installation with Astro CLI: npx astro add astro-mail-obfuscator
1. Recommended installation with npm:
npm install astro-mail-obfuscation
2. Add the following configuration to your astro.config.mjs file:
import { defineConfig } from "astro/config";
import astroMailObfuscation from "astro-mail-obfuscation";
export default defineConfig({
integrations: [
astroMailObfuscation({
fallbackText: "...", // Default: "Enable JS!"
loadingText: "...", // Default: "Loading..."
// userKey: "A1B3C2..." (Optional, not recommended!)
}),
],
});
The userKey is used for XOR encryption and is generated automatically during the build process. You can set the userKey manually if you want, but it is not required.
3. Add the following css globally to your project:
.astroMailObfuscationHidden {
display: initial;
}
.astroMailObfuscationScript .astroMailObfuscationHidden {
display: none;
}
In your .astro files:
<a href="mailto:mail1@..." data-obfuscation>mail1@...</a>
<a href="mailto:mail2@..." data-obfuscation>Contact us!</a>
// ...
Add data-obfuscation to all <a> tags that you want to encrypt in the source code.
Source code without this integration:
<a href="mailto:mail@...">mail@...</a>
An easy game for bots to read and scrape the email addresses here.
Source code with this integration:
<a data-obfuscation="">
<noscript>Enable JS!</noscript>
<span data-...="5b000..."> Loading... </span>
</a>
Bots cannot read the email address directly and cannot do anything with the data-... either, as they do not know where the userKey is stored (or even that it is needed for decryption).
Disclaimer: This integration helps prevent email scraping but cannot guarantee complete protection.
Support for encrypting phone numbers in the source code.
FAQs
Protect email addresses, phone numbers and other sensitive data from bots scraping the source code of your Astro app.
The npm package astro-mail-obfuscation receives a total of 3 weekly downloads. As such, astro-mail-obfuscation popularity was classified as not popular.
We found that astro-mail-obfuscation demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.