Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
munge
a tiny node module to munge any strings. useful if you want to obfuscate email addresses to valid, numeric html entities.
munge
a tiny library to munge any strings (do not ask me why that verb). useful if wou want to obfuscate email addresses to valid, numeric html characters.
as long as spam robots are still dumb, this should significantly reduce the risk of the email address being harvested. i bet you get 60% less spam. this method is user friendlier and way easier to implement than other tricks like javascript or images. because you really can click on the link and it opens in your mail program.
basic example
by default, munge() encodes each letter by random - either ascii or unicode - to make it more difficult for spammers.
because of the random generator the example below does not always produce the same output:
var munge = require('munge');
console.log(munge('spacemonkey@moon.com'));
might output something like:
spacemonkey@moon.com
this is valid html code!
based on rfc1866, ftp://ftp.rfc-editor.org/in-notes/rfc1866.txt
more examples
ascii
var munge = require('munge');
console.log(munge('spacemonkey@moon.com', {encoding: 'ascii'}));
should encode the string with ascii like that:
spacemonkey@moon.com
utf8
var munge = require('munge');
console.log(munge('spacemonkey@moon.com', {encoding: 'utf8'}));
encodes the same blurb but in unicode:
spacemonkey@moon.com
jade/express integration
good idea. you will want to protect your email address on your contact page.
here how you can do it within express and jade. let's say in express you have a route for a contact page (routes/contact.js) like this:
var munge = require('munge');
exports.contact = function(req, res) {
res.render('contact',
{
emailContact: munge('spacemonkey@moon.com')
}
);
};
then you can show the munged email address in a jade template called contact.jade with the lines like this inbetween:
...
p email:
a(href!="mailto:#{emailContact}") !{emailContact}
...
make sure you use ! exactly like this as this won't escape the ampersand (&) into an html entity. see TJ's remark about escaped stuff at https://github.com/visionmedia/jade#code
todo
- implement a connect middleware to automagically munge any email addresses
- have it a piped stream instead (for larger strings; not sure if it makes sense here)
license
MIT
FAQs
a tiny node module to munge any strings. useful if you want to obfuscate email addresses to valid, numeric html entities.
The npm package munge receives a total of 0 weekly downloads. As such, munge popularity was classified as not popular.
We found that munge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 27 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
By Sarah Gooding - Feb 04, 2025
Research
Security News
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
By Kirill Boychenko - Feb 04, 2025