Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
munge
a tiny node module to munge any strings. useful if wou want to obfuscate email addresses to valid, numeric html entities.
munge
ummm, just a tiny node module to munge any strings. useful if wou want to obfuscate email addresses to valid, numeric html characters.
as long as spam robots are still dumb, this should significantly reduce the risk of the email address being harvested. i bet you get 60% less spam. this method is user friendlier and way easier to implement than other tricks like javascript or images. because you really can click on the link and it opens in your mail program.
simple example
by default, munge() encodes each letter by random - either ascii or unicode - to make it more difficult for spammers.
because of the random generator the example below does not always produce the same output:
var munge = require('munge');
console.log(munge('spacemonkey@moon.com'));
might output something like:
spacemonkey@moon.com
this is valid html code!
based on rfc1866, ftp://ftp.rfc-editor.org/in-notes/rfc1866.txt
more examples
ascii encoding only
var munge = require('munge');
console.log(munge('spacemonkey@moon.com', {encoding: 'ascii'}));
should output the string with ascii encodings like that:
spacemonkey@moon.com
utf8 encoding only
var munge = require('munge');
console.log(munge('spacemonkey@moon.com', {encoding: 'utf8'}));
outputs the same blurb but in unicode:
spacemonkey@moon.com
jade integration
good idea. you will want to protect your email address on your contact page.
here how you can do it within express and jade. let's say in express you have a route for a contact page (routes/contact.js) like this:
var munge = require('munge');
exports.contact = function(req, res) {
res.render('contact',
{
emailContact: munge('spacemonkey@moon.com')
}
);
};
then you can show the munged email address in a jade template called contact.jade with the lines like this inbetween:
...
p email:
a(href!="mailto:#{emailContact}") !{emailContact}
...
make sure you use ! exactly like this as this won't escape the ampersand (&) into an html entity. see TJ's remark about escaped stuff at https://github.com/visionmedia/jade#code
todo
- implement a connect middleware to automagically munge any email addresses
- have it a piped stream instead (for larger strings; not sure if it makes sense here)
license
MIT
FAQs
a tiny node module to munge any strings. useful if you want to obfuscate email addresses to valid, numeric html entities.
The npm package munge receives a total of 18 weekly downloads. As such, munge popularity was classified as not popular.
We found that munge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Feb 2013
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024