Skip to main content

A simple jQuery Plone component for hiding email addresses from spammers.

Project description

Zest emailhider

This document describes the zest.emailhider package.

https://secure.travis-ci.org/zestsoftware/zest.emailhider.png?branch=master

Dependencies

This package depends on jquery.pyproxy to integrate python code with jquery code.

Overview

This package provides a mechanism to hide email addresses with JavaScript. Or actually: with this package you can hide your email addresses by default so they are never in the html; with javascript the addresses are then fetched and displayed.

For every content item in your site you can have exactly one email address, as we look up the email address for an object by its UID. For objects for which you want this you should register a simple adapter to the IMailable interface, so we can ask this adapter for an email attribute and a UID method. The ‘emailhider’ view is provided to generate the placeholder link.

Objects display a placeholder link with a hidden-email class, a uid rel attribute and a email-uid-<some uid> class set to the UID of an object; when the page is loaded some jQuery is run to make a request for all those links to replace them with a ‘mailto’ link for that object. Using this mechanism the email address isn’t visible in the initial page load, and it requires JavaScript to be seen - so it is much harder for spammers to harvest.

Special case: when the uid contains ‘email’ or ‘address’ it is clearly no real uid. In that case we do nothing with the IMailable interface but we try to get a property with this ‘uid’ from the property sheet of the portal. Main use case is of course the ‘email_from_address’, but you can add other addresses as well, like ‘info_email’. If you want to display the email_from address in for example a static portlet on any page in the site, use this html code:

<a class="hidden-email email-uid-email_from_address"
   rel="email_from_address">
   Activate JavaScript to see this address.</a>

You can load the test_emailhider page to see if this works.

Instructions for your own package

What do you need to do if you want to use this in your own package, for your own content type?

First you need to make your content type adaptable to the IMailable interface, either directly or via an adapter.

If your content type already has a UID method (like all Archetypes content types) and an email attribute, you can use some zcml like this:

<class class=".content.MyContentType">
  <implements interface="zest.emailhider.interfaces.IMailable" />
</class>

If not, then you need to register an adapter for your content type that has this method and attribute. For example something like this:

from zope.component import adapts
from zope.interface import implements
from zest.emailhider.interfaces import IMailable
from your.package.interfaces import IMyContentType

class MailableAdapter(object):
    adapts(IMyContentType)
    implements(IMailable)

    def __init__(self, context):
        self.context = context

    def UID(self):
        return self.context.my_special_uid_attribute

    @property
    def email(self):
        return self.context.getSomeContactAddress()

Second, in the page template of your content type you need to add code to show the placeholder text instead of the real email address:

<span>For more information contact us via email:</span>
<span tal:replace="structure context/@@emailhider" />

Note that if you want this to still work when zest.emailhider is not installed, you can use this code instead:

<span tal:replace="structure context/@@emailhider|context/email" />

This shows the unprotected plain text email when zest.emailhider is is not available. When you are using zest.emailhider 2.6 or higher this works a bit better, as we have introduced an own browser layer: the @@emailhider page is only available when zest.emailhider is actually installed in the Plone Site. This also makes it safe to use zest.emailhider when you have more than one Plone Site in a single Zope instance and want emailhider to only be used in one them.

Note that the generated code in the template is very small, so you can also look at the page template in zest.emailhider and copy some code from there and change it to your own needs. As long as your objects can be found by UID in the uid_catalog and your content type can be adapted to IMailable to get the email attribute, it should all work fine.

Note on KSS usage in older releases

Older releases (until and including 1.3) used KSS instead of jQuery. As our functionality should of course also work for anonymous users, we had to make KSS publicly accessible. So all javascript that was needed for KSS was loaded for anonymous users as well.

We cannot undo that automatically, as the package has no way of knowing if the same change was needed by some other package or was done for other valid reasons by a Manager. So you should check the javascript registry in the ZMI and see if this needs to be undone so anonymous users no longer get the kss javascripts as they no longer need that.

For reference, this is the normal line in the Condition field of ++resource++kukit.js (all on one line):

python: not
here.restrictedTraverse('@@plone_portal_state').anonymous() and
here.restrictedTraverse('@@kss_devel_mode').isoff()

and this is the normal line in the Condition field of ++resource++kukit-devel.js (all on one line):

python: not
here.restrictedTraverse('@@plone_portal_state').anonymous() and
here.restrictedTraverse('@@kss_devel_mode').ison()

Compatibility

Version 3.0 should work on Plone 4.1, 4.2, 4.3, 5.0.

For older Plone versions, please stick to the 2.x line. Latest release as of writing is 2.7.

Note that on Plone 5.0 we are not completely modern: we register our css and javascript in the old portal tools, not in the new resource registry. So it ends up in the Plone legacy bundle.

History of zest.emailhider package

3.1.3 (2018-02-20)

  • Make ‘No uids found in request.’ a warning instead of an error. I see bots requesting this url. [maurits]

3.1.2 (2017-03-08)

  • Do not render our javascript inline. It leads to display problems when it is included on a 404 page or any other non 20x page: an assertion in Products.ResourceRegistries fails, resulting in the html being returned with mimetype javascript. That seems a possible problem with any inline script. Added upgrade step for this. [maurits]

3.1.1 (2017-02-24)

  • Fixed javascript bug that caused a request even without any emails to reveal. [maurits]

3.1 (2016-11-02)

  • Query and reveal all emails at once. If you have an employee content type that you have hooked up to zest.emailhider, and you have a page showing fifty employees, previously we would fire fifty ajax requests. Now we gather everything into one request. [maurits]

3.0 (2015-10-03)

  • Added Travis badge. [maurits]

  • Support Plone 5 by reading plone.email_from_address from the registry. This loses compatibility with Plone 4.0. We try reading any email (also your own additional emails) from the registry first, with plone. prepended, and then look for a property on the portal root. [maurits]

  • Use $ instead of jq in our javascript. Now it works without needing jquery-integration.js. This loses compatibility with Plone 3. [maurits]

  • Added test_emailhider page that hides the portal email_from_address, so you can easily test it. When you disable your javascript you should not see an email address. [maurits]

2.7 (2012-09-12)

  • Moved to github. [maurits]

2.6 (2011-11-11)

  • Added MANIFEST.in so our generated .mo files are added to the source distribution. [maurits]

  • Register our browser views only for our own new browser layer. Added an upgrade step for this. This makes it easier for other packages to have a conditional dependency on zest.emailhider. [maurits]

2.5 (2011-06-01)

  • Updated call to ‘jq_reveal_email’ to use the one at the root of the site to avoid security errors. [vincent]

2.4 (2011-05-10)

  • Updated jquery.pyproxy dependency to at least 0.3.1 and removed the now no longer needed clean_string call. [maurits]

2.3 (2010-12-15)

  • Not only look up a fake uid for email_from_address as portal property, but do this for any fake uid that has ‘email’ or ‘address’ in it. Log warnings when no email address can be found for a fake or real uid. [maurits]

2.2 (2010-12-14)

  • Added another upgrade step as we definitely need to apply our javascript registry too when upgrading. Really at this point a plain reinstall in the portal_quickinstaller is actually fine, which we could also define as upgrade step, but never mind that now. [maurits]

2.1 (2010-12-14)

  • Added two upgrade steps to upgrade from 1.x by installing jquery.pyproxy and running our kss step (which just removes our no longer needed kss file). [maurits]

2.0 (2010-12-09)

  • Use jquery.pyproxy instead of KSS. This makes the page load much less for anonymous users. [vincent+maurits]

1.3 (2009-12-28)

  • Made reveal_email available always, as it should just work whenever we want to hide the glocal ‘email_from_address’. If we have a real uid target, then try to adapt that target to the IMailable interface and if that fails we just silently do nothing. [maurits]

1.2 (2008-11-19)

  • Using kss.plugin.cacheability and added it as a dependency. [jladage]

  • Allow to set the uid to email_from_address. [jladage]

  • Changed the KSS to use the load event instead of the click event - it now either works transparently, or asks the user to activate JS. [simon]

1.1 (2008-10-24)

  • Added translations and modified template to use them. [simon]

  • Initial creation of project. [simon]

1.0 (2008-10-20)

  • Initial creation of project. [simon]

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zest.emailhider-3.1.3.tar.gz (22.8 kB view details)

Uploaded Source

File details

Details for the file zest.emailhider-3.1.3.tar.gz.

File metadata

File hashes

Hashes for zest.emailhider-3.1.3.tar.gz
Algorithm Hash digest
SHA256 96055836894f0126e7d73e7c5ed1c415fa6c2f3081f007263ef125309c816389
MD5 306325b4c695fbd890e82621e9a88026
BLAKE2b-256 615692c2f59b69982b4858832321a2cb300ccf19350fb641eb3bb1488b96bc10

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page