Vista combinada Visión Plana Vista de árbol
Discusiones [ Anterior | Siguiente ]
toggle
lou cat
email JS obfuscation in web content display portlet
19 de marzo de 2013 2:55
Respuesta

lou cat

Ranking: Regular Member

Mensajes: 196

Fecha de incorporación: 26 de enero de 2012

Mensajes recientes

Hello all!

Can you help me solve a little mistery?
I need to add email addresses in the contact page of my portal and in order to prevent email harvester bots from using them, I'd like to offuscate them a bit.
I know there isn't a perfect method but among all, I chose to use a simple javascript code that simply concatenates the different parts of an email address (not really sure on how much it is effective, the email address is shown properly in the page, but in the code it's inside a JS tag).

Anyway this is beyond liferay's scope, my mistery is related to some email addresses added in the normal way with liferay (in the web content display you write "contact us", then select the link icon, choose email, insert email address and maybe a subject).
These emails, added several months ago by my editor, are shown within a javascript code that use the String.fromCharCode function to encode the email address.
This is very cool, if only I understood how it got there emoticon
If I add emails this way, I can see the email address in plain text in html code, and my editor claims she added those emails in the same way....

So, is Liferay adding some protection afterwards?

what's happening?
emoticon emoticon emoticon
lou cat
RE: email JS obfuscation in web content display portlet
20 de marzo de 2013 2:28
Respuesta

lou cat

Ranking: Regular Member

Mensajes: 196

Fecha de incorporación: 26 de enero de 2012

Mensajes recientes

ok I solved the mystery... the email link was created in the usual simple way with the web content portlet, but my editor was using the Liferay 5.2 version while now we're using the 6.0.6.

I think it was a good feature!!! why has it been removed?
Is there any option to activate the encoding again, in some way?

I hope someone could give me more insight on this... thank you!
lou cat
RE: email JS obfuscation in web content display portlet
20 de marzo de 2013 3:19
Respuesta

lou cat

Ranking: Regular Member

Mensajes: 196

Fecha de incorporación: 26 de enero de 2012

Mensajes recientes

as far as I understood, the email link is part of the WYSIWYG editor and the default for liferay is ckeditor, so maybe this lack of javascript protection for emails depends on the new editor version.

I've read I can change the editor or part of it in the portal settings, but when I tried I couldn't see any difference! emoticon

these are the properties I've tried to change:

editor.wysiwyg.portal-web.docroot.html.portlet.mail.edit.jsp=ckeditor
editor.wysiwyg.portal-web.docroot.html.portlet.mail.edit_message.jsp=ckeditor


with all the available editors (ckeditor, fckeditor, liferay, simple, tinymce, or tinymcesimple)

any info on that?

(I know, I'm just replying to myself, but who knows! maybe someone will finally give me some information or maybe this thread can help someone else in the future)