ReCAPTCHA Mailhide does not hide html tags with mailto

So, before the reCAPTCHA Mailhide filter goes through, replace tags that reference mailto:// protocols with just the email address. The Mailhide would than run on it, replacing the email addresses. Neat idea, and it would allow reCAPTCHA Mailhide to run after/with the URL/Email filter. The tricky thing to do would be to write the regex for it.

I think it should. The whole point of the recaptcha mailhide module is to protect people's email addresses. Until it can hide <a> with mailto addresses, it's not doing the job...

I'm having the same issue. Email addresses surrounded by spaces or a pre-defined (and hard-coded) set of tags work fine; any other markup causes the preg_replace_callback function to not see it.

What about a two-step process? First, pre-scan the text, which does nothing but search for anything that looks like an email address (regardless of surrounding markup) and puts some custom delimiter around them? Second, feed that to the existing function and let it substitute based on the custom delimiters.

It could even strip out the mailto: from hrefs on the way, although in this case the entire URL would be substituted instead of just the middle of the existing email address.

Disclaimer: My regular expression expertise is virtually nil. I know enough to know that regexes can do this but not how to make them do so. (And to think I used to be able to write APL!)

I'm seeing really spotty performance. Mailhide does nothing at all for addresses that are written using anchor tags (which is really problematic, to my mind)

Furthermore, it processes plain-text unlinked email addresses in an inconsistent way. E.g., given the gmail address example@gmail.com, what's rendered is "example...gmail.com", where "..." is linked and produces the Mailhide popup.

Can't use this for production if this is the normal behavior. It's too unreliable.

Yup I think it should - particularly as a lot of editors automatically convert email addresses into links so actually the data entry is about out of the editors hands, does make it kinda pointless otherwise

....subscribe!

C

Hey guys, don't blame reCaptcha. I figured out how to hide the mailto: with reCaptcha.
Go to your recaptcha account and click on "email protection".
Enter the email address you want to protect in the field and click "protect it", next copy the html code.
This code is what you're gonna place into the mailto: link.

Here's what it should look like:

<a href="mailto:name@youremail.com">captcha email html code</a>

Note: be sure to remove the </a> before the latter half of your email from the "captcha email html code"

Here's an example of what it should look like @ My Website And since you're there shoot me an email letting me know you got it.

All thanks goes to Google recaptcha

Wayne

Yes this does work but that's not quite the point....

The issue is that the module does not protect email addresses in content when the already have an anchor tag around them. Client using a wysiwyg modules don't want to do this every time they put an email address into a piece of text.

The point is the filter should correct all the content on the way out to the browser not just email addresses that are not a link.

....if that makes sense.

C

subscribing... Yes would be nice if the filter handled it. Dont know anyone that leaves emails as raw text vs mailto:'s.

I've patched up my module to replace all mailto: links in a tags. It's at least a start...

(forgot to change status) I've patched up my module to replace all mailto: links in a tags. It's at least a start...

Thanks for the patch.

You have some tabs in your indentation which need to be removed.

In the first hunk, $_recaptcha_mailhide_method and $text are set to values then immediately set to different values. Is this what you meant to do?

Liam - thanks for your comments. First time submitting a patch... Hope this time around it's good.
I decided not to touch the way the globals are being passed to _recatpcha_replace() -- I think this should be done, but in another patch.
I tried to simply make it work with minimal changes.

+ added option to enable/disable this in settings.
+ made sure to replace the inner HTML inside <a>...&lt/a> tags as well.
+ did some code refactoring (pulled out private/public key, mcrypt validation outside replace function and put all globals into a single $_recaptcha_mailhide_preg_replace_context variable). I originally thought it's better to do as part of a different commit but it simply made sense to so this on the go.

I would appreciate it if someone who uses mailhide would try this and RTBC if it works.

I think this can be done a bit easier and cleaner. Please use domfilter. You can search for all a tags with href and replace the value very easy. See linkchecker or gotwo module, please.

That is a serious bug. <a href="mailto:test@example.com">test@example.com</a> is not getting protected.