HTML and CSS Reference
In-Depth Information
<img src="elharoemail.png" width="167" height="28" />
Of course, this is now completely opaque to a blind user. You can add an alt attribute to rectify that:
<img src="elharoemail.png" width="167" height="28"
alt="elharo@metalab.unc.edu"/>
However, spambots that are just matching a regular expression will find this, and this still has several
disadvantages for legitimate visitors. First, it prevents the address from being copied and pasted. Second, it
doesn't work in a mailto link. Finally, it has the additional disadvantage of being relatively difficult to implement
on a site-wide basis because you need to create a new picture for each address you publish.
The approach I recommend, at least until spammers start to recognize it, is to use some HTML and XML
encoding tricks that the browser will slip right through but the regular expression engine used by various
spambots will ignore. In particular, I make use of numeric character references, either decimal and hexadecimal
or both, like so:
&#x65;&#x6c;&#x68;&#x61;&#x72;&#x6f;&#x40;
&#x6d;&#x65;&#x74;&#x61;
&#x6c;&#x61;&#x62;&#x2e;&#x75;&#x6e;&#x63;
&#x2e;&#x65;&#x64;&#x75;
&#101;&#108;&#104;&#97;&#114;&#111;&#64;
&#109;&#101;&#116;&#97;&#108;
&#97;&#98;&#46;&#117;&#110;&#99;&#46;&#101;&#100;&#117;
Very few regular expressions will recognize those as e-mail addresses, but browsers will.
When the e-mail address is a URL, a third level of escaping is possible. We can replace some of the characters
with percent escapes. For example, here I escape the @ sign and the periods:
<a href="mailto:elharo%40metalab%2Eunc%2Eedu">E-mail Me</a>
Of course, you can combine these techniques. This link hides the mailto scheme in decimal character references
while encoding the e-mail part of the URL with percent escaping:
<a href="&#109;&#97;&#105;&#108;&#116;&#111;
&#58;elharo%40metalab%2Eunc%2Eedu">E-mail Me</a>
This isn't impenetrable by any means, but it's enough to fool most spambots.
If you like, you can generate the e-mail addresses out of JavaScript instead of including them directly in the
page. Few if any spambots will run the scripts. For example:
<script type="text/javascript">
<!--
address=('elharo@' + 'metalab.unc.edu')
document.write(
'<a href="mailto:' + address + '">' + address + '</a>')
//-->
</script>
Search WWH ::




Custom Search