RubyGems - middleman-protect-emails - Versions diffs - 0.2.0 → 0.3.0 - Mend

middleman-protect-emails 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +17 -1
data/features/extension.feature +10 -0
data/fixtures/test-app/source/with_complex_url_params.html +11 -0
data/lib/middleman-protect-emails/extension.rb +5 -1
data/lib/middleman-protect-emails/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6ec6e78ad8782e6973ec3d1bef178383bf63c6ce
-  data.tar.gz: 6cec3655ebdb89cd202e67b77ef79f71fbfd79b8
+  metadata.gz: c84c68e8b63854b83c98d1bf221e0b241c6a63e4
+  data.tar.gz: 3d6f708efef61b1b8e6915cc391fa8c3aed4c862
 SHA512:
-  metadata.gz: e6538b7dc73a782f2f206172e92283159ef6d30f244a5eaf9baf29ca1c2e026ac97a9dbd1981eb22f2126ec49c23c5572ed009457c8662b16522991721edadb2
-  data.tar.gz: 5c4f670130356e469b670253755ccf0109ee41e7cfd886cd7713505c77d2d6ca8bb7e9876b7dad59b1c618a0d1f94325ef01750569203aedd59de9872d431ec0
+  metadata.gz: 2a94eddb160e6990a5b39175278a8bef993d5f380f88af1123d134dd8d67f7e69581f3628778bcd25f56f82c5167c56548b98d9dbb3c7ec2f80d5e8bdc6d1e69
+  data.tar.gz: 0e6306db51b058b543373149ba7c4e1dbb0a49277d920479f02930ae26c45b946674271e99532f6cb90c59709eb6757b62ec1c9ae3a15f4b005e3ffba826eb24

data/README.md CHANGED Viewed

@@ -28,7 +28,23 @@ Using this gem is as simple as adding the following line to your project's `conf
 activate :protect_emails
 ```
-And that's it! This will now protect all `mailto` links in your Middleman project.
+And that's it! This will now protect all `mailto` links in your Middleman project.
+### How it Works
+If the middleware detects a `mailto` link on your page, it will automatically replace the link with an encrypted hash and insert a small script at the end of the page for the browser to decode it on page load. For example, if the following code was on one of your pages:
+```html
+<a href='mailto:hello@example.com'>Link</a>
+```
+It would automatically be replaced with:
+```html
+<a href='#email-protection-uryyb@rknzcyr.pbz'>Link</a>
+```
+This extension also encrypts link parameters (ex. `mailto:hello@example.com?subject=Some%20Subject`).
 ## Contributing

data/features/extension.feature CHANGED Viewed

@@ -34,3 +34,13 @@ Feature: Email Protection
     Given the Server is running at "test-app"
     When I go to "/with_url_params.html"
     Then I should see "<a href='#email-protection-rznvy@rknzcyr.pbz?fhowrpg=Grfg%20Fhowrpg&obql=Grfg%20Obql'></a>"
+  Scenario: Encrypts mailto link complex parameters
+    Given the Server is running at "test-app"
+    When I go to "/with_complex_url_params.html"
+    Then I should see "<a href='#email-protection-rznvy@ybpnyubfg'>localhost domain</a>"
+    Then I should see "<a href='#email-protection-rznvy@rknzcyr.pbz?fhowrpg=Fhowrpg+jvgu+cyhf+fvtaf'>plus sign in subject</a>"
+    Then I should see "<a href='#email-protection-rznvy@rknzcyr.pbz?fhowrpg=Fhowrpg%20jvgu%20fcnprf'>spaces in subject</a>"
+    Then I should see "<a href='#email-protection-rznvy@rknzcyr.pbz?fhowrpg=Grfg+Fhowrpg&pp=rznvy2@rknzcyr.pbz'>cc param</a>"
+    Then I should see "<a href='#email-protection-zl-p0z.cy3k_rznvy@rk-nzcyr.pb.hx?fhowrpg=Grfg+Fhowrpg&obql=Grfg%20Obql&pp=rznvy@rknzcyr.pbz'>crazy case</a>"
+    Then I should see "<a href='mailto:email'>@example.com hacker</a>"

data/fixtures/test-app/source/with_complex_url_params.html ADDED Viewed

@@ -0,0 +1,11 @@
+<html>
+  <head></head>
+  <body>
+    <a href='mailto:email@localhost'>localhost domain</a>
+    <a href='mailto:email@example.com?subject=Subject+with+plus+signs'>plus sign in subject</a>
+    <a href='mailto:email@example.com?subject=Subject%20with%20spaces'>spaces in subject</a>
+    <a href='mailto:email@example.com?subject=Test+Subject&cc=email2@example.com'>cc param</a>
+    <a href='mailto:my-c0m.pl3x_email@ex-ample.co.uk?subject=Test+Subject&body=Test%20Body&cc=email@example.com'>crazy case</a>
+    <a href='mailto:email'>@example.com hacker</a>
+  </body>
+</html>

data/lib/middleman-protect-emails/extension.rb CHANGED Viewed

@@ -41,7 +41,11 @@ class Middleman::ProtectEmailsExtension < ::Middleman::Extension
       # Replaces mailto links with ROT13 equivalent
       # TODO: Don't replace plaintext mailto links
-      new_content = body.gsub /mailto:([A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}(\?[A-Z0-9_\-&=%# ]*)?)/i do
+      invalid_character = '\s"\'>'
+      email_username = "[^@#{invalid_character}]+"
+      email_domain = "[^?#{invalid_character}]+"
+      email_param = "[^&#{invalid_character}]+"
+      new_content = body.gsub /mailto:(#{email_username}@#{email_domain}(\?#{email_param}(\&#{email_param})*)?)/is do
         replaced_email = true
         email = $1.tr 'A-Za-z','N-ZA-Mn-za-m'
         "#email-protection-#{email}"

data/lib/middleman-protect-emails/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Middleman
   module ProtectEmails
-    VERSION = '0.2.0'
+    VERSION = '0.3.0'
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: middleman-protect-emails
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Ankit Sardesai
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-12-25 00:00:00.000000000 Z
+date: 2015-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: middleman-core
@@ -56,6 +56,7 @@ files:
 - fixtures/test-app/config.rb
 - fixtures/test-app/source/index.html
 - fixtures/test-app/source/with_body.html
+- fixtures/test-app/source/with_complex_url_params.html
 - fixtures/test-app/source/with_multiple_emails.html
 - fixtures/test-app/source/with_no_email.html
 - fixtures/test-app/source/with_url_params.html