通过在js中组装mailto:href来隐藏电子邮件地址。
更新 现在尝试创建通用函数,我可以在任何地方调用。将此this.id传递给var时,出现“不是func”错误
onclick="mailTo(this.id,'aTLD','aDOMAIN','anACCOUNT','aWEBSITE','I have a website question or issue.');"
function mailTo( idx , tld , domain , account , site , bodyText ) {
let qS = `document.querySelector('#${idx}')`;
console.log(qS);
let arrEmail = [tld, domain, account, site, bodyText];
const buildEmail = (arr) => `${arr[2]}@${arr[1]}.${arr[0]}?subject=From the ${arr[3]} website&body=${arr[4]}`;
qS.addEventListener('click', (event) => {
let str = `mailto:${buildEmail(arrEmail)}`;
location.href = str;
});
}
上一个 早在2006年,就使用eval(args +“ strings” + vars)并运行良好,但这对用户+资源庞然大物来说是危险的暴露。尝试返回(vars + args),但不会触发。 console.log / alert()s显示字符串正确组装。
//###(UNIVERSAL FUNCTION ASSEMBLES MAILTO HREF TO DETER HARVESTERS]###
var html1 = "\"location.href=\'mailto:";
var html2 = "?";
var html3 = "\&bcc=";
var html4 = "@";
var html5 = ".";
var html6 = "\'\"";
var html7 = "Inquiry%20from%20";
var html8 = "%20site.";
var header = "subject=";
var body = '';
var domain = '';
var account = '';
function mail_To(tld , domain , account , site , bodyText) {
domain = domain + ".";
account = account + "@";
if( bodyText != ' ' ) {
var body = "&body=" + bodyText
} else {
var body = ' ';
}
return( html1 + account + domain + tld + html2 + header + html7 + site +html8 + body + html6 );
}
<body>
<span onclick="mail_To('us','puppymillfree','we.want','Puppy Mill Free US','test Body text')">
</body>
控制台打印出预期的效果(带引号)
"location.href='mailto:we.want@puppymillfree.us?subject=Inquiry%20from%20Puppy Mill Free US%20site.&body=test Body text'"
但不确定如何射击。当使用eval()方法而不是return语句时,将触发事件,电子邮件客户端将使用地址字段和正文填充来初始化。
答案 0 :(得分:1)
只是想知道为什么要进行所有这些艰苦的工作,也许只是在点击功能本身中构建电子邮件?
// Just simple sample obfuscation
let arrEmail = ['some', 'com', 'where', 'somewhere'];
const buildEmail = (arr) => `${arr[0]}@${arr[3]}.${[1]}`;
document.querySelector('#email').addEventListener('click', (event) => {
let str = `mailto:${buildEmail(arrEmail)}`;
location.href = str;
});<span id="email">Send a mail</span>