我正在编写一个HTTPModule,它将搜索网页中的所有mailto链接,混淆电子邮件地址和尾随参数,然后将新混淆的字符串放回HTML文档中。然后,我使用一点JavaScript来对浏览器中的mailto链接进行取消混淆,以便在用户单击链接时它能正常运行。
到目前为止,我已成功地对信息进行了模糊处理和非模糊处理,没有任何问题。我遇到的问题是将混淆的字符串放回流中。如果mailto链接仅在文档中出现一次,那么它会完美地将混淆的字符串放在mailto链接的位置,但如果有多个mailto链接,则字符串的放置看似随机。我很确定它与正则表达式匹配索引的位置有关,因为函数循环匹配并且基本上增加了通过流的HTML的长度。我将在这里发布一些经过策略编辑的代码,看看是否有人知道如何正确定位混淆字符串的位置。
我也发布了我做的工作来混淆字符串,希望它可以帮助某人尝试做同样的事情。
public override void Write(byte[] buffer, int offset, int count)
{
byte[] data = new byte[count];
Buffer.BlockCopy(buffer, offset, data, 0, count);
string html = System.Text.Encoding.Default.GetString(buffer);
//--- Work on the HTML from the page. We want to pass it through the
//--- obfusication function before it is sent to the browser.
html = html.Replace(html, obfuscate(html));
byte[] outdata = System.Text.Encoding.Default.GetBytes(html);
_strmHTML.Write(outdata, 0, outdata.GetLength(0));
}
protected string obfuscate(string input)
{
//--- Declarations
string email = string.Empty;
string obsEmail = string.Empty;
string matchedEMail = string.Empty;
int matchIndex = 0;
int matchLength = 0;
//--- This is a REGEX to grab any "a href=mailto" tags in the document.
MatchCollection matches = Regex.Matches(input, @"<a href=""mailto:[a-zA-Z0-9\.,|\-|_@?= &]*"">", RegexOptions.Singleline | RegexOptions.IgnoreCase);
//--- Because of the nature of doing a match search with regex, we must now loop through the results
//--- of the MatchCollection.
foreach (Match match in matches)
{
//--- Get the match string
matchedEMail = match.ToString();
matchIndex = match.Index;
matchLength = match.Length;
//--- Obfusicate the matched string.
obsEmail = obfusucateEmail(@match.Value.ToString());
//--- Reform the entire HTML stream. THis has to be added back in at the right point.
input = input.Substring(0, matchIndex) + obsEmail + input.Substring(matchIndex + matchLength);
}
//--- Return the obfuscated result.
return input;
}
protected string obfusucateEmail(string input)
{
//--- Declarations
string email = string.Empty;
string obsEmail = string.Empty;
//--- Reset these value, in case we find more than one match.
email = string.Empty;
obsEmail = string.Empty;
//--- Get the email address out of the array
email = @input;
//--- Clean up the string. We need to get rid of the beginning of the tag, and the end >. First,
//--- let's flush out all quotes.
email = email.Replace("\"", "");
//--- Now, let's replace the beginning of the tag.
email = email.Replace("<a href=mailto:", "");
//--- Finally, let's get rid of the closing tag.
email = email.Replace(">", "");
//--- Now, we have a cleaned mailto string. Let's obfusicate it.
Array matcharray = email.ToCharArray();
//--- Loop through the CharArray and encode each letter.
foreach (char letter in matcharray)
{
//Convert each letter of the address to the corresponding ASCII code.
//Add XX to each value to break the direct ASCII code to letter mapping. We'll deal
// with subtracting XX from each number on the JavaScript side.
obsEmail += Convert.ToInt32((letter) + 42).ToString() + "~";
}
//--- Before we return the obfusicated value, we need to reform the tag.
//--- Remember, up above, we stripped all this out. Well now, we need
//--- to add it again.
obsEmail = "<a href=\"mailto:" + obsEmail + "\">";
return obsEmail;
}
我很感激任何想法!
谢谢, 麦克
答案 0 :(得分:1)
您可以做的另一件事是在正则表达式中使用匹配评估器....
protected string ObfuscateUsingMatchEvaluator(string input)
{
var re = new Regex(@"<a href=""mailto:[a-zA-Z0-9\.,|\-|_@?= &]*"">", RegexOptions.IgnoreCase | RegexOptions.Multiline);
return re.Replace(input, DoObfuscation);
}
protected string DoObfuscation(Match match)
{
return obfusucateEmail(match.Value);
}
答案 1 :(得分:0)
根据您的性能需求(取决于您的文档大小等),您可以考虑使用HTML Agility Pack代替正则表达式来解析和操作HTML。您可以使用Linq to Objects或XPath来识别所有mailto标记。
您应该能够修改以下示例(来自the codeplex wiki page)以查找mailto标记:
HtmlDocument doc = new HtmlDocument();
doc.Load("file.htm");
foreach(HtmlNode link in doc.DocumentElement.SelectNodes("//a[@href"])
{
HtmlAttribute att = link["href"];
if (att.Value.StartsWith("mailto:") EncryptValue(att);
}
doc.Save("file.htm");