Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

This module protects email addresses from being scraped by search engines and spambots. It obfuscates emails found in mailto links by reversing them and using JavaScript to reveal the original address on user interaction. Other emails are obfuscated by inserting hidden text, making them unreadable to bots but visible to humans once rendered.

The Email Obfuscator (a.k.a. Email Obfuscation Response Filter) uses an event
listener for each generated response to search for emails using regexes. The
emails are obfuscated depending on where the text is found, helping to prevent
email scraping and reduce spam.

Obfuscations

Example: <a href="mailto:[email protected]">

  • The email string excluding mailto: is reversed,
    e.g. <a href="mailto:moc.liame@tset">
  • An onfocus and an onmousedown JS listeners are added inline; these will
    revert the email address following the mailto: prefix back to its original
    form. These two events cover the following cases: right-click, left-click
    and focus with tab.
    Note that:
    • onfocus would do it for most browsers, but Safari needs onmousedown
    • Reverting the already reversed email is only done once in a page load

All other Emails

Example: <a>[email protected]</a>

  • A span with display:none containing a text with delimiters that are invalid
    email characters is added in the middle of the email, e.g.
    <a>test@<span style='display:none'>!zilch!</span>email.com</a>

Exclusions

  • Any email that is invalid (according to PHP's filter_var function)
  • Everything in the backoffice (admin pages)
  • Emails inside HTML-attributes (placeholder attribute for input fields)
  • Exclude Ajax webform request:
    • Because Ajax is usually used when sending a web form.
      This means that the request does not contain HTML, but a JSON object in
      which HTML is encoded with Unicode.
      The regex does not apply here and it is not necessary to obfuscate this
      email address as it is added by the sender.
  • Content in routes that are whitelisted (see below)

Whitelisting Routes

  • Define whitelisted (excluded) routes in settings.php
        $settings['email_obfuscator'] = [
         'ignored_routes' => [
           'rest.api_layout_footer.GET',
           'editor.link_dialog'
         ]
       ];
    

    For these routes, no obfuscation will take place.

  • IMPORTANT: If you are using CKEditor 4 you should whitelist the route editor.link_dialog to avoid
    obfuscating the email in the CKEditor link dialog.

Disabling use of data-nosnippet

  • The attribute data-nosnippet is used by default, to disable displaying the $displayNoneText in search results.
    It is possible to disable it in settings.php
       $settings['email_obfuscator'] = [
         'use_datanosnippet' => FALSE,
       ];
    
  • IMPORTANT: The data-nosnippet attribute is officially supported ONLY by the Googlebot. Support from other bots is not guaranteed.

Activity

Total releases
4
First release
Jun 2025
Latest release
10 months ago
Releases (12 mo)
1 ▼ from 3
Maintenance
Slowing

Release Timeline

Releases

Version Type Release date
1.0.1 Stable Aug 29, 2025
1.0.0 Stable Jul 2, 2025
1.0.0-rc1 Pre-release Jun 20, 2025
1.0.x-dev Dev Jun 19, 2025