From 24a309bd1221a24ac673ece463f765f7a92921ff Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Tue, 16 Jan 2018 05:08:22 +0000 Subject: hval: only allow domain obfuscation in address Obfuscating username portions of the email address leads to having subsequent parts of the address not being obfuscated; which could mean we show someone else's email entirely. In other words, obfuscating "john.doe@example.com" becomes might mean "doe@example.com" is picked up by scanners. In other news, email address obfuscation is still a horrible usability issue and only exists to appease misguided people. --- t/hval.t | 2 ++ 1 file changed, 2 insertions(+) (limited to 't') diff --git a/t/hval.t b/t/hval.t index 2af4d2af..7915f4c9 100644 --- a/t/hval.t +++ b/t/hval.t @@ -18,6 +18,7 @@ hello@example.com meta@public-inbox.org test@public-inbox.org test@a.b.c.org +te.st@example.org EOF PublicInbox::Hval::obfuscate_addrs($ibx, $html); @@ -28,6 +29,7 @@ hello@example.com meta@public-inbox.org test@public-inbox•org test@a•b.c.org +te.st@example•org EOF is($html, $exp, 'only obfuscated relevant addresses'); -- cgit v1.2.3-24-ge0c7