Email address obfuscator for Sitefinity - Front- & Back-End Development - Front- & Back-End Development - Progress Community
 Front- & Back-End Development

Email address obfuscator for Sitefinity

  • Email address obfuscator for Sitefinity
  • I was looking for a simple yet thorough solution to automatically obfuscate email addresses for Sitefinity. Since there is no Sitefinity solution for this out of the box, I would like to share what I have found to work for me.

    I am now using a HttmModule called nJupiter.Web.UI.EmailObfuscator. Implementation was very simple:
    command in the VisualStudio package manager:

    Install-Package nJupiter.Web.UI.EmailObfuscator

    Besides the installation of the HttpModule itself, the HttpModule must be bypassed for all requests of pages in edit mode. The module checks for the presence of a HttpContext item with the key "NJUPITER_EMAIL_OBFUSCATION_DISABLED". If this item's value is not null, the email address obfuscation will be bypassed for the request.

    I found the easiest way to do this is in global.asax using the Application_PreRequestHandlerExecute event. Here is my code global.asax code:


    // This key is used in the nJupiter.Web.UI.EmailObfuscator HttpModule to check for onfuscation bypass of the request
    const string ObfuscationDisabledKey = "NJUPITER_EMAIL_OBFUSCATION_DISABLED";
    protected void Application_PreRequestHandlerExecute(object sender, EventArgs e)
        //Disable email obfuscation if...
              HttpContext.Current.Items.Add(ObfuscationDisabledKey, true);
    protected bool CheckEmailObfuscationConditions()
          // by default, return false which causes email obfucation to be bypassed by default
          var result = false;
           // have webservices obfuscate email addresses:
           if (HttpContext.Current.Handler is WebService) result = true;
           if (HttpContext.Current.Handler is Page)
                var page = (Page)HttpContext.Current.Handler;
                 if (page != null)
                        if (!page.IsBackend()
                            && !page.IsIndexingMode()
                            && !page.IsDesignMode()
                            && !page.IsInlineEditingMode()
                            && !ClaimsManager.GetCurrentIdentity().IsAuthenticated)
                            result = true;      // pages for unauthenticated frontend visitors have obfuscated email addresses
          return result;


    I hope this helps.

    Best regards, Mikael