More in this section
Forums / Developing with Sitefinity / Email address obfuscator for Sitefinity

Email address obfuscator for Sitefinity

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
1 posts, 0 answered
  1. Mikael Kleinwort
    Mikael Kleinwort avatar
    78 posts
    17 May 2004
    09 May 2017
    Link to this post

    I was looking for a simple yet thorough solution to automatically obfuscate email addresses for Sitefinity. Since there is no Sitefinity solution for this out of the box, I would like to share what I have found to work for me.

    I am now using a HttmModule called nJupiter.Web.UI.EmailObfuscator. Implementation was very simple:
    command in the VisualStudio package manager:

    Install-Package nJupiter.Web.UI.EmailObfuscator

    Besides the installation of the HttpModule itself, the HttpModule must be bypassed for all requests of pages in edit mode. The module checks for the presence of a HttpContext item with the key "NJUPITER_EMAIL_OBFUSCATION_DISABLED". If this item's value is not null, the email address obfuscation will be bypassed for the request.

    I found the easiest way to do this is in global.asax using the Application_PreRequestHandlerExecute event. Here is my code global.asax code:


    // This key is used in the nJupiter.Web.UI.EmailObfuscator HttpModule to check for onfuscation bypass of the request
    const string ObfuscationDisabledKey = "NJUPITER_EMAIL_OBFUSCATION_DISABLED";
    protected void Application_PreRequestHandlerExecute(object sender, EventArgs e)
        //Disable email obfuscation if...
              HttpContext.Current.Items.Add(ObfuscationDisabledKey, true);
    protected bool CheckEmailObfuscationConditions()
          // by default, return false which causes email obfucation to be bypassed by default
          var result = false;
           // have webservices obfuscate email addresses:
           if (HttpContext.Current.Handler is WebService) result = true;
           if (HttpContext.Current.Handler is Page)
                var page = (Page)HttpContext.Current.Handler;
                 if (page != null)
                        if (!page.IsBackend()
                            && !page.IsIndexingMode()
                            && !page.IsDesignMode()
                            && !page.IsInlineEditingMode()
                            && !ClaimsManager.GetCurrentIdentity().IsAuthenticated)
                            result = true;      // pages for unauthenticated frontend visitors have obfuscated email addresses
          return result;


    I hope this helps.

    Best regards, Mikael


1 posts, 0 answered