Obfuscate non HTTPS links #90

Open
opened 1 year ago by wiktor · 2 comments
wiktor commented 1 year ago

Right now XMPP URIs are printed verbatim in the source. It would be better if the were obfuscated so that the scraping bots could not reach them.

(this may also apply to e-mail addresses not sure)

Right now XMPP URIs are printed verbatim in the source. It would be better if the were obfuscated so that the scraping bots could not reach them. (this may also apply to e-mail addresses not sure)
Owner

That is a fair point. Anything that does not require a rel=me link doesn't need to be transferred as is.

Possible solution: weak encoding like ROT13 (your suggestion 😉)

Problem: no-JS optimized pages should render without requiring further processing and therefore without encoding

Possible solution: URLs that will trigger the full SSR experience (say, https://[...]?ssr=true) can skip encoding. This is assuming that there won't a bot specifically targeted at keyoxide and adapted to add ?ssr=true to URLs.

That is a fair point. Anything that does not require a rel=me link doesn't need to be transferred as is. Possible solution: weak encoding like ROT13 (your suggestion 😉) Problem: no-JS optimized pages should render without requiring further processing and therefore without encoding Possible solution: URLs that will trigger the full SSR experience (say, `https://[...]?ssr=true`) can skip encoding. This is assuming that there won't a bot specifically targeted at keyoxide and adapted to add `?ssr=true` to URLs.
yarmo added the
help wanted
label 1 year ago
yarmo added this to the Feature development project 1 year ago
yarmo added the
enhancement
low hanging fruit
labels 1 year ago

The sensitive data could also be "encoded" as an image.

Pandoc can obfuscate by using the hex-references. That could be an option as well.

Specify a method for obfuscating mailto: links in HTML documents. none leaves mailto: links as they are. javascript obfuscates them using JavaScript. references obfuscates them by printing their letters as decimal or hexadecimal character references. The default is none.

The sensitive data could also be "encoded" as an image. Pandoc can obfuscate by using the hex-references. That could be an option as well. > Specify a method for obfuscating mailto: links in HTML documents. none leaves mailto: links as they are. javascript obfuscates them using JavaScript. references obfuscates them by printing their letters as decimal or hexadecimal character references. The default is none.
Sign in to join this conversation.
No Milestone
No Assignees
3 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.