1 The markdown syntax states that emails are written with html entities, but in ikiwiki only one part is encoded as it. For reference see <http://daringfireball.net/projects/markdown/syntax#misc>.
3 In the HTML page I get this:
5 <a href="mailto:XXXXXXXXXX@gmail.com">mmassonnet@gmail.com</a>
7 while it the href="" attribute should also be encoded.
11 > The htmlscrubber removes entity encoding obfuscation from tag attributes
12 > This has to be done because such entity encoding can be used to hide
13 > javascript and other nonsense in html tag attributes. As a consequence,
14 > markdown's mail obfuscation is reverted.
16 > I don't really see this as a serious issue, because if I were working for
17 > a spammer, I would include entity decoding in my web spider that searched
18 > for emails. And I could do it easily, as evidenced by the code in the
19 > htmlscrubber that doe it. So I assume this technique is not very effective
20 > at blocking spam. --[[Joey]]