fix: don't obfuscate email in href/value attributes

HTML entities in href and value attributes don't decode properly - browsers treat them as literal strings. Only obfuscate display text. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-02 16:44:56 +02:00 · 2026-02-06 09:40:56 +01:00
parent b448aaa0e0
commit 2c50f4265e
2 changed files with 3 additions and 3 deletions
--- a/_includes/components/blog-sidebar.njk
+++ b/_includes/components/blog-sidebar.njk
@@ -26,7 +26,7 @@
  </div>
  {# Hidden but present for microformat completeness #}
  <p class="p-note hidden">{{ site.author.bio }}</p>
-  {% if site.author.email %}<data class="u-email hidden" value="{{ site.author.email | obfuscateEmail }}"></data>{% endif %}
+  {% if site.author.email %}<data class="u-email hidden" value="{{ site.author.email }}"></data>{% endif %}
  {% if site.author.org %}<data class="p-org hidden" value="{{ site.author.org }}"></data>{% endif %}
 </div>

--- a/_includes/components/h-card.njk
+++ b/_includes/components/h-card.njk
@@ -56,8 +56,8 @@
  {# Email and PGP Key #}
  <div class="mt-2 flex flex-wrap gap-3 text-sm">
    {% if site.author.email %}
-    {# Email obfuscated as HTML entities to deter spam harvesters while keeping valid for microformat parsers #}
-    <a href="{{ site.author.email | obfuscateEmail('href') }}" class="u-email text-primary-600 dark:text-primary-400 hover:underline" itemprop="email">
+    {# Display text obfuscated to deter spam harvesters; href kept plain for browser compatibility #}
+    <a href="mailto:{{ site.author.email }}" class="u-email text-primary-600 dark:text-primary-400 hover:underline" itemprop="email">
      ✉️ {{ site.author.email | obfuscateEmail }}
    </a>
    {% endif %}