Article | Topic: HTML Encoding

Online Portfolio | Search Optimization | Archive
Web Design | Custom Scripting | Web Database | E-Commerce | Search Optimization | Flash Web Design | Consulting
Template 'Tuning' | Template Designs
Desktop Solutions | Database Solutions | Automation Solutions | Integration | Project Solutions
Flash | 3D Design | 3D For The Web | Animation | Graphic Design | Conceptual Design | Reality Modeling
E-Learning | Disc Media | Business Graphics | Marketing Media | Custom Documents
Articles | Price Quotes | Site Map | Search Site | Web Links | About Neo•Paradigms | Contact Us
Encoding your sensitive information

Don't make it easy for SPAMBOTs to get your email
Sadly, you cannot just put your email address into your web page as text - well, not unguarded text. Unfortunately it is both considered good site design and is often required by major search engines that a site provide a legitimate email contact address. So what do you do?

One solution is to put your contact information into an image, a GIF or JPeG, and place it into your page. This is quite safe but has a limitations. Formating of your page may become difficult either because of the line/font formating or because of inherited properties in your stylesheet. It may not be practical to account for this image use. You may not have suitable software to create the image in the first place. Finally, a wireless viewer will not see the information in the image.

The second method, HTML Encoding, is not as effective alone but will stop all but the most clever of BOTs in use today. It can become quite safe if used in conjunction with some form of encryption or masking.

HTML Encoding convert string solution

The process is simple enough; every character can be rewritten as an escaped (encoded) character. You have probably seen this in URLs that point to files that were uploaded and linked to that contain a SPACE character in the filename. The encoding is performed by taking the hexadecimal value of the character's ASCII (or ANSI) code number. For example a SPACE character is number 32 in the code pages. This is a Decimal number (base 10), however, so we have to convert it to Hexadecimal (base 16) number. I'll get to that in a moment but the value we will get is 20. To finish encoding the SPACE character we have to 'escape' the value - we have to tell the browser that we are encoding the value. In HTML a percent sign ("%") is the 'escape-character.' So a SPACE is written as %20.

It sounds complicated, perhaps, but really it is very simple. The process comes in two parts;
  1. locate the ASCII code number of the characters you wish to encode
  2. The tough part is converting the decimal number to hexadecimal form.
If you are interested in reading the remainder of this article for information, by all means please do. I will be presenting the code you will want to use. If, on the other hand, you have no interest in getting into the code details and only want a solution you can use right now without worrying why and how it works - most of us, really - then you can use the following link to a small utility I am providing to simplify your life and get the job done:

Download HTML Encode/Decode Utility.

Convert Characters HTML Encoded String

For short strings you could manually translate each character to it's corresponding DEC number (or go right to the HEX value on the chart below. You could, but it would be enormously tedious. Ok, by now you're thinking to yourself that there HAS to be an easy way to get this done. And you're right. You can use your web browser and a standard javascript call to change your text to HTML Encoded text. JavaScript provides two functions to switch between HTML Encoded and normal text: escape() and unescape(). Not too difficult at all. You can either use the stand alone utility provided in the link above or you can write a very simple html file with a form in it to do the very same job. There is a small amount of work to be done to get the escaped version to actually print in a copiable form - the browser tends to automatically restore the escaped string which is annoying when you actually want to print the escaped value!

Try The Form


Get The Code

       Copy and Paste to a new file.

Wrapping Up

Once you have an encoded version of your email address (or whatever you wish to mask) all you need to do is to use the escaped string in you web page. For example the following would be used for an email link:
<a href="mailto:%6D%65%40%68%6F%6D%65%2E%63%6F%6D">email us</a> or email us

Simple enough. Although I have been having a bit of levity during this article - probably not that evident since you did not join me in the crazy turns I went up into the derivation of differing number base forms and varied methods of derivation without the standard library calls for unescape - the uses that you can put this solution to are not something to laugh at.

SPAMBOTs and other forms of maliscious web robots are in force and they are not something to laugh about. The goal is to limit their access to your proprietary contact information. Whether you download the utility linked to above or you copy the html code for the form or you just use this page to get an encoded version of your email address just make certain that you do not put you email into your web pages unescaped.

                       About Us | Site Map | Privacy Policy | Contact Us | ©1992 - 2005 Neo•Paradigms