hirasso / html-obfuscator
Obfuscate emails and phone numbers in HTML using modern web technology
Maintainers
Fund package maintenance!
Requires
- php: >=8.4
Requires (Dev)
- laravel/pint: ^1.20
- pestphp/pest: ^3.7
- pestphp/pest-plugin-watch: ^3.0
- phpstan/phpstan: ^2.1
- symfony/var-dumper: >=6.4
This package is auto-updated.
Last update: 2026-06-24 14:10:47 UTC
README
Obfuscate emails and phone numbers in HTML using modern web technology
Why
You might think that obfuscation won't work on spam bots. Turns out it does if done right!
How it works
On the server, PHP finds emails and phone numbers in the HTML, XOR-encodes them with a key derived from a passphrase (MD5 of a shuffled version of it), base64-encodes the result, and replaces the original text with a custom HTML element:
<obfuscated-element value="..." key="..."></obfuscated-element>
In the browser, a Web Component registered under that tag name picks up each element on connectedCallback, reverses the XOR encoding, and swaps itself out with the decoded content. Spam bots crawling the raw HTML never see the actual email or phone number.
Features
- Fluent API
- Fully compatible with HTML5
- All mutations are lazily queued and processed in one go
- Extensively tested
Installation
# requires PHP >= 8.4
composer require hirasso/html-obfuscator
Minimal Example
use Hirasso\HTMLObfuscator\HTMLObfuscator; echo HTMLObfuscator::createFromString($html)->render();
Maximal Example
use Hirasso\HTMLObfuscator\HTMLObfuscator; echo HTMLObfuscator::createFromString($html) ->phoneNumbers(false) ->passphrase('nobody will guess this!') ->render();
→ Browse the tests folder for more usage examples.