So I dug deeper into this, as I’ve never used the feature before.
How are you using email obfuscation on the pages.dev subdomain?
I can only get it to work when using a custom domain connected to the Pages project (and where Email Address Obfuscation has been enabled in the zone).
It never worked on the Pages.dev subdomain. And that’s to be expected, since the feature is only available at the zone level.
I’m a dashboard junkie though, so if there’s some API functionality you’re using, please explain how you’re doing this.
But, perhaps more importantly, when Email Address Obfuscation is working correctly, the email address is obfuscated in the HTML source where JavaScript is enabled. But it should be visible to the user in the browser.
It’s only when JavaScript is disabled that you should see "[email protected]".
But your test page always shows "[email protected]" even when JavaScript is enabled… which makes me wonder what exactly you’re doing on the page!
I consulted the author of the project and looked at the source code of the project, and there is nothing about email obfuscation handling, nor is there any call to CF’s API to achieve this. So maybe there is a bug in my Cloudflare account?
Also, even if I completely turn off the Email Address Obfuscation feature on my account, [email protected] will still appear on the page
@cesaryuan your Pages project has a Function that’s fetching data from another source:
since the Function doing the fetch is not a human browsing the site, it triggers the email protection and passes that back through as part of the response. There isn’t really much you can do to stop this, since the email protection on the other website you’re fetching from is working as designed by stopping your Function from viewing the email.
Thank you for your analysis, but in fact the other website is not hidden behind Cloudflare CDN, and the Email Protection function is not turned on. This can be demonstrated by using curl to send a GET request to https://t.me/s/test_blog_my.
curl -X GET https://t.me/s/test_blog_my
It is not difficult to see that the final URL generated by this section of the code is actually https://t.me/s/test_blog_my;
// Where t.me can also be telegram.me, telegram.dog
const host = getEnv(import.meta.env, Astro, 'TELEGRAM_HOST') ?? 't.me'
const channel = getEnv(import.meta.env, Astro, 'CHANNEL')
const staticProxy = getEnv(import.meta.env, Astro, 'STATIC_PROXY') ?? '/static/'
const url = id ? `https://${host}/${channel}/${id}?embed=1&mode=tme` : `https://${host}/s/${channel}`