[Fixed]-Django: [email protected] in admin


I don’t really know the answer but whenever I see [email protected] showing up on Google, if I navigate to the link then the email shows up and if I inspect the element it has near it this piece of javascript:

/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */

This may help you further. (Inspect your element to see if this applies to you too.)

If you see it in your code too then This and this may help you.

EDIT: It seems that it is caused by Cloudflare’s email obfuscation.


Email obfuscation is good thing for public site, and I would like to disable it for admin. So I write this middleware to disable email obfuscation in admin.

def _insert_email_off(html):
    origin = html
        pos1 = html.index('>', html.index('<body')) + 1
        html = html[:pos1] + '<!--email_off-->' + html[pos1:]
        pos2 = html.index('</body>')
        html = html[:pos2] +'<!--/email_off-->' + html[pos2:]
    except ValueError:
        return origin
    return html

class CloudflareEmailProtect(MiddlewareMixin):

    def process_response(self, request, response):
        if request.path.startswith('/admin/'):
            response.content = smart_bytes(_insert_email_off(smart_text(response.content)))
        return response

class TestCloudflareEmailProtect:

    def test_admin(self, rf):
        request = rf.get('/admin/aaa')
        html = '<html><body>content</body>'
        response = CloudflareEmailProtect().process_response(request, HttpResponse(html))
        assert b'<!--email_off--' in response.content

    def test_not_admin(self, rf):
        request = rf.get('/public')
        html = '<html><body>content</body>'
        response = CloudflareEmailProtect().process_response(request, HttpResponse(html))
        assert b'<!--email_off--' not in response.content

def test_insert_email_off():
    html = 'aa <body zzz>bb cc</body>dd'
    result = _insert_email_off(html)
    assert result == 'aa <body zzz><!--email_off-->bb cc<!--/email_off--></body>dd'

    assert _insert_email_off('aaa') == 'aaa'


I also faced this problem ans wasted so many times for solution.
Finally,I solved this problem, by adding simply.


Add in HTML page


The Issue is mainly for the "Cloudflare obfuscating email".


Deactivate from dashbaord.

  1. Log in to the Cloudflare dashboard.

  2. Ensure the website you want to verify is selected.

  3. Click the Scrape Shield app.

  4. Under Email Address Obfuscation, check that the toggle is set to On.

Leave a comment