Opened 15 years ago
Closed 15 years ago
#9115 closed defect (duplicate)
hide cc: email-address better from other users
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | ticket system | Version: | 0.11.6 |
| Severity: | major | Keywords: | email address CC |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
The email-addresses shown under cc: are way to long/much info that it is easy to get the whole address using a web-search-engine. Since this information is not quite usefule for normal user please hide it or at least shorten the address better, that you do not get the full address that easily.
Thanks
Attachments (2)
Change History (8)
comment:1 by , 15 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
comment:2 by , 15 years ago
I do !
and even they shortened, it is often not that hard to get the full address, if you have at least the full username and only need the mail-server to get the full email-address.
It is also not that hard to fish all the usernames and extend it with the most common mail-provider.
→ spam
by the way, my username and my email-address are shown. - I hope this is only offered to me and everyone else only sees my username.
comment:3 by , 15 years ago
| Resolution: | worksforme |
|---|---|
| Status: | closed → reopened |
comment:4 by , 15 years ago
Let me clarify:
- You're not seeing complete e-mail addresses, you see obfuscated e-mail addresses. The screenshots confirm the feature is working as advertised.
- No, guessing the domain name is not easy in the general case. Sure, you can try to add
gmail.comand see if it works, and you probably will get a few hits. Still, there are millions of domains out there, so this won't work sufficiently well. - Again, you're not seeing your own complete e-mail address (except in the edit fields), but an obfuscated version. The address in the edit field is only shown to you.
So the current feature is working as designed. I don't think it's worth adding a possibility to hide e-mail addresses completely. What do others think?
follow-up: 6 comment:5 by , 15 years ago
My opinion:
I think this is no useful information for normal user, maybe the total number, but that's it.
and the trac-user-name is sufficient, you do not need a email-address.
comment:6 by , 15 years ago
| Component: | general → ticket system |
|---|---|
| Keywords: | CC added |
| Resolution: | → duplicate |
| Status: | reopened → closed |
Replying to flyhigh <lowflight66@…>:
My opinion:
I think this is no useful information for normal user, maybe the total number, but that's it.
Well, RoundUp shows the nosy list as a list of users, JIRA shows the count of watchers, Bugzilla shows the full list of e-mails unobfuscated, so there's really no general "rule" here.
and the trac-user-name is sufficient, you do not need a email-address.
This is a more general matter, deciding what kind of user information to show (see also #7339 and #3737). Like rblank said, it's not worth special casing the CC: field.
When you do have EMAIL_VIEW, seeing the full list of address in the CC list is useful, at least as long as we don't have #2456 and a user profile page.
So I'm not against the feature, but it should rather be done with the whole system in mind rather than a specific hack for the CC: list, and I think this is what the #7339 ticket is about.
Closing as duplicate.
E-mail addresses are already obfuscated, unless you have
EMAIL_VIEWpermission. You won't see any e-mail addresses in the CC list on this site, for example (e.g. #1106).