1. Bitbucket
  2. Public Issue Tracker
  3. master
  4. Issues

Issues

Issue #6695 wontfix

Email addresses publically visible in wiki history

Sebastian Krysmanski
created an issue

I'm usually a very cautious guy when it comes to email addresses on the internet. Rule of thumb: Never write email addresses in plain text (to prevent spammers from harvesting it).

Just a few minutes ago I got shocked because I found out that BitBucket prints email addresses for unmapped user in plain text in the wiki file history.

For example, have a look here:

https://bitbucket.org/tortoisehg/thg/wiki/history/developers/MacOSX

There are several commits I did before I changed my email address on BitBucket. When I changed my email address, I guess those commits became "unmapped". So now these commits have my private email address in plain text in their links.

I know my email address is now probably recorded for eternity in the wiki's repository, but for the future: Could you please not include the email address in the author field when editing a wiki. For me (and probably not just for me) this is a huge privacy concern.

Also, please hide those email addresses from the wiki history. Don't make it too easy for spammers to harvest email addresses.

Comments (3)

  1. Jesper Noehr

    If spammers were so inclined, they could clone every public repository across the Internet, and harvest plaintext email addresses from that. This is the nature of DVCS.

    At least we cut off the first part of the email address to mask it from crude screen scraping.

  2. Sebastian Krysmanski reporter

    You cut it off on screen but leave the link intact. I doubt spambots take screenshots for harvesting email addresses.

    Also, there's no need to include email addresses in commit message. I would be nice if you didn't do this.

    Or, at least give the user a hint that his/her email address may become publically visible.

    (just my 2 cents)

  3. Ondřej Španěl

    It can be done, for example github allows users to use github only mail address to identify their commits, like my "OndrejSpanel@users.noreply.github.com" - see https://help.github.com/articles/keeping-your-email-address-private/

    That way users are identified, but their real e-mail addresses are not exposed.

    Implementing a solution like this would be easy: when user enters username@users.noreply.bitbucket.org as a mail adress with username matching his username, consider it validated without sending a confirmation email. You as the bitbucket know there can be no conflict, and you have already validated the user identity.

  4. Log in to comment