Issue #6695 wontfix

Email addresses publically visible in wiki history

Sebastian Krysmanski
created an issue

I'm usually a very cautious guy when it comes to email addresses on the internet. Rule of thumb: Never write email addresses in plain text (to prevent spammers from harvesting it).

Just a few minutes ago I got shocked because I found out that BitBucket prints email addresses for unmapped user in plain text in the wiki file history.

For example, have a look here:

There are several commits I did before I changed my email address on BitBucket. When I changed my email address, I guess those commits became "unmapped". So now these commits have my private email address in plain text in their links.

I know my email address is now probably recorded for eternity in the wiki's repository, but for the future: Could you please not include the email address in the author field when editing a wiki. For me (and probably not just for me) this is a huge privacy concern.

Also, please hide those email addresses from the wiki history. Don't make it too easy for spammers to harvest email addresses.

Comments (2)

  1. Jesper Nøhr

    If spammers were so inclined, they could clone every public repository across the Internet, and harvest plaintext email addresses from that. This is the nature of DVCS.

    At least we cut off the first part of the email address to mask it from crude screen scraping.

  2. Sebastian Krysmanski reporter

    You cut it off on screen but leave the link intact. I doubt spambots take screenshots for harvesting email addresses.

    Also, there's no need to include email addresses in commit message. I would be nice if you didn't do this.

    Or, at least give the user a hint that his/her email address may become publically visible.

    (just my 2 cents)

  3. Log in to comment