Title: Email Encoder using unsafe eval()
Last modified: November 29, 2019

---

# Email Encoder using unsafe eval()

 *  Resolved [florianbeck](https://wordpress.org/support/users/florianbeck/)
 * (@florianbeck)
 * [6 years, 6 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/)
 * Hi,
 * Email Encoder ist using unsafe Javascript function eval(). I guess preferred 
   with the encoding method “Escape”. This is in conflict with my Content Security
   Policy.
 * I guess the plugin switches random between “Rot13” and “Escape”. Is there a way
   to disable the “Escape” method? This should fix the usage of eval().
 * Thanks,
    Florian

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [Ironikus](https://wordpress.org/support/users/ironikus/)
 * (@ironikus)
 * [6 years, 6 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/#post-12189965)
 * Hey [@florianbeck](https://wordpress.org/support/users/florianbeck/) – thank 
   you for your message.
    I’m afraid it is not possible at this point to deactivate
   only one of these functions, but I will add a filter with the next one that lets
   you manipulate the output. I will send you more information once it is published.
   If you have questions in the meantime, feel free to reach out.
 *  [Ironikus](https://wordpress.org/support/users/ironikus/)
 * (@ironikus)
 * [6 years, 5 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/#post-12258458)
 * Hi [@florianbeck](https://wordpress.org/support/users/florianbeck/) – I just 
   wanted to inform you that we now launched a new version for the addressed issue.
 * We now have a filter available that lets you remove the escape function from 
   the random assignment.
 * You can use this function for your functions.php file:
 *     ```
       add_filter( 'eeb/validate/random_encoding', 'validate_only_email', 10, 3 );
       function validate_only_email( $rand, $email, $protection_text ){
       	return 1;
       }
       ```
   
 * If you have further questions, please let me know.
    -  This reply was modified 6 years, 5 months ago by [Ironikus](https://wordpress.org/support/users/ironikus/).
 *  Thread Starter [florianbeck](https://wordpress.org/support/users/florianbeck/)
 * (@florianbeck)
 * [6 years, 5 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/#post-12258798)
 * Hi [@ironikus](https://wordpress.org/support/users/ironikus/),
 * this works fine and solves my problem with the CSP header.
 * Thank you!
 *  [Ironikus](https://wordpress.org/support/users/ironikus/)
 * (@ironikus)
 * [6 years, 5 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/#post-12258802)
 * Hi [@florianbeck](https://wordpress.org/support/users/florianbeck/) – thank you
   for the feedback, happy it works! 🙂

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Email Encoder using unsafe eval()’ is closed to new replies.

 * ![](https://ps.w.org/email-encoder-bundle/assets/icon-256x256.png?rev=2056506)
 * [Email Encoder - Protect Email Addresses and Phone Numbers](https://wordpress.org/plugins/email-encoder-bundle/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/email-encoder-bundle/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/email-encoder-bundle/)
 * [Active Topics](https://wordpress.org/support/plugin/email-encoder-bundle/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/email-encoder-bundle/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/email-encoder-bundle/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [Ironikus](https://wordpress.org/support/users/ironikus/)
 * Last activity: [6 years, 5 months ago](https://wordpress.org/support/topic/email-encoder-using-unsafe-eval/#post-12258802)
 * Status: resolved