diff options
| author | Sheogorath | 2018-10-04 01:41:48 +0200 |
|---|---|---|
| committer | Sheogorath | 2018-10-04 01:49:36 +0200 |
| commit | 75a23fe2c91d6c2f5008daccae72f8964af72307 (patch) | |
| tree | 0a0d58402cb694344033414002ee1f20784efbfc /public/views/codimd | |
| parent | d9ba11b21a77561ec3f72d5396d48fea32f6389d (diff) | |
Add rel="noopener" to target="_blank" links
The noopener construct protects from some nasty clickjacking attacks. We
can apply them savely to all our links since we don't rely on the
previously used page.
Some more details: https://mathiasbynens.github.io/rel-noopener/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to 'public/views/codimd')
| -rw-r--r-- | public/views/codimd/body.ejs | 2 | ||||
| -rw-r--r-- | public/views/codimd/header.ejs | 16 |
2 files changed, 9 insertions, 9 deletions
diff --git a/public/views/codimd/body.ejs b/public/views/codimd/body.ejs index d4f27a93..dc111909 100644 --- a/public/views/codimd/body.ejs +++ b/public/views/codimd/body.ejs @@ -113,7 +113,7 @@ </div> <div class="modal-body" style="color:black;"> <h5></h5> - <a target="_blank" style="word-break: break-all;"></a> + <a target="_blank" rel="noopener" style="word-break: break-all;"></a> </div> <div class="modal-footer"> <button type="button" class="btn btn-default" data-dismiss="modal"><%= __('OK') %></button> diff --git a/public/views/codimd/header.ejs b/public/views/codimd/header.ejs index 8fc050b7..1b5e4222 100644 --- a/public/views/codimd/header.ejs +++ b/public/views/codimd/header.ejs @@ -22,15 +22,15 @@ <i class="fa fa-caret-down"></i> </a> <ul class="dropdown-menu list" role="menu" aria-labelledby="menu"> - <li role="presentation"><a role="menuitem" class="ui-new" tabindex="-1" href="<%- url %>/new" target="_blank"><i class="fa fa-plus fa-fw"></i> <%= __('New') %></a> + <li role="presentation"><a role="menuitem" class="ui-new" tabindex="-1" href="<%- url %>/new" target="_blank" rel="noopener"><i class="fa fa-plus fa-fw"></i> <%= __('New') %></a> </li> - <li role="presentation"><a role="menuitem" class="ui-publish" tabindex="-1" href="#" target="_blank"><i class="fa fa-share-square-o fa-fw"></i> <%= __('Publish') %></a> + <li role="presentation"><a role="menuitem" class="ui-publish" tabindex="-1" href="#" target="_blank" rel="noopener"><i class="fa fa-share-square-o fa-fw"></i> <%= __('Publish') %></a> </li> <li class="divider"></li> <li class="dropdown-header"><%= __('Extra') %></li> <li role="presentation"><a role="menuitem" class="ui-extra-revision" tabindex="-1" data-toggle="modal" data-target="#revisionModal"><i class="fa fa-history fa-fw"></i> <%= __('Revision') %></a> </li> - <li role="presentation"><a role="menuitem" class="ui-extra-slide" tabindex="-1" href="#" target="_blank"><i class="fa fa-tv fa-fw"></i> <%= __('Slide Mode') %></a> + <li role="presentation"><a role="menuitem" class="ui-extra-slide" tabindex="-1" href="#" target="_blank" rel="noopener"><i class="fa fa-tv fa-fw"></i> <%= __('Slide Mode') %></a> </li> <% if((typeof github !== 'undefined' && github) || (typeof dropbox !== 'undefined' && dropbox) || (typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api'))) { %> <li class="divider"></li> @@ -38,7 +38,7 @@ <li role="presentation"><a role="menuitem" class="ui-save-dropbox" tabindex="-1" href="#" target="_self"><i class="fa fa-dropbox fa-fw"></i> Dropbox</a> </li> <% if(typeof github !== 'undefined' && github) { %> - <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank"><i class="fa fa-github fa-fw"></i> Gist</a> + <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank" rel="noopener"><i class="fa fa-github fa-fw"></i> Gist</a> </li> <% } %> <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %> @@ -115,12 +115,12 @@ </ul> <ul class="nav navbar-nav navbar-right" style="padding:0;"> <li> - <a href="<%- url %>/new" target="_blank" class="ui-new"> + <a href="<%- url %>/new" target="_blank" rel="noopener" class="ui-new"> <i class="fa fa-plus"></i> <%= __('New') %> </a> </li> <li> - <a href="#" target="_blank" class="ui-publish"> + <a href="#" target="_blank" rel="noopener" class="ui-publish"> <i class="fa fa-share-square-o"></i> <%= __('Publish') %> </a> </li> @@ -132,7 +132,7 @@ <li class="dropdown-header"><%= __('Extra') %></li> <li role="presentation"><a role="menuitem" class="ui-extra-revision" tabindex="-1" data-toggle="modal" data-target="#revisionModal"><i class="fa fa-history fa-fw"></i> <%= __('Revision') %></a> </li> - <li role="presentation"><a role="menuitem" class="ui-extra-slide" tabindex="-1" href="#" target="_blank"><i class="fa fa-tv fa-fw"></i> <%= __('Slide Mode') %></a> + <li role="presentation"><a role="menuitem" class="ui-extra-slide" tabindex="-1" href="#" target="_blank" rel="noopener"><i class="fa fa-tv fa-fw"></i> <%= __('Slide Mode') %></a> </li> <% if((typeof github !== 'undefined' && github) || (typeof dropbox !== 'undefined' && dropbox) || (typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api'))) { %> <li class="divider"></li> @@ -140,7 +140,7 @@ <li role="presentation"><a role="menuitem" class="ui-save-dropbox" tabindex="-1" href="#" target="_self"><i class="fa fa-dropbox fa-fw"></i> Dropbox</a> </li> <% if(typeof github !== 'undefined' && github) { %> - <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank"><i class="fa fa-github fa-fw"></i> Gist</a> + <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank" rel="noopener"><i class="fa fa-github fa-fw"></i> Gist</a> </li> <% } %> <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %> |