From 0873f4bb38efa8224cc8841c12c64068d637ba75 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Sep 06 2016 08:36:08 +0000 Subject: Specify rel="noopener noreferrer" to link including target='_blank' This avoids potential security risk: https://dev.to/ben/the-targetblank-vulnerability-by-example https://mathiasbynens.github.io/rel-noopener/ --- diff --git a/pagure/templates/_render_repo.html b/pagure/templates/_render_repo.html index 231a2fb..38df7e8 100644 --- a/pagure/templates/_render_repo.html +++ b/pagure/templates/_render_repo.html @@ -255,8 +255,10 @@ Contributions View List
- - User activity graph + + User activity graph
diff --git a/pagure/templates/issue.html b/pagure/templates/issue.html index 997a59c..ff46a70 100644 --- a/pagure/templates/issue.html +++ b/pagure/templates/issue.html @@ -89,7 +89,7 @@ Markdown Syntax + target="_blank" rel="noopener noreferrer">Markdown Syntax
diff --git a/pagure/templates/new_issue.html b/pagure/templates/new_issue.html index 642019b..32a0d09 100644 --- a/pagure/templates/new_issue.html +++ b/pagure/templates/new_issue.html @@ -91,7 +91,7 @@ {{ form.csrf_token }} Markdown Syntax + target="_blank" rel="noopener noreferrer">Markdown Syntax

diff --git a/pagure/templates/pull_request.html b/pagure/templates/pull_request.html index 531cb8a..f11cb8f 100644 --- a/pagure/templates/pull_request.html +++ b/pagure/templates/pull_request.html @@ -541,7 +541,7 @@ Markdown Syntax + target="_blank" rel="noopener noreferrer">Markdown Syntax
diff --git a/pagure/templates/repo_master.html b/pagure/templates/repo_master.html index 1fa75be..de13543 100644 --- a/pagure/templates/repo_master.html +++ b/pagure/templates/repo_master.html @@ -212,7 +212,7 @@
  • + }}" target="_blank" title="Open to a new tab" rel="noopener noreferrer">