Use rel=noopener
with links that contain target=_blank
...
to prevent potential phishing attacks. More info here: https://mathiasbynens.github.io/rel-noopener
This commit is contained in:
parent
4f8c46c4a7
commit
df99fa8c0d
@ -7,6 +7,8 @@
|
||||
encrypted session. [jcbrand]
|
||||
- Bugfix: RID, SID and JID tokens ignored when `keepalive` set to `true`. [jcbrand]
|
||||
- Removed the `account.logout` API, instead use `user.logout`. [jcbrand]
|
||||
- Use `rel=noopener` with links that contain `target=_blank` to prevent potential phishing attacks.
|
||||
[More info here](https://mathiasbynens.github.io/rel-noopener/) [jcbrand]
|
||||
- #261 `show_controlbox_by_default` config not working [diditopher]
|
||||
- #443 HTML5 notifications of received messages [jcbrand]
|
||||
- #534 Updated Russian translation [badfiles]
|
||||
|
@ -7,7 +7,7 @@
|
||||
<a class="chatbox-btn toggle-chatbox-button icon-minus" title="{{info_minimize}}"></a>
|
||||
<div class="chat-title">
|
||||
{[ if (url) { ]}
|
||||
<a href="{{url}}" target="_blank" class="user">
|
||||
<a href="{{url}}" target="_blank" rel="noopener" class="user">
|
||||
{[ } ]}
|
||||
{{ title }}
|
||||
{[ if (url) { ]}
|
||||
|
@ -2,6 +2,6 @@
|
||||
<span class="reg-feedback"></span>
|
||||
<label>{{label_domain}}</label>
|
||||
<input type="text" name="domain" placeholder="{{domain_placeholder}}">
|
||||
<p class="form-help">{{help_providers}} <a href="{{href_providers}}" class="url" target="_blank">{{help_providers_link}}</a>.</p>
|
||||
<p class="form-help">{{help_providers}} <a href="{{href_providers}}" class="url" target="_blank" rel="noopener">{{help_providers_link}}</a>.</p>
|
||||
<input class="pure-button button-primary" type="submit" value="{{label_register}}">
|
||||
</form>
|
||||
|
@ -25,7 +25,7 @@
|
||||
{[ if (otr_status == UNVERIFIED) { ]}
|
||||
<li><a class="auth-otr" data-scheme="fingerprint" href="#">{{label_verify_with_fingerprints}}</a></li>
|
||||
{[ } ]}
|
||||
<li><a href="http://www.cypherpunks.ca/otr/help/3.2.0/levels.php" target="_blank">{{label_whats_this}}</a></li>
|
||||
<li><a href="http://www.cypherpunks.ca/otr/help/3.2.0/levels.php" target="_blank" rel="noopener">{{label_whats_this}}</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
{[ } ]}
|
||||
|
@ -43,7 +43,7 @@
|
||||
for (i=0; i<list.length; i++) {
|
||||
var prot = list[i].indexOf('http://') === 0 || list[i].indexOf('https://') === 0 ? '' : 'http://';
|
||||
var escaped_url = encodeURI(decodeURI(list[i])).replace(/[!'()]/g, escape).replace(/\*/g, "%2A");
|
||||
x = x.replace(list[i], "<a target='_blank' href='" + prot + escaped_url + "'>"+ list[i] + "</a>" );
|
||||
x = x.replace(list[i], '<a target="_blank" rel="noopener" href="' + prot + escaped_url + '">'+ list[i] + '</a>' );
|
||||
}
|
||||
}
|
||||
$(obj).html(x);
|
||||
|
Loading…
Reference in New Issue
Block a user