Browse Source

templates: add 'rel=noopener noreferrer' to <a> tags (#5319)

Signed-off-by: cezar97 <cezar97@protonmail.com>
cezar97 1 year ago
parent
commit
87b229d280

+ 4 - 4
templates/base/footer.tmpl

@@ -11,9 +11,9 @@
 			</div>
 			<div class="ui right links">
 				{{if .ShowFooterBranding}}
-					<a target="_blank" href="https://github.com/gogits/gogs"><i class="fa fa-github-square"></i><span class="sr-only">GitHub</span></a>
-					<a target="_blank" href="https://twitter.com/GogsHQ"><i class="fa fa-twitter"></i><span class="sr-only">Twitter</span></a>
-					<a target="_blank" href="http://weibo.com/gogschina"><i class="fa fa-weibo"></i><span class="sr-only">Sina Weibo</span></a>
+					<a target="_blank" rel="noopener noreferrer" href="https://github.com/gogits/gogs"><i class="fa fa-github-square"></i><span class="sr-only">GitHub</span></a>
+					<a target="_blank" rel="noopener noreferrer" href="https://twitter.com/GogsHQ"><i class="fa fa-twitter"></i><span class="sr-only">Twitter</span></a>
+					<a target="_blank" rel="noopener noreferrer" href="http://weibo.com/gogschina"><i class="fa fa-weibo"></i><span class="sr-only">Sina Weibo</span></a>
 				{{end}}
 				<div class="ui language bottom floating slide up dropdown link item">
 					<i class="world icon"></i>
@@ -25,7 +25,7 @@
 					</div>
 				</div>
 				<a href="/assets/librejs/librejs.html" style="display:none" data-jslicense="1">Javascript Licenses</a>
-				<a target="_blank" href="https://gogs.io">{{.i18n.Tr "website"}}</a>
+				<a target="_blank" rel="noopener noreferrer" href="https://gogs.io">{{.i18n.Tr "website"}}</a>
 				{{if (or .ShowFooterVersion .PageIsAdmin)}}<span class="version">{{GoVer}}</span>{{end}}
 			</div>
 		</div>

+ 2 - 2
templates/base/head.tmpl

@@ -148,7 +148,7 @@
 												<a class="{{if .PageIsUserSettings}}active{{end}} item" href="{{AppSubURL}}/user/settings">
 													<i class="octicon octicon-settings"></i> {{.i18n.Tr "your_settings"}}
 												</a>
-												<a class="item" target="_blank" href="https://gogs.io/docs" rel="noreferrer">
+												<a class="item" target="_blank" rel="noopener noreferrer" href="https://gogs.io/docs" rel="noreferrer">
 													<i class="octicon octicon-question"></i> {{.i18n.Tr "help"}}
 												</a>
 												{{if .IsAdmin}}
@@ -169,7 +169,7 @@
 
 								{{else}}
 
-									<a class="item" target="_blank" href="https://gogs.io/docs" rel="noreferrer">{{.i18n.Tr "help"}}</a>
+									<a class="item" target="_blank" rel="noopener noreferrer" href="https://gogs.io/docs" rel="noreferrer">{{.i18n.Tr "help"}}</a>
 									<div class="right menu">
 										{{if .ShowRegistrationButton}}
 											<a class="item{{if .PageIsSignUp}} active{{end}}" href="{{AppSubURL}}/user/sign_up">

File diff suppressed because it is too large
+ 27 - 27
templates/home.tmpl


+ 1 - 1
templates/mail/auth/activate.tmpl

@@ -10,6 +10,6 @@
 	<p>Please click the following link to verify your e-mail address within <b>{{.ActiveCodeLives}} hours</b>:</p>
 	<p><a href="{{AppURL}}user/activate?code={{.Code}}">{{AppURL}}user/activate?code={{.Code}}</a></p>
 	<p>Not working? Try copying and pasting it to your browser.</p>
-	<p>© 2018 <a target="_blank" href="{{AppURL}}">{{AppName}}</a></p>
+	<p>© 2018 <a target="_blank" rel="noopener noreferrer" href="{{AppURL}}">{{AppName}}</a></p>
 </body>
 </html>

+ 1 - 1
templates/mail/auth/activate_email.tmpl

@@ -10,6 +10,6 @@
 	<p>Please click the following link to verify your email address within <b>{{.ActiveCodeLives}} hours</b>:</p>
 	<p><a href="{{AppURL}}user/activate_email?code={{.Code}}&email={{.Email}}">{{AppURL}}user/activate_email?code={{.Code}}&email={{.Email}}</a></p>
 	<p>Not working? Try copying and pasting it to your browser.</p>
-	<p>© 2018 <a target="_blank" href="{{AppURL}}">{{AppName}}</a></p>
+	<p>© 2018 <a target="_blank" rel="noopener noreferrer" href="{{AppURL}}">{{AppName}}</a></p>
 </body>
 </html>

+ 1 - 1
templates/mail/auth/register_notify.tmpl

@@ -9,6 +9,6 @@
 	<p>Hi <b>{{.Username}}</b>, this is your registration confirmation email for {{AppName}}!</p>
 	<p>You can now login via username: {{.Username}}.</p>
 	<p><a href="{{AppURL}}user/login">{{AppURL}}user/login</a></p>
-	<p>© 2018 <a target="_blank" href="{{AppURL}}">{{AppName}}</a></p>
+	<p>© 2018 <a target="_blank" rel="noopener noreferrer" href="{{AppURL}}">{{AppName}}</a></p>
 </body>
 </html>

+ 1 - 1
templates/mail/auth/reset_passwd.tmpl

@@ -10,6 +10,6 @@
 	<p>Please click the following link to verify your email address within <b>{{.ResetPwdCodeLives}} hours</b>:</p>
 	<p><a href="{{AppURL}}user/reset_password?code={{.Code}}">{{AppURL}}user/reset_password?code={{.Code}}</a></p>
 	<p>Not working? Try copying and pasting it to your browser.</p>
-	<p>© 2018 <a target="_blank" href="{{AppURL}}">{{AppName}}</a></p>
+	<p>© 2018 <a target="_blank" rel="noopener noreferrer" href="{{AppURL}}">{{AppName}}</a></p>
 </body>
 </html>

+ 1 - 1
templates/org/home.tmpl

@@ -12,7 +12,7 @@
 					{{if .Org.Description}}<p class="desc">{{.Org.Description}}</p>{{end}}
 					<div class="text grey meta">
 						{{if .Org.Location}}<div class="item"><span class="octicon octicon-location"></span> <span>{{.Org.Location}}</span></div>{{end}}
-						{{if .Org.Website}}<div class="item"><span class="octicon octicon-link"></span> <a target="_blank" href="{{.Org.Website}}">{{.Org.Website}}</a></div>{{end}}
+						{{if .Org.Website}}<div class="item"><span class="octicon octicon-link"></span> <a target="_blank" rel="noopener noreferrer" href="{{.Org.Website}}">{{.Org.Website}}</a></div>{{end}}
 					</div>
 				</div>
 

+ 1 - 1
templates/repo/create.tmpl

@@ -85,7 +85,7 @@
 					</div>
 
 					<div class="inline field">
-						<label>{{.i18n.Tr "repo.readme"}} <a target="_blank" href="https://github.com/gogits/go-gogs-client/wiki/Repositories#litte-notes-on-readme-template"><span class="octicon octicon-question"></span></a></label>
+						<label>{{.i18n.Tr "repo.readme"}} <a target="_blank" rel="noopener noreferrer" href="https://github.com/gogits/go-gogs-client/wiki/Repositories#litte-notes-on-readme-template"><span class="octicon octicon-question"></span></a></label>
 						<div class="ui selection dropdown">
 							<input type="hidden" name="readme" value="{{.readme}}">
 							<div class="default text">{{.i18n.Tr "repo.readme_helper"}}</div>

+ 1 - 1
templates/repo/header.tmpl

@@ -14,7 +14,7 @@
 						<a href="{{AppSubURL}}/{{.Owner.Name}}">{{.Owner.Name}}</a>
 						<div class="divider"> / </div>
 						<a href="{{$.RepoLink}}">{{.Name}}</a>
-						{{if .IsMirror}}<div class="fork-flag">{{$.i18n.Tr "repo.mirror_from"}} <a target="_blank" href="{{$.Mirror.Address}}">{{$.Mirror.Address}}</a></div>{{end}}
+						{{if .IsMirror}}<div class="fork-flag">{{$.i18n.Tr "repo.mirror_from"}} <a target="_blank" rel="noopener noreferrer" href="{{$.Mirror.Address}}">{{$.Mirror.Address}}</a></div>{{end}}
 						{{if .IsFork}}<div class="fork-flag">{{$.i18n.Tr "repo.forked_from"}} <a href="{{.BaseRepo.Link}}">{{SubStr .BaseRepo.RelLink 1 -1}}</a></div>{{end}}
 					</div>
 

+ 1 - 1
templates/repo/issue/labels.tmpl

@@ -43,7 +43,7 @@
 						<div class="ui attached left aligned segment">
 							<h4 class="ui header">
 								{{.i18n.Tr "repo.issues.label_templates.title"}}
-								<a target="_blank"
+								<a target="_blank" rel="noopener noreferrer"
 								   href="https://discuss.gogs.io/t/how-to-use-predefined-label-templates/599">
 									<span class="octicon octicon-question"></span>
 								</a>

+ 2 - 2
templates/repo/issue/view_content.tmpl

@@ -41,7 +41,7 @@
 						<div class="ui bottom attached segment">
 							<div class="ui small images">
 								{{range .Issue.Attachments}}
-									<a target="_blank" href="{{AppSubURL}}/attachments/{{.UUID}}">
+									<a target="_blank" rel="noopener noreferrer" href="{{AppSubURL}}/attachments/{{.UUID}}">
 										{{if FilenameIsImage .Name}}
 											<img class="ui image" src="{{AppSubURL}}/attachments/{{.UUID}}" title='{{$.i18n.Tr "repo.issues.attachment.open_tab" .Name}}'>
 										{{else}}
@@ -102,7 +102,7 @@
 								<div class="ui bottom attached segment">
 									<div class="ui small images">
 										{{range .Attachments}}
-											<a target="_blank" href="{{AppSubURL}}/attachments/{{.UUID}}">
+											<a target="_blank" rel="noopener noreferrer" href="{{AppSubURL}}/attachments/{{.UUID}}">
 												{{if FilenameIsImage .Name}}
 													<img class="ui image" src="{{AppSubURL}}/attachments/{{.UUID}}" title='{{$.i18n.Tr "repo.issues.attachment.open_tab" .Name}}'>
 												{{else}}

+ 1 - 1
templates/repo/release/new.tmpl

@@ -55,7 +55,7 @@
 								{{range .attachments}}
 									<tr>
 										<td>
-											<a target="_blank" href="{{AppSubURL}}/attachments/{{.UUID}}" rel="nofollow">{{.Name}}</a>
+											<a target="_blank" rel="noopener noreferrer" href="{{AppSubURL}}/attachments/{{.UUID}}" rel="nofollow">{{.Name}}</a>
 											<a class="ui text red right delete-attachment-button" href="#"><i class="octicon octicon-x" data-uuid="{{.UUID}}"></i></a>
 											<input name="files" type="hidden" value="{{.UUID}}">
 										</td>

+ 1 - 1
templates/repo/user_cards.tmpl

@@ -12,7 +12,7 @@
 
 				<div class="meta">
 					{{if .Website}}
-						<span class="octicon octicon-link"></span> <a href="{{.Website}}" target="_blank">{{.Website}}</a>
+						<span class="octicon octicon-link"></span> <a href="{{.Website}}" target="_blank" rel="noopener noreferrer">{{.Website}}</a>
 					{{else if .Location}}
 						<span class="octicon octicon-location"></span> {{.Location}}
 					{{else}}

+ 1 - 1
templates/user/profile.tmpl

@@ -31,7 +31,7 @@
 							{{if .Owner.Website}}
 								<li>
 									<i class="octicon octicon-link"></i>
-									<a target="_blank" href="{{.Owner.Website}}">{{.Owner.Website}}</a>
+									<a target="_blank" rel="noopener noreferrer" href="{{.Owner.Website}}">{{.Owner.Website}}</a>
 								</li>
 							{{end}}
 							<li><i class="octicon octicon-clock"></i> {{.i18n.Tr "user.join_on"}} {{DateFmtShort .Owner.Created}}</li>