From 990d7bfa1efe93af21f8ea50fe3717879eb1a32b Mon Sep 17 00:00:00 2001 From: Deimos Date: Sun, 9 Dec 2018 14:59:23 -0700 Subject: [PATCH] Add rel="noopener" to links with target="_blank" When a user enables one of the user settings that causes external links to open in new tabs, we should be adding rel="noopener" to the links as well, for security reasons: https://mathiasbynens.github.io/rel-noopener/ --- tildes/static/js/behaviors/external-links-new-tabs.js | 1 + tildes/tildes/templates/macros/topics.jinja2 | 5 ++++- tildes/tildes/templates/topic.jinja2 | 5 ++++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/tildes/static/js/behaviors/external-links-new-tabs.js b/tildes/static/js/behaviors/external-links-new-tabs.js index fc3c58d..48f03a9 100644 --- a/tildes/static/js/behaviors/external-links-new-tabs.js +++ b/tildes/static/js/behaviors/external-links-new-tabs.js @@ -6,6 +6,7 @@ $.onmount('[data-js-external-links-new-tabs]', function() { $(this).find('a').each(function() { if (this.host !== window.location.host) { $(this).attr('target', '_blank'); + $(this).attr('rel', 'noopener'); } }); }); diff --git a/tildes/tildes/templates/macros/topics.jinja2 b/tildes/tildes/templates/macros/topics.jinja2 index 49a348f..47d773f 100644 --- a/tildes/tildes/templates/macros/topics.jinja2 +++ b/tildes/tildes/templates/macros/topics.jinja2 @@ -21,7 +21,10 @@ {% elif topic.is_link_type %} {{ topic.title }} {% endif %} diff --git a/tildes/tildes/templates/topic.jinja2 b/tildes/tildes/templates/topic.jinja2 index 9d979b3..c2b81c8 100644 --- a/tildes/tildes/templates/topic.jinja2 +++ b/tildes/tildes/templates/topic.jinja2 @@ -53,7 +53,10 @@
{{ topic.link }}