Fix the security of cross-origin destinations link.

cotes2020 · cotes2020 · commit 2af77c011ab7 · 2020-10-27T05:32:33.000+08:00
diff --git a/_data/meta.yml b/_data/meta.yml
@@ -1,2 +1,3 @@
 name: Chirpy
 version: v2.5.1
+homepage: https://github.com/cotes2020/jekyll-theme-chirpy/
diff --git a/_includes/footer.html b/_includes/footer.html
@@ -22,9 +22,9 @@
     <div class="footer-right">
       <p class="mb-0">
         Powered by
-        <a href="https://jekyllrb.com" target="_blank">Jekyll</a>
+        <a href="https://jekyllrb.com" target="_blank" rel="noopener">Jekyll</a>
         with
-        <a href="https://github.com/cotes2020/jekyll-theme-chirpy/">Chirpy</a>
+        <a href="{{ site.data.meta.homepage }}" target="_blank" rel="noopener">{{ site.data.meta.name }}</a>
         theme.
       </p>
     </div>
diff --git a/_includes/post-sharing.html b/_includes/post-sharing.html
@@ -16,7 +16,7 @@
     {% for share in site.data.share.platforms %}
       {% assign link = share.link | replace: 'TITLE', title | replace: 'URL', url %}
         <a href="{{ link }}" data-toggle="tooltip" data-placement="top"
-          title="{{ share.type }}" target="_blank">
+          title="{{ share.type }}" target="_blank" rel="noopener">
           <i class="fa-fw {{ share.icon }}"></i>
         </a>
     {% endfor %}
@@ -25,4 +25,4 @@
         data-toggle="tooltip" data-placement="top" title="Copy link"></i>
 
   </span>
-</div>
+</div>
diff --git a/_includes/sidebar.html b/_includes/sidebar.html
@@ -81,7 +81,7 @@
     {% endcapture %}
 
     {% if url != '' %}
-    <a href="{{ url }}" {% unless entry.noblank %}target="_blank"{% endunless %}>
+    <a href="{{ url }}" {% unless entry.noblank %}target="_blank" rel="noopener"{% endunless %}>
       <i class="{{ entry.icon }}"></i>
     </a>
     {% endif %}

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`name: Chirpy`
`2`	`2`	`version: v2.5.1`
	`3`	`+homepage: https://github.com/cotes2020/jekyll-theme-chirpy/`