Skip to content

Commit

Permalink
fix(security): use rel=noopener on links
Browse files Browse the repository at this point in the history 
cf https://sonarcloud.io/project/security_hotspots?id=openwhyd_openwhyd&sinceLeakPeriod=true&tab=code
  • Loading branch information
@adrienjoly
adrienjoly committed Oct 29, 2023
1 parent 535412c commit fe64ced
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 7 deletions.
2 changes: 2 additions & 0 deletions app/templates/sideBox-maintenance.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,14 @@ <h2>πŸ˜“ Issues with YouTube API</h2>
<a
href="https://www.facebook.com/openwhyd"
target="_blank"
rel="noopener"
class="no-ajaxy"
>on Facebook</a
>
<a
href="https://github.com/openwhyd/openwhyd/issues/262"
target="_blank"
rel="noopener"
class="no-ajaxy"
>on GitHub</a
>
Expand Down
3 changes: 2 additions & 1 deletion app/templates/sideBox.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,11 @@ <h2>⚠️ User accounts will evolve soon</h2>
download="my-openwhyd-tracks.json"
href="/me?format=json&limit=999999"
target="_blank"
rel="noopener"
class="no-ajaxy"
>πŸ’Ύ &nbsp; Backup your tracks</a
>
<a href="/settings" target="_blank" class="no-ajaxy"
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"
>πŸ“§ &nbsp; Update your email address</a
>
</div>
Expand Down
18 changes: 12 additions & 6 deletions test/approval/routes/snapshots/routes.approval.tests.js.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,10 +189,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down Expand Up @@ -2570,10 +2571,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down Expand Up @@ -5353,10 +5355,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down Expand Up @@ -23072,10 +23075,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down Expand Up @@ -25450,10 +25454,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down Expand Up @@ -28237,10 +28242,11 @@ Generated by [AVA](https://avajs.dev).
download="my-openwhyd-tracks.json"␊
href="/me?format=json&limit=999999"␊
target="_blank"␊
rel="noopener"␊
class="no-ajaxy"␊
>πŸ’Ύ &nbsp; Backup your tracks</a␊
>␊
<a href="/settings" target="_blank" class="no-ajaxy"␊
<a href="/settings" target="_blank" rel="noopener" class="no-ajaxy"␊
>πŸ“§ &nbsp; Update your email address</a␊
>␊
</div>␊
Expand Down
Binary file modified test/approval/routes/snapshots/routes.approval.tests.js.snap
View file
Binary file not shown.

0 comments on commit fe64ced

Please sign in to comment.