Skip to content
This repository has been archived by the owner on Dec 22, 2022. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
Reverse Tabnabbing
When opening a link in a new tab without setting rel: "noopener noreferrer", the new tab can control the parent tab's location. For example, an attacker could redirect to a phishing page.
  • Loading branch information
pgwillia committed Jan 4, 2022
1 parent 1683f14 commit abe9f57
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion app/views/bookmarks/_refworks.html.erb
@@ -1,5 +1,10 @@
<% if @document_list.any? {|d| d.exports_as? :refworks_marc_txt } %>
<li class="refworks">
<%= link_to t('blacklight.tools.refworks'), refworks_export_url(url: bookmarks_export_url(:refworks_marc_txt, search_state.params_for_search)), :class => "btn btn-default", :id => "refworksLink", :target => "_blank" %>
<%= link_to t('blacklight.tools.refworks'),
refworks_export_url(url: bookmarks_export_url(:refworks_marc_txt, search_state.params_for_search)),
class: "btn btn-default",
id: "refworksLink",
rel: 'noopener noreferrer',
target: "_blank" %>
</li>
<% end %>

0 comments on commit abe9f57

Please sign in to comment.