Skip to content

Commit

Permalink
Merge pull request #1355 from tgfjt/feature/tabnabbing
Browse files Browse the repository at this point in the history 
add noopener & noreferrer into targetBlank
  • Loading branch information
@j0k3r
j0k3r committed Jul 27, 2017
2 parents 4ba4fff + ac5a6cb commit c619e75
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 0 deletions.
7 changes: 7 additions & 0 deletions dist/js/medium-editor.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -544,6 +544,9 @@ MediumEditor.extensions = {};
Util.moveTextRangeIntoElement(textNodes[0], textNodes[textNodes.length - 1], anchor);
anchor.setAttribute('href', href);
if (target) {
if (target === '_blank') {
anchor.setAttribute('rel', 'noopener noreferrer');
}
anchor.setAttribute('target', target);
}
return anchor;
Expand Down Expand Up @@ -989,12 +992,14 @@ MediumEditor.extensions = {};
var i, url = anchorUrl || false;
if (el.nodeName.toLowerCase() === 'a') {
el.target = '_blank';
el.rel = 'noopener noreferrer';
} else {
el = el.getElementsByTagName('a');

for (i = 0; i < el.length; i += 1) {
if (false === url || url === el[i].attributes.href.value) {
el[i].target = '_blank';
el[i].rel = 'noopener noreferrer';
}
}
}
Expand All @@ -1008,12 +1013,14 @@ MediumEditor.extensions = {};
var i;
if (el.nodeName.toLowerCase() === 'a') {
el.removeAttribute('target');
el.removeAttribute('rel');
} else {
el = el.getElementsByTagName('a');

for (i = 0; i < el.length; i += 1) {
if (anchorUrl === el[i].attributes.href.value) {
el[i].removeAttribute('target');
el[i].removeAttribute('rel');
}
}
}
Expand Down
3 changes: 3 additions & 0 deletions spec/anchor.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -592,6 +592,7 @@ describe('Anchor Button TestCase', function () {
link = editor.elements[0].querySelector('a');
expect(link).not.toBeNull();
expect(link.target).toBe('_blank');
expect(link.rel).toBe('noopener noreferrer');
});

it('should add target="_blank" when respective option is set to true', function () {
Expand All @@ -608,6 +609,7 @@ describe('Anchor Button TestCase', function () {
link = editor.elements[0].querySelector('a');
expect(link).not.toBeNull();
expect(link.target).toBe('_blank');
expect(link.rel).toBe('noopener noreferrer');
});

it('should create a button when user selects this option and presses enter', function () {
Expand Down Expand Up @@ -717,6 +719,7 @@ describe('Anchor Button TestCase', function () {
fireEvent(anchorExtension.getForm().querySelector('a.medium-editor-toolbar-save'), 'click');
link = editor.elements[0].querySelector('a');
expect(link.target).toBe('_blank');
expect(link.rel).toBe('noopener noreferrer');

selectElementContentsAndFire(editor.elements[0]);
anchorExtension.showForm('http://test.com');
Expand Down
7 changes: 7 additions & 0 deletions src/js/util.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,9 @@
Util.moveTextRangeIntoElement(textNodes[0], textNodes[textNodes.length - 1], anchor);
anchor.setAttribute('href', href);
if (target) {
if (target === '_blank') {
anchor.setAttribute('rel', 'noopener noreferrer');
}
anchor.setAttribute('target', target);
}
return anchor;
Expand Down Expand Up @@ -583,12 +586,14 @@
var i, url = anchorUrl || false;
if (el.nodeName.toLowerCase() === 'a') {
el.target = '_blank';
el.rel = 'noopener noreferrer';
} else {
el = el.getElementsByTagName('a');

for (i = 0; i < el.length; i += 1) {
if (false === url || url === el[i].attributes.href.value) {
el[i].target = '_blank';
el[i].rel = 'noopener noreferrer';
}
}
}
Expand All @@ -602,12 +607,14 @@
var i;
if (el.nodeName.toLowerCase() === 'a') {
el.removeAttribute('target');
el.removeAttribute('rel');
} else {
el = el.getElementsByTagName('a');

for (i = 0; i < el.length; i += 1) {
if (anchorUrl === el[i].attributes.href.value) {
el[i].removeAttribute('target');
el[i].removeAttribute('rel');
}
}
}
Expand Down

0 comments on commit c619e75

Please sign in to comment.