mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2026-05-07 03:25:55 +02:00
Enhance security by adding rel="noopener" to external links
- Updated multiple HTML templates to include rel="noopener" on links that open in a new tab, improving security by preventing potential reverse tabnabbing attacks. - This change affects various templates across the backup, base, file manager, mail server, and website functions sections.
This commit is contained in:
Master3395
@@ -4906,7 +4906,7 @@ app.controller('WPsiteHome', function ($scope, $http, $timeout, $compile, $windo
|
||||
|
||||
var FinalMarkup = '<tr>';
|
||||
FinalMarkup += '<td><a href="/websites/WPHome?ID=' + value.id + '">' + value.name + '</a></td>';
|
||||
FinalMarkup += '<td><a href="' + stagingUrl + '" target="_blank">' + stagingUrl + '</a></td>';
|
||||
FinalMarkup += '<td><a href="' + stagingUrl + '" target="_blank" rel="noopener">' + stagingUrl + '</a></td>';
|
||||
FinalMarkup += '<td>' + createdDate + '</td>';
|
||||
FinalMarkup += '<td>';
|
||||
FinalMarkup += '<button class="btn btn-sm btn-primary" onclick="DeployToProductionInitial(' + value.id + ')" data-toggle="modal" data-target="#DeployToProduction"><i class="fas fa-sync"></i> Sync to Production</button> ';
|
||||
@@ -8658,7 +8658,7 @@ app.controller('WPsiteHome', function ($scope, $http, $timeout, $compile, $windo
|
||||
|
||||
var FinalMarkup = '<tr>';
|
||||
FinalMarkup += '<td><a href="/websites/WPHome?ID=' + value.id + '">' + value.name + '</a></td>';
|
||||
FinalMarkup += '<td><a href="' + stagingUrl + '" target="_blank">' + stagingUrl + '</a></td>';
|
||||
FinalMarkup += '<td><a href="' + stagingUrl + '" target="_blank" rel="noopener">' + stagingUrl + '</a></td>';
|
||||
FinalMarkup += '<td>' + createdDate + '</td>';
|
||||
FinalMarkup += '<td>';
|
||||
FinalMarkup += '<button class="btn btn-sm btn-primary" onclick="DeployToProductionInitial(' + value.id + ')" data-toggle="modal" data-target="#DeployToProduction"><i class="fas fa-sync"></i> Sync to Production</button> ';
|
||||
|
||||
@@ -617,18 +617,18 @@
|
||||
<div class="domain-card">
|
||||
<div class="domain-header">
|
||||
<div class="domain-info">
|
||||
<a href="http://{$ web.domain $}" target="_blank" class="domain-name">
|
||||
<a href="http://{$ web.domain $}" target="_blank" rel="noopener" class="domain-name">
|
||||
{$ web.domain $}
|
||||
</a>
|
||||
<div class="master-domain">
|
||||
<i class="fas fa-folder"></i>
|
||||
Master Domain: {$ web.masterDomain $} •
|
||||
<a target="_blank" href="/filemanager/{$ web.masterDomain $}">
|
||||
<a target="_blank" rel="noopener" href="/filemanager/{$ web.masterDomain $}">
|
||||
<i class="fas fa-folder-open"></i> File Manager
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
<a href="/websites/{$ web.masterDomain $}/{$ web.domain $}" target="_blank"
|
||||
<a href="/websites/{$ web.masterDomain $}/{$ web.domain $}" target="_blank" rel="noopener"
|
||||
class="manage-btn">
|
||||
<i class="fas fa-cog"></i>
|
||||
{% trans "Manage" %}
|
||||
|
||||
@@ -494,7 +494,7 @@
|
||||
<h2>
|
||||
<i class="fas fa-clock" style="margin-right: 10px;"></i>
|
||||
{% trans "Cron Management" %}
|
||||
<a target="_blank" href="https://cyberpanel.net/KnowledgeBase/home/cron-jobs/" class="btn btn-link">
|
||||
<a target="_blank" rel="noopener" href="https://cyberpanel.net/KnowledgeBase/home/cron-jobs/" class="btn btn-link">
|
||||
<i class="fas fa-book"></i>
|
||||
{% trans "Cron Docs" %}
|
||||
</a>
|
||||
|
||||
@@ -753,7 +753,7 @@
|
||||
class="website-screenshot"
|
||||
onerror="this.onerror=null; this.src='{% static 'baseTemplate/assets/image-resources/webPanel.png' %}';">
|
||||
<div class="screenshot-actions">
|
||||
<a href="http://{$ web.domain $}" target="_blank" class="btn btn-outline btn-sm">
|
||||
<a href="http://{$ web.domain $}" target="_blank" rel="noopener" class="btn btn-outline btn-sm">
|
||||
Visit Site
|
||||
</a>
|
||||
<a ng-click="issueSSL(web.domain)" href="javascript:void(0);" class="btn btn-primary btn-sm">
|
||||
@@ -817,7 +817,7 @@
|
||||
<a href="javascript:void(0);" ng-click="visitSite(wp)" class="btn btn-outline btn-sm wp-action-btn">
|
||||
Visit Site
|
||||
</a>
|
||||
<a href="{% url 'AutoLogin' %}?id={$ wp.id $}" target="_blank" class="btn btn-primary btn-sm wp-action-btn">
|
||||
<a href="{% url 'AutoLogin' %}?id={$ wp.id $}" target="_blank" rel="noopener" class="btn btn-primary btn-sm wp-action-btn">
|
||||
WP Admin
|
||||
</a>
|
||||
</div>
|
||||
|
||||
@@ -560,7 +560,7 @@
|
||||
<h2>
|
||||
<i class="fab fa-git-alt" style="margin-right: 10px;"></i>
|
||||
{% trans "Manage GIT" %}
|
||||
<a target="_blank" href="https://cyberpanel.net/KnowledgeBase/home/website-management/" class="btn btn-link">
|
||||
<a target="_blank" rel="noopener" href="https://cyberpanel.net/KnowledgeBase/home/website-management/" class="btn btn-link">
|
||||
<i class="fas fa-book"></i>
|
||||
{% trans "Git Docs" %}
|
||||
</a>
|
||||
|
||||
@@ -529,7 +529,7 @@
|
||||
<div>
|
||||
<strong>{% trans "Notice:" %}</strong> {% trans "You are accessing CyberPanel via an IP address." %}<br>
|
||||
{% trans "The Web Terminal will not work when accessed via IP. Please issue a hostname SSL and access the panel using your hostname (with valid SSL) to enable the terminal." %}<br>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" class="btn btn-warning" style="margin-top:10px;">
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" rel="noopener" class="btn btn-warning" style="margin-top:10px;">
|
||||
<i class="fas fa-lock"></i>
|
||||
{% trans "Issue Hostname SSL" %}
|
||||
</a>
|
||||
@@ -543,7 +543,7 @@
|
||||
<div>
|
||||
<strong>{% trans "Warning:" %}</strong> {% trans "Your server is using a self-signed SSL certificate for the web terminal." %}<br>
|
||||
{% trans "For security and browser compatibility, please issue a valid hostname SSL certificate." %}<br>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" class="btn btn-warning" style="margin-top:10px;">
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" rel="noopener" class="btn btn-warning" style="margin-top:10px;">
|
||||
<i class="fas fa-lock"></i>
|
||||
{% trans "Issue SSL Now" %}
|
||||
</a>
|
||||
@@ -556,7 +556,7 @@
|
||||
{% trans "SSH Configuration" %}
|
||||
<img ng-hide="wpInstallLoading" src="{% static 'images/loading.gif' %}" style="display: none;" id="wpInstallLoading">
|
||||
</h3>
|
||||
<a target="_blank" href="https://cyberpanel.net/KnowledgeBase/home/ssh-manager-cyberpanel/" class="btn btn-link">
|
||||
<a target="_blank" rel="noopener" href="https://cyberpanel.net/KnowledgeBase/home/ssh-manager-cyberpanel/" class="btn btn-link">
|
||||
<i class="fas fa-book"></i>
|
||||
{% trans "SFTP Docs" %}
|
||||
</a>
|
||||
@@ -671,7 +671,7 @@
|
||||
<i class="fas fa-info-circle" style="font-size: 20px;"></i>
|
||||
<div>
|
||||
<strong>{% trans "This feature requires the CyberPanel Add-ons bundle." %}</strong><br>
|
||||
<a href="https://cyberpanel.net/cyberpanel-addons" target="_blank" style="color: var(--primary-color); text-decoration: underline; font-weight: 600;">
|
||||
<a href="https://cyberpanel.net/cyberpanel-addons" target="_blank" rel="noopener" style="color: var(--primary-color); text-decoration: underline; font-weight: 600;">
|
||||
{% trans "Learn more & upgrade" %}
|
||||
</a>
|
||||
</div>
|
||||
|
||||
@@ -1299,7 +1299,7 @@
|
||||
{% trans "Manage your website with powerful tools and real-time monitoring" %}
|
||||
</p>
|
||||
<div class="hero-actions">
|
||||
<a target="_blank" href="{$ previewUrl $}" class="hero-btn primary">
|
||||
<a target="_blank" rel="noopener" href="{$ previewUrl $}" class="hero-btn primary">
|
||||
<i class="fas fa-external-link-alt"></i>
|
||||
{% trans "Preview Website" %}
|
||||
</a>
|
||||
@@ -1317,7 +1317,7 @@
|
||||
<div class="alert alert-danger ssh-access-warning">
|
||||
<strong>Notice:</strong> You are accessing CyberPanel via an <b>IP address</b>.<br>
|
||||
The Web Terminal will not work when accessed via IP. Please issue a <b>hostname SSL</b> and access the panel using your hostname (with valid SSL) to enable the terminal.<br>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" class="btn btn-warning" style="margin-top:10px;">Issue Hostname SSL</a>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" rel="noopener" class="btn btn-warning" style="margin-top:10px;">Issue Hostname SSL</a>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
@@ -1341,13 +1341,13 @@
|
||||
<div class="alert alert-warning" style="margin-bottom:18px;">
|
||||
<strong>Warning:</strong> Your server is using a <b>self-signed SSL certificate</b> for the web terminal.<br>
|
||||
For security and browser compatibility, please issue a valid hostname SSL certificate.<br>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" class="btn btn-warning" style="margin-top:10px;">Issue SSL Now</a>
|
||||
<a href="{{ ssl_issue_link }}" target="_blank" rel="noopener" class="btn btn-warning" style="margin-top:10px;">Issue SSL Now</a>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if not has_addons %}
|
||||
<div style="background: var(--warning-bg, #fff3cd); color: var(--warning-text, #856404); border: 1px solid var(--warning-border, #ffeeba); border-radius: 8px; padding: 18px; margin-bottom: 18px; text-align: center;">
|
||||
<strong>This feature requires the CyberPanel Add-ons bundle.</strong><br>
|
||||
<a href="https://cyberpanel.net/cyberpanel-addons" target="_blank" style="color: #2563eb; text-decoration: underline; font-weight: 600;">Learn more & upgrade</a>
|
||||
<a href="https://cyberpanel.net/cyberpanel-addons" target="_blank" rel="noopener" style="color: #2563eb; text-decoration: underline; font-weight: 600;">Learn more & upgrade</a>
|
||||
</div>
|
||||
<div style="position: relative; width: 100%; height: 400px;">
|
||||
<div id="xterm-container" style="width:100%;height:400px;background:var(--terminal-bg, #000);"></div>
|
||||
|
||||
Reference in New Issue
Block a user