Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-14 09:16:02 +01:00
Code Issues Packages Projects Releases Activity

Add rel="noopener" to all external links with a target attribute (#37713).

Browse Source 
Patch by Jens Krämer.


git-svn-id: https://svn.redmine.org/redmine/trunk@21849 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Marius Balteanu
2022-09-26 22:34:44 +00:00
parent f733508d8a
commit 0bb977cb41
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/redmine/wiki_formatting/common_mark/external_links_filter.rb
View File

@@ -43,6 +43,12 @@ module Redmine
klass,
(scheme == "mailto" ? "email" : "external")
].compact.join " "
if node["target"].present? && scheme != "mailto"
rel = node["rel"]&.split || []
rel << "noopener"
node["rel"] = rel.join(" ")
end
end
doc
end

5
test/unit/lib/redmine/wiki_formatting/common_mark/external_links_filter_test.rb
View File

@@ -50,5 +50,10 @@ if Object.const_defined?(:CommonMarker)
filter(%(<a href="http://example.com/foo#bar#">Malformed URI</a>))
end
end
def test_external_links_with_target_get_rel_noopener
assert_equal %(<a target="_blank" href="http://example.net/" class="external" rel="noopener">link</a>), filter(%(<a target="_blank" href="http://example.net/">link</a>))
assert_equal %(<a target="_blank" href="http://example.net/" rel="nofollow noopener" class="external">link</a>), filter(%(<a target="_blank" href="http://example.net/" rel="nofollow">link</a>))
end
end
end